ar.io
EU AI Act Compliance

Verifiable records for EU AI Act high-risk AI.

The Act demands provable records across the AI lifecycle: event logs and conformity documentation, training-data provenance, and marked AI outputs. ar.io anchors them to permanent storage, so regulators verify without trusting the vendor that holds them.

Book a demo
See the articles
Continuous·Self-authenticating·Audit-ready
Key dates & thresholdsEU AI Act
  • Annex III standalone
    2 Dec 2027
    Deferred from 2 Aug 2026
  • Annex I embedded
    2 Aug 2028
    AI inside regulated products
  • Article 18 retention
    10 years
    From placement on the market
  • Article 19 logs
    6 months
    Minimum retention
  • Article 99 penalty
    €15M / 3%
    Worldwide turnover, whichever higher

Deferrals from the 2026 Digital Omnibus on AI provisional agreement, subject to formal adoption.

01 — At a glance

What the EU AI Act requires, in one block.

The EU AI Act requires providers and deployers of high-risk AI systems to keep technical documentation (Article 11 with Annex IV), automatic event logs over the system's lifetime (Article 12), retained logs for at least 6 months (Article 19), and conformity records available to national authorities for 10 years after the system is placed on the market (Article 18). It also requires documented data governance (Article 10) and machine-readable marking of AI-generated content (Article 50). Non-compliance fines reach €15 million or 3% of worldwide annual turnover (Article 99).

02 — What's actually required

The articles that define the provenance problem.

Articles 11, 12, 18, and 19 are the core record-keeping obligations on providers and deployers of high-risk AI systems. Article 10 adds data governance, Article 50 adds content transparency, and Articles 26 and 99 bracket them with deployer duties and the penalty regime.

Article11

Technical documentation

Drawn up before the system is placed on the market and kept up to date over its lifetime.

What the evidence looks like

A 9-section Annex IV technical file: system description, development process, monitoring and control, performance metric justification, risk management, lifecycle changes, applied standards, the EU Declaration of Conformity, and the post-market monitoring plan.

Article12

Event logging

High-risk AI systems must technically allow automatic recording of events throughout their lifetime.

What the evidence looks like

Machine-generated logs with sufficient detail to identify risk situations and support post-market monitoring.

Article18

Record retention

Provider must keep technical documentation, QMS records, and the Declaration of Conformity available to national authorities for 10 years.

What the evidence looks like

A 10-year, tamper-evident, regulator-presentable record set.

Article19

Log retention

Provider and deployer must retain automatically generated logs for at least 6 months, unless other Union or national law sets a different period.

What the evidence looks like

A 6-month minimum log archive, typically longer in regulated sectors.

Article10

Data governance

Training, validation, and testing data must meet quality and governance criteria, with documented sources and provenance.

What the evidence looks like

Data-provenance and lineage records proving where datasets came from and that they have not changed since.

Article50

Content transparency

Providers must mark AI-generated or manipulated content (deepfakes, synthetic media) in a machine-readable form.

What the evidence looks like

C2PA Content Credentials anchored to permanent storage, so an output's provenance is durable and independently verifiable.

Article26

Deployer duties

Deployers must use high-risk systems according to instructions, keep logs under their control, and inform providers of serious incidents.

What the evidence looks like

Logs the deployer can demonstrate are under their effective control.

Article99

Penalties

Up to €35M / 7% worldwide turnover for prohibited practices. €15M / 3% for high-risk non-compliance. €7.5M / 1% for incorrect information to authorities.

What the evidence looks like

This is the downside, not an evidence requirement.

03 — How ar.io solves it

Proof without access, in five steps.

Cryptographic fingerprints of your AI artefacts are generated inside your environment and anchored to permanent storage. The underlying data never leaves your perimeter. Only the fingerprint and timestamp are anchored. The architecture is called proof without access.

  1. 01

    Capture

    An MLflow plugin or REST client hashes the artefact (training data, model checkpoint, inference I/O, content credentials) inside your environment.

  2. 02

    Sign

    The fingerprint is signed with your private key, authenticating the commitment.

  3. 03

    Anchor

    The signed fingerprint is written to Arweave through the ar.io gateway network. Records cannot be silently altered without leaving evidence.

  4. 04

    Bundle

    The audit-record bundle (artefacts, hashes, timestamps, chain of custody) exports in formats designed for notified-body review.

  5. 05

    Verify

    A regulator or auditor compares fresh fingerprints to anchored ones using only your artefact and the public record. No vendor cooperation required.

What this satisfies

The articles where record integrity and provenance decide compliance.

  • Article11
    Annex IV technical file kept tamper-evident from drafting onward.
  • Article12
    Automatic event logs anchored as they are generated.
  • Article18
    10-year retention satisfied by permanent storage, not vendor SaaS.
  • Article19
    6-month log retention exceeded by default; logs are permanent.
  • Article10
    Dataset lineage and integrity anchored alongside the model.
  • Article50
    Content credentials for AI outputs anchored as they are generated.

The architecture meets the three properties auditors test for: existence at the time, tamper-evidence, and self-authentication.

04 — FAQ

Frequently asked questions.

01What is the EU AI Act and when does it take effect?
The EU AI Act (Regulation 2024/1689) is the European Union's comprehensive regulation on artificial intelligence, in force since 1 August 2024 with staggered application dates. Prohibited-practice rules applied from 2 February 2025; general-purpose AI obligations from 2 August 2025. High-risk AI obligations under Annex III were originally set to apply from 2 August 2026; under the 2026-05-07 Digital Omnibus on AI provisional agreement, application for new and substantially-modified Annex III standalone systems is deferred to 2 December 2027, and Annex I embedded systems to 2 August 2028. Both are subject to formal adoption.
02What are the requirements for high-risk AI systems under the EU AI Act?
High-risk AI providers must establish a risk-management system (Article 9), apply data-governance practices (Article 10), prepare Annex IV technical documentation (Article 11), build in automatic event logging (Article 12), ensure transparency and human oversight (Articles 13 and 14), meet accuracy, robustness, and cybersecurity thresholds (Article 15), implement a quality management system (Article 17), keep records for 10 years after placement on the market (Article 18), preserve logs for at least 6 months (Article 19), undergo a conformity assessment, affix CE marking, register the system in the EU database, and operate a post-market monitoring system. Deployers have parallel obligations under Article 26.
03How do I comply with the EU AI Act for high-risk AI systems?
Compliance starts with classification: confirm whether your system meets the Annex III definition of high-risk or is embedded in an Annex I regulated product. From there, the work is mostly evidence-production. Build the Annex IV technical file (Article 11), instrument the system for automatic logging (Article 12), implement risk-management and quality-management processes (Articles 9 and 17), commission a conformity assessment from a notified body where required, register in the EU database, and stand up post-market monitoring. Cryptographic audit trails are one defensible way to meet the integrity and retention obligations under Articles 18 and 19, because they are self-authenticating: a regulator can verify the records without trusting the AI provider's internal database.
04What does the EU AI Act require for training data?
Article 10 requires that training, validation, and testing data for high-risk AI meet data-governance and quality criteria, including relevance, representativeness, and examination for bias, with documented data sources. Keeping tamper-evident provenance and lineage records lets a provider show which dataset trained a model and that it has not changed since, which is the evidence side of the Article 10 obligation.
05Does the EU AI Act require labeling AI-generated content?
Yes. Article 50 requires providers of AI that generates synthetic audio, image, video, or text to mark outputs as artificially generated or manipulated in a machine-readable format, and deployers of deepfakes to disclose them. The Act does not mandate a specific method. C2PA Content Credentials anchored to tamper-evident storage are one durable way to carry that marking with the content, so the provenance of an output stays verifiable over time.
06Will AI audit trails become a legal requirement?
For high-risk AI systems under the EU AI Act, they already are. Article 12 mandates the technical capability to log automatically; Article 19 mandates retention for at least 6 months. The Act does not prescribe a specific log substrate, which leaves the design open. The choice is between mutable database logs (operationally easy, harder to defend as evidence) and tamper-evident records (slightly harder to deploy, much easier to defend). Other regimes are converging on similar requirements: the NIST AI Risk Management Framework's measure and manage functions, ISO/IEC 42001, and upcoming NIS2 implementing rules all describe documented, reproducible evidence rather than asserted compliance.
07What are AI audit trail solutions for regulated industries in 2026?
The category splits into two layers. Governance and observability platforms (Credo AI, Holistic AI, WitnessAI, Fiddler AI, Arthur AI, IBM Watson OpenScale, Monitaur) handle policy workflows, risk assessment, and live monitoring on conventional database substrates. Audit-trail and integrity-anchor systems (ar.io, plus a smaller set of competitors) produce tamper-evident, regulator-presentable records on append-only or permanent storage. Most regulated programs run both, often by different teams in the same organisation.
08What penalties apply for non-compliance with the EU AI Act?
Article 99 sets three tiers: up to €35 million or 7% of worldwide annual turnover, whichever is higher, for prohibited practices under Article 5; up to €15 million or 3% for high-risk non-compliance and failure to meet obligations on conformity assessment, technical documentation, logging, transparency, or registration; up to €7.5 million or 1% for supplying incorrect, incomplete, or misleading information to authorities. SMEs and start-ups are subject to the same percentage thresholds but pay the lower of the percentage and the absolute amount.
09Does the Digital Omnibus on AI provisional agreement change the substantive obligations?
No. The provisional agreement reached on 7 May 2026 between the Council and the European Parliament defers the application dates and adds targeted simplifications. Annex III standalone high-risk obligations are deferred to 2 December 2027 for new and substantially-modified systems; Annex I embedded obligations to 2 August 2028. The agreement also adds a prohibition on AI systems generating non-consensual intimate imagery and child sexual abuse material, with a deadline of 2 December 2026. None of the substantive requirements on documentation, logging, or retention were watered down. Formal adoption is still pending.
Get started

Build records a regulator can verify without trusting you.

The deadline moved. The obligation didn't. Anchor your logs, data, and AI outputs to permanent storage, where a regulator can verify them independently, without trusting the vendor that holds them. Notified-body slots fill months in advance; start now.

Book a demo
Read proof without access