Fleet overview
AB
syncing… · Aurora Banking N.V.

Every AI system, mapped to the obligations it must meet — and watched for drift.

Annexo connects your repositories, models, agents and evidence, maps them to the EU AI Act, GDPR, DORA and NIS2, and keeps each conformity dossier current as the estate changes.

Your AI estate · tap to list
Extract Draft Verify
Audit-ready dossier
EU AI Act
GDPR
DORA
NIS2

Fleet at a glance

Posture, deadlines and open items across 6 AI systems · as of 2026-05-30 04:12 UTC

Days since incident
42
no Art. 73 serious incident
Fleet conformity posture
86 / 100posture index · last 30 days-3 over 30 days
range 8290100% above the review line
10090807060review 75
30 days agonow

Each point is the share of the fleet's tracked Chapter III obligations evidenced as in place that day, scored 0–100. The line falls when Annexo surfaces drift against the evidence and recovers as open items are closed — an observed signal, not a conformity verdict.

aggregate posture index review line (75)
EU AI Act timeline
Prohibited practices in force2 Feb 2025

Art. 5 bans apply. Fleet screened — none in scope.

GPAI & governance obligations2 Aug 2025

General-purpose AI model rules and the AI Office regime begin.

Transparency (Art. 50) obligations apply2 Aug 2026

AI-interaction disclosure and synthetic-content marking begin — AdvisorCopilot and CollectionsAssist. Unchanged by the Digital Omnibus.

High-risk (Annex III) obligations apply2 Dec 2027

The full Chapter III obligation set becomes enforceable for Annex III systems — CreditGuard and OnboardKYC. Deferred from 2 Aug 2026 by the Digital Omnibus.

High-risk (Annex I products) apply2 Aug 2028

Systems regulated as safety components of products under Annex I. None currently in fleet. Deferred from 2 Aug 2027 by the Digital Omnibus.

Obligation exposure · system × obligation
current drift attention— n/a
System9101213/5014151772Posture
CreditGuard AI82
OnboardKYC91
FraudSentry
AdvisorCopilot86
CollectionsAssist79
ChurnPredict

Each square is one obligation's evidence state for that system; the bar is its aggregate posture index (0–100). Select any row to open the system and trace what's behind a square.

Recent activity

Data drift surfaced — PSI 0.23 on income_verified (watch ≥ 0.20).

CreditGuard AI · Art. 10 · 2 days ago

Underwriter override rate rose +18% week-over-week.

CreditGuard AI · Art. 14 · 3 days ago

Transparency-notice wording flagged for review after a contact-flow change.

CollectionsAssist · Art. 50 · 3 days ago

AI-disclosure banner appears absent on 2 relationship-manager surfaces.

AdvisorCopilot · Art. 50 · 4 days ago

Q1-2026 fairness export ingested and attached to the dossier.

CreditGuard AI · Art. 10 · 15 · 6 days ago
Open items
Interactive demo with synthetic data, for illustration only. The console observes and surfaces change against the evidence in your dossiers — it does not issue a conformity verdict and does not replace your own review. You decide and act on what it surfaces. Annexo's rule set is candidate-stage pending expert legal review; Annexo is not a notified body and does not certify conformity. Not legal advice.
Annexo — EU Conformity Dossiers

About Annexo

Annexo is the independent trust layer for AI agents: it verifies how a third party’s AI agent actually behaves with live tests, watches it for drift, and produces audit-ready evidence for buyers, regulators and insurers. Every result is observed behaviour at the time of testing — never a certification, conformity assessment, guarantee, or legal advice. Annexo is not a notified body.

Frequently asked questions

What is Annexo?
Annexo is an independent trust layer for AI agents. It verifies how a third party’s AI agent actually behaves with live behavioural probes, watches it for drift over time, and produces audit-ready assurance evidence a buyer, regulator or insurer can rely on. The thesis is simple: a builder cannot credibly grade its own homework, so verification has to be independent.
Who is Annexo for?
EU and DACH enterprises deploying AI agents in regulated settings — insurance, banking, industrial — and the consultancies that build agents for them. Later, insurers underwriting agent risk.
How does Annexo verify an AI agent?
Point the verify console at your own AI agent endpoint or run a built-in sample agent. A live probe battery runs against it — prompt injection, tool poisoning, guardrails under pressure, AI disclosure, PII handling, request logging — and resolves into an evidence dashboard. Your agent’s API key is held in memory for that one request only and is never stored.
Does Annexo certify or guarantee that an AI agent is compliant?
No. Annexo is not a notified body and does not certify, guarantee, or give legal advice. Every result is observed behaviour at the time of testing, reported as a status — holding, watch, or surfaced — never a pass/fail verdict or a conformity assessment.
What about EU regulations like the EU AI Act, GDPR, DORA and NIS2?
Annexo also produces done-for-you EU conformity dossiers — the evidence and technical documentation mapped to the EU AI Act, GDPR, DORA and NIS2, produced from your system and audit-ready. It is the deliverable, not a substitute for your own counsel or a conformity assessment body.
Where is Annexo’s data processed?
In the EU. Compute runs in the Frankfurt (fra1) region and persisted data uses an EU-region store, in line with EU data-residency expectations.