Expertise 03
Governance & compliance
AI Act, GDPR, operational ethics. Compliance before production.
Why now
Penalties reach 7% of global turnover.
The AI Act is coming into force in stages. SMEs and mid-market companies are as concerned as large groups. No one will be warned by post the day before an inspection.
What we put in place
AI systems mapping
Inventory, classification by risk level (prohibited, high, limited, minimal).
Compliant technical documentation
System records, logs, datasheets, user transparency.
An operational ethics committee
Membership, mandate, rituals, escalations. Not a rubber-stamp committee, a decision-making body.
Algorithmic audit
Bias, fairness, robustness, explainability.
Incident response unit
Regulator procedures, communication plan, logbook.
A real case, anonymised
A mid-market company rolls out AI-based CV screening without assessing bias or documenting the processing. The regulator steps in. Project suspended. Estimated cost: €120,000 in direct expenses, before the reputational damage. Avoidable with 3 days of upfront scoping.
Go further