Site in Development - Contact Us at sales@standardintelligence.com

We use a few strictly-necessary cookies, no marketing trackers, and cookieless analytics. Read our cookie policy, or pick a preference.

Regulations

Many frameworks, one method.

A single AI system can sit under the EU AI Act, GDPR, NIS2, and sector rules at once, each with its own obligations and its own enforcement. This page is the map: which frameworks apply, what each one asks for, and the TRACE method that works them as one programme rather than four.

The frameworks

What applies to an AI system in the EU

The four regimes most likely to engage at the same time.

EU AI Act

The horizontal regime for AI. Risk classification, obligations for providers and deployers, and the documentation that proves conformity.

GDPR for AI Systems

Where data protection meets AI. Lawful basis, DPIAs for automated decisions, and the right to meaningful information about the logic.

NIS2 Directive

Cybersecurity duties for essential and important entities. Risk management, incident reporting, and supply chain security where AI runs critical infrastructure.

Sectorial Regulation

The layer teams forget. How finance, healthcare, and other sector rules stack on top of the Act, each with its own supervisor.

SI TRACE Methodology

One method across every obligation

TRACE runs those frameworks as a single programme, in five phases.

Triage

Scope the landscape. Inventory the systems, fix jurisdiction, and map which instruments apply.

Rate

Quantify the posture. Classify risk, decompose obligations, run gap analysis, and score maturity.

Architect

Build for compliance. Translate obligations into architecture, data governance, and documentation.

Control

Operate continuously. Post-market monitoring, human oversight, and incident response.

Evidence

Prove it. Tamper-evident audit trails, conformity assessment, and audit-ready packages.

Not sure which apply to you?

Take the free readiness assessment for a read on your exposure across the Act, GDPR, and the regimes that engage in parallel, or talk to the team.

Free readiness assessment Talk to us