Blog

Check EU AI Act compliance in 3 minutes

The EU AI Act entered into force in 2024 and its obligations apply in phases. The prohibited-practices rules and AI-literacy duties applied first; the general-purpose AI model obligations followed; and the bulk of the high-risk system requirements phase in through 2026 and 2027. If you ship software that embeds AI, the question is not whether the Act applies but which obligations apply to which system, and by when.

What the phasing means in practice

  • Prohibited practices — already in force. Certain uses are banned outright.
  • General-purpose AI models — transparency and documentation duties are in effect for model providers.
  • High-risk systems — risk management, data governance, logging, and human oversight requirements phase in across 2026–2027.

The practical problem for engineering teams is mapping these obligations onto a real codebase: where does inference happen, what data flows in, what is logged, and what controls already exist.

Where a scan helps

OLYDI fingerprints your stack and surfaces the controls and gaps that map to these obligations — logging, data handling, and the boundaries around AI components — as findings you can triage in your Security tab. It does not certify you against the Act; it gives you a baseline read of where you stand so the compliance conversation starts from evidence rather than a blank page.

Get your baseline

npx @olydi/cli scan
# Scan complete. Findings written to SARIF.

Run the scan, review your findings, and decide what to clear first. Your scan is free; clearing findings at volume is paid on Valty tiers.


This article is general information about regulatory developments, not legal advice. Consult qualified counsel for your specific obligations.