EU AI Act compliance. AI risk register. Model inventory. Board-level AI oversight documentation. NIST AI RMF alignment. ISO 42001 readiness. One platform for your entire AI governance programme.
If your company uses AI for HR decisions, hiring, credit scoring, or education in the EU, you are in scope for the EU AI Act Annex III high-risk provisions. The operative deadline remains August 2, 2026. A proposed amendment (the AI Act Omnibus, political agreement reached May 2026) would defer some obligations — but it is not yet enacted law. The prudent position: prepare for August 2, 2026 and treat any deferral as a bonus, not a plan.
| Framework | Jurisdiction | Applies to | Key requirement | ThemisIQ coverage |
|---|---|---|---|---|
| EU AI Act | EU (global scope) | Any AI affecting EU residents | Risk classification + conformity assessment for high-risk AI | ✓ Full |
| NIST AI RMF | USA (voluntary/mandatory) | US federal agencies + voluntary | Map, Measure, Manage, Govern framework | ✓ Full |
| ISO 42001:2023 | Global | Organisations using or developing AI | AI management system — policies, controls, continuous improvement | ✓ Full |
| GDPR Article 22 | EU/UK | Automated decision-making affecting individuals | Right to explanation + human review for automated decisions | ✓ Partial |
| Bill C-27 AIDA (proposed) | Canada | High-impact AI systems | Impact assessment + registration when enacted | ✓ Monitored |
| SR 11-7 (Fed Reserve) | USA financial services | Banks using models for decisions | Model risk management — validation and governance | ✓ Partial |
The first step is knowing what AI systems you have and whether they're high-risk. ThemisIQ's AI inventory wizard walks you through every system in days — not months.