AI Compliance · Urgent.

The AI Act is taking effect. Are you ready?

End-to-end legal and technical guidance. AI Act, DORA, GDPR, NIS2, CSSF. Free 30-minute assessment, no commitment.

Next AI Act deadline · High-risk systems · 2 August 2026

87Days
06Hours
37Minutes
06Seconds
View our offerings

Regulatory timeline.

The AI Act, milestone by milestone. Prepare now.

Aug 2024

Official publication

Regulation (EU) 2024/1689 published in the Official Journal.

Feb 2025

Prohibited practices (Art. 5)

Social scoring, cognitive manipulation, real-time biometrics: banned.

Aug 2025

GPAI and AI Literacy

Foundation models and AI literacy duty for all teams.

2 Aug 2026 · Urgent

High-risk systems

Annex III. Technical documentation, FRIA, human oversight, EU database.

Aug 2027

Full application

All high-risk systems listed in Annex I are covered.

Dedicated team.

A specialised team. Law + Tech.

I.

European digital law specialist

Expert in AI Act 2024/1689, DORA 2022/2554, GDPR 2016/679, NIS2 2022/2555. Luxembourg bar member.

II.

AI architects

Risk classification, Annex IV documentation, Fundamental Rights Impact Assessments (FRIA).

III.

Audit and compliance

Gap analysis, prioritised remediation plans, continuous monitoring. ISO 42001 aligned.

IV.

Sector experience

Regulated finance (CSSF), healthcare, human resources, B2B SaaS. Local authority knowledge.

Three engagement levels.

From audit to full compliance.

From initial diagnostic to full compliance, an offering adapted to your size, sector and risk level.

I.

Assessment

Understand your exposure.

Starting · 30 min free

  • Identification of AI systems in production
  • Preliminary risk-level evaluation
  • Mapping of applicable regulations
  • List of critical gaps to address
  • Summary report delivered within 48 hours
  • Prioritised recommendations
RecommendedII.

Compliance

Set up the full framework.

On quote · Co-funded Fit 4 AI 50 %

  • Full AI systems audit (provider and deployer)
  • Formal AI Act risk classification
  • Custom Annex IV documentation
  • Tailored DPA and DPIA (GDPR Art. 28 and 35)
  • FRIA for high-risk systems (Art. 27)
  • DORA framework for CSSF financial entities
  • NIS2 evaluation and remediation plan
  • Human oversight design (Art. 14)
  • AI Literacy programme for teams
  • CSSF / CNPD liaison if needed
Request a quote
III.

Monitoring

Track changes, month by month.

Monthly retainer · On quote

  • Regulatory watch on AI Act, DORA, GDPR, NIS2
  • Technical documentation updates
  • Periodic audits (quarterly or biannual)
  • Email + call support with dedicated consultant
  • Incident response plan (Art. 73)
  • Quarterly executive reporting
Learn more
Co-funded under Fit 4 AI at 50 %Learn more

Your journey.

From diagnostic to compliance, in five steps.

01

Free 30-minute assessment

Free

Initial call, no commitment. We look at your AI systems, your regulatory exposure, and we deliver a summary report.

02

Audit and gap analysis

Full mapping of your AI systems. Precise identification of gaps against AI Act, GDPR, DORA, NIS2.

03

Remediation plan

Roadmap prioritised by criticality, with milestones, owners, budgets and realistic deadlines.

04

Implementation

Documentation drafting, process setup, human oversight, team training.

05

Continuous monitoring

Regulatory watch, updates, periodic audits, incident plans. Compliance stays defensible.

Documents delivered.

Compliant documentation. Auditable. Defensible.

Risk Assessment (Art. 9)

Formal analysis required for high-risk systems.

Transparency Notice (Art. 50)

User information aligned with 2026 obligations.

System Card (Art. 11)

Full and current Annex IV technical documentation.

Instructions for Use (Art. 13)

Operating manual for end users.

Human Oversight (Art. 14)

Designed and defensible oversight protocol.

FRIA (Art. 27)

Fundamental Rights Impact Assessment.

DPA (GDPR Art. 28)

GDPR-compliant data processing agreement.

ICT Framework (DORA)

Full ICT framework for financial entities.

Sub-processor Register

Exhaustive mapping of the processing chain.

AI Literacy Programme (Art. 4)

Training for operational and executive teams.

Acceptable Use Policy (Art. 5)

Internal practice framework.

Incident Response Plan (Art. 73)

72-hour notification procedure.

0
Regulations covered
0+
Document templates
0 min
Free assessment

Frequently asked.

Everything you want to know before starting.

The 30-minute assessment is free, no commitment. A full compliance programme ranges from EUR 8,000 to 60,000 depending on the number of AI systems and criticality. The programme is co-funded under Fit 4 AI at 50 %, and the monthly monitoring retainer starts at EUR 1,200 / month.

An initial diagnostic takes 2 to 4 weeks. A standard Compliance programme spans 2 to 4 months. For CSSF entities with DORA and NIS2, plan 4 to 8 months. We address critical gaps first, then structural topics.

Yes, Easylab AI is referenced by Luxinnovation as an eligible provider under the Fit 4 AI programme. This means your compliance spend is co-funded up to 50 % for eligible Luxembourg SMEs.

Yes. Thirty minutes, no commitment, no sales deck. We look at your AI systems, your regulatory exposure, we deliver a summary report with our recommendations. If you decide to move forward, we sign a quote. Otherwise, you walk away with a clear view, that's it.

Regulated finance (banks, insurers, AIFMs, funds, under CSSF / CAA), healthcare (medical devices, e-health), human resources (AI recruitment, evaluation), B2B SaaS and software vendors. We avoid sectors where we lack the necessary expertise.

AI Act (Regulation EU 2024/1689), GDPR (Regulation EU 2016/679), DORA (Regulation EU 2022/2554) for the financial sector, NIS2 (Directive EU 2022/2555) for essential and important operators, plus the specific requirements of CSSF and CNPD in Luxembourg.

Our Monitoring offering includes an active regulatory watch. When a new requirement appears (delegated act, CSSF guideline, CJEU case law), we integrate it into your framework and update the documentation. You stay compliant without tracking changes yourself.

Regulatory compliance is never guaranteed at 100 %, it is an obligation of means. However, we guarantee the quality of the documentation produced, its alignment with current legal texts, and its defensibility under audit. Our methodology is aligned with ISO 42001 and NIST AI RMF.

Yes, this is common. We often work alongside in-place legal counsel: we bring AI technical expertise and detailed AI Act knowledge, your lawyer brings overall contractual and litigation vision. The pairing works very well.

Assessment: report within 48 hours after the call. Full audit: 3 to 6 weeks depending on AI estate size. Technical documentation: 4 to 12 weeks. Full programme with training: 3 to 6 months. Schedule is set together at quote stage.

Ready to start?

Your AI Act compliance starts now.

Thirty minutes. Free assessment. No sales deck, we look at your case directly.

Email us

See also.

Services

Full catalogue

All our AI services and consulting.

AI for finance

AI for finance

Banks, insurers, AIFMs.

Governance

AI governance

Ethical and operational framework.

Compliance Hub

Compliance hub

Continuous monitoring tools.

Fit 4 AI

Subsidy programmes

Luxinnovation 50 % co-funding.

Case studies

Delivered cases

Over thirty projects shipped.

Cookie Preferences

We use cookies to enhance your browsing experience and analyze our traffic. Please choose your preferences below.

Easylab.ai AI Assistant

Hello! I'm the specialized Easylab.ai AI assistant. I can only answer questions about our AI services, products, or artificial intelligence technology in general. How can I help you today?