See where you stand in 72 hours
See exactly what you have — and what's missing — before you spend on compliance. One system. 72 hours. A review-ready evidence pack you can take to your board, auditor, or advisor.
If you cannot produce this evidence today, you are not ready for review.
Defined scope confirmed before work begins. No surprises.
EU AI Act enforcement begins August 2, 2026, with evolving timelines under current regulatory proposals. Most organisations remain unprepared for structured evidence requirements.
Before committing to consultants, governance platforms, or internal build work, most teams need one thing first: a bounded, credible answer they can review quickly.
That is what AnnexLayer delivers. One AI system. Defined inputs. Structured output. 72 hours. It is not consulting. It is not certification. It is not legal advice.
Board or leadership asks where the organisation stands
Procurement or vendor-risk review demands AI governance evidence
Internal audit asks for structured documentation
External advisor or legal team needs a bounded starting position
Timelines compress before anyone knows the size of the problem
A released, human-reviewed evidence state for one AI system. One report for governance review. One payload for system ingestion. One release gate before anything moves forward.
These are the gaps auditors, regulators, and governance teams will see first.
| Annex IV Field | Status | Extracted Value | Action |
|---|---|---|---|
| System Name | DOCUMENTED | [AI System Name] | — |
| Bias Testing | DOCUMENTED | Algorithms tested for protected characteristics | — |
| Intended Purpose | DOCUMENTED | [Intended purpose as stated by vendor] | — |
| Human Oversight | DOCUMENTED | [Oversight mechanism description] | — |
| Risk Classification | NOT DOCUMENTED | No evidence in source documentation | Remediate |
| Training Data Sources | NOT DOCUMENTED | No evidence in source documentation | Remediate |
| Data Retention Period | NOT DOCUMENTED | — | Remediate |
Every engagement ends here. Either the evidence is documented — or the gaps are surfaced. Both outcomes move you forward.
All identifying data anonymised. Structure reflects real engagement output.
Most teams delay because every option looks like a large commitment. Start with one system, see the gaps, and then decide what to do next.
Defined-scope evidence workflow for one AI system. Shows what is documented, what is missing, and what needs remediation — before you commit to anything bigger.
Scope is confirmed before work begins. No surprises. No open-ended commitment.
Put a bounded, reviewable answer in front of your board or governance lead.
Bring structured evidence into consultant or legal conversations instead of starting from uncertainty.
Use identified gaps to prepare for internal review or external readiness work.
Determine whether internal remediation or platform spend is justified based on clear evidence.
Move from one system to wider coverage only after the first evidence state is visible.
The purpose is to show exactly what is documented, what is missing, and where visibility ends.
No output is released without human review. Reviewer actions, timestamps, and corrections are recorded before release.
Structured traceability, release markers, and records aligned to Article 26 logging and retention workflows.
Outputs are prepared for both governance review and downstream system ingestion.
No client data is used for AI model training. Processing is configured with explicit training opt-outs and controlled data handling.
Most teams don't yet know the size of the gap. This gives a bounded answer first, before larger spend is committed.
A human-readable evidence report and a machine-readable JSON evidence pack for one defined AI system, with human-reviewed release and audit trace.
Which fields carry documented evidence, which return nothing, and where remediation is required — in a structured format you can review and share.
One distinct AI application, model, or workflow with a defined intended purpose. Scope is confirmed before work begins.
It is the first step. A defensible evidence position you can use before internal audit, advisor engagement, or wider programme decisions.
Start with one. Understand the shape of the problem before deciding whether broader scope is justified.
Internal teams know documentation exists but can't see the evidence state clearly. AnnexLayer compresses that discovery into a bounded deliverable.
No. AnnexLayer prepares structured evidence outputs to support internal review, procurement, audit preparation, and advisory workflows.
Regulatory Notice. AnnexLayer provides structured evidence outputs derived from client-supplied documentation and publicly available information sources. Such outputs are prepared to support governance review, procurement evaluation, evidential preparation, and pre-audit decision-making workflows.
Service Limitation. AnnexLayer does not provide legal advice, regulatory interpretation, notified body services, conformity assessments, or any formal determination of compliance under the EU AI Act or any other regulatory framework.
Responsibility Allocation. Responsibility for regulatory compliance, documentation accuracy, implementation decisions, and deployment controls remains solely with the deploying organisation and its appropriately qualified advisors.