// AI Act Compliance & Assurance

EU AI Act compliance.
Proven with evidence.

The first AI Act obligations for every organization deploying AI apply from 2 August 2026. High-risk systems must conform by 2 December 2027. We tell you exactly what applies to you, close the gaps, and generate the technical evidence regulators and customers will ask for.

Free AI Act Pre-Assessment. Answer ~25 structured questions, get an instant scored snapshot: your risk tier, your top gaps, and your personal obligation timeline. The full self-service portal launches at compliance.cyberfort.lv in July — request early access now and we'll run your pre-assessment with you, free.

Start Free Pre-Assessment →
// The deadlines

The AI Act is already in force. The question is which obligations hit you when.

Updated for the May 2026 Digital Omnibus agreement — beware of outdated advice still quoting August 2026 for high-risk systems.

In force now

Prohibitions & AI literacy

Prohibited AI practices and staff AI-literacy duties (Art. 4, 5) apply since February 2025. GPAI obligations since August 2025. Fines up to €35M or 7% of global turnover.

2 August 2026

Transparency for deployers

If your organization uses AI that interacts with people or generates content, disclosure and transparency duties (Art. 50) apply — chatbots, copilots, AI-generated content included.

2 December 2027

High-risk systems (Annex III)

HR & recruitment, credit scoring, education, critical infrastructure, public services. Full conformity: risk management, data governance, documentation, human oversight, monitoring.

Fixed-price compliance bundles

Productized, fast, and priced for decision-making — not open-ended consulting. All prices excl. VAT. Pay online by card or bank link, or order by invoice.

Bundle 1 — for SMEs

AI Act Quick Scan

📅 5 working days 📍 Remote €2,900 €2,450 — launch offer until 2 Aug 2026

The fastest way to know exactly where you stand. An expert-verified assessment built on our structured, AI Act article-mapped methodology — the same model used in national trust frameworks.

90-minute structured interview + evidence sanity check
Scored compliance report (0–100, per-domain scores, regulatory references)
Risk-tier classification incl. prohibited-use check
Personalized obligation timeline: what hits you Aug 2026 vs Dec 2027
Prioritized 1-page remediation roadmap + 1-hour findings call
NIS2 / Kiberdrošības likums applicability check included
Who it's for: SMEs deploying AI — chatbots, copilots, HR or finance automation — that need clarity before August 2026. CFO-approvable the same week.
Order Now → Ask a Question
Bundle 2 — for organizations

AI Act Compliance Assessment

📅 3–4 weeks 📍 Remote / Hybrid €9,500 – €15,000

Organization-wide assessment across all your AI systems, with a concrete implementation plan for the August 2026 transparency layer and a board-ready view of the road to December 2027.

Full AI system inventory incl. shadow-AI discovery
Per-system risk classification (prohibited / high / limited / minimal)
Gap assessment against Art. 9, 10, 11, 13, 14 obligations
Transparency-obligation implementation plan (the Aug 2026 layer)
DPIA support (GDPR Art. 35) and GDPR × AI Act overlap mapping
Technical documentation skeleton (Art. 11 / Annex IV, pre-filled)
Automated LLM testing run (Garak, Moonshot) as baseline technical evidence
Combined AI Act × NIS2 × Kiberdrošības likums gap matrix — one assessment, three regimes
Board-ready report + obligation owner matrix
Who it's for: Organizations with multiple AI systems; regulated sectors (finance, energy, health, public administration); NIS2 essential and important entities.
Order Now → Request Scoping Call
Bundle 3 — for corporations & high-risk deployers

High-Risk Readiness Program

📅 3–6 months 📍 Hybrid €29,000 – €65,000

Full conformity preparation for Annex III high-risk systems against the 2 December 2027 deadline — with the one thing advisory firms cannot deliver: real adversarial testing as your Article 15 technical evidence.

Risk management system designed and implemented (Art. 9)
Data governance framework incl. sensitive-data justification (Art. 10)
Complete technical documentation (Art. 11 / Annex IV)
Human oversight design (Art. 14) + AI literacy program (Art. 4)
Post-market monitoring system (Art. 72) + EU database registration support
Article 15 evidence package: full LLM red teaming & adversarial testing
Guardrails architecture & implementation as compliance controls
Conformity-assessment dress rehearsal
Who it's for: HR-tech, credit and insurance scoring, education platforms, critical-infrastructure operators, public-sector deployers — anyone with an Annex III system.
Order Now → Request Scoping Call
Recurring

Compliance-as-a-Service

📅 Ongoing 📍 Remote €1,500 – €6,000/mo

Compliance is not a one-off project. Continuous post-market monitoring, regulatory watch, and a measurable compliance score that improves quarter over quarter.

Continuous post-market monitoring (Art. 72) + serious-incident reporting support (Art. 73)
Quarterly re-assessment with score tracking
Regulatory-change watch: Omnibus adoption, harmonised standards, Latvian acts
Annual NIS2 security-review support (Professional tier and above)
Periodic automated red-team runs
Optional Armora logging layer for record-keeping evidence (Art. 12)
Tiers: Essential €1,500/mo · Professional €3,500/mo · Enterprise €6,000/mo.
Talk to Us →
// The Latvian advantage

Your NIS2 duties and your AI Act duties overlap. Pay for the overlap once.

Latvia's Kiberdrošības likums (NIS2 transposition) has been in force since September 2024 — cybersecurity manager appointments, self-assessments, and annual security reviews are already mandatory for essential and important entities. Roughly 40% of the underlying controls overlap with AI Act obligations: risk management, logging, incident reporting, documentation, governance. Every Cyberfort compliance bundle delivers a cross-mapped gap matrix covering both regimes in a single assessment — in Latvian or English, with regulator-fluent local delivery.

EU AI Act NIS2 / Kiberdrošības likums GDPR ISO 42001 NIST AI RMF Singapore AI Verify
// Why Cyberfort

Compliance backed by real testing, not just paperwork.

Law firms write policies. Advisory firms write roadmaps. Cyberfort additionally runs the adversarial tests that prove your AI systems are accurate, robust, and secure — the technical evidence Article 15 demands. Our AI Cybersecurity line (LLM red teaming, guardrails, monitoring) plugs directly into every compliance engagement.

Find out what applies to you. In days, not months.

Start with the free pre-assessment, or order the AI Act Quick Scan today at the launch price of €2,450.

Free Pre-Assessment → Order Quick Scan →