Substantive coverage across 10 frameworks.

Risk-tiered AI system regulation. Article 11 demands a complete technical documentation file in Annex IV order before high-risk systems are placed on the market. The artefact the regulator opens.

The first certifiable AI management system standard. Auditors now scope certifications against it; enterprise buyers ask for it.

GOVERN, MAP, MEASURE, MANAGE profiles. Voluntary baseline that federal procurement and sectoral frameworks map onto — the de-facto US AI risk-management language.

The trust-services audit enterprise buyers ask for first. Hael generates the System Description and AI-governance control evidence behind the report.

AI under GDPR: Article 22 safeguards for solely-automated decisions, Article 35 DPIAs, and the Articles 5/6 lawful-basis and data-governance duties that bite on training and inference.

Comprehensive duties on high-risk AI in consequential decisions. Hael produces the impact assessments and risk programme the law requires, aligned to NIST or ISO 42001.

Independent bias audit, published summary and candidate notice for AEDTs. Hael maintains the audit record, summary and notice as living artefacts.

Strict-liability bar on AI that produces discriminatory effects across the employment lifecycle; mandatory worker notice; no zip-code proxies. Hael runs the disparate-impact testing and notice lifecycle.

Five pillars of ICT resilience for ~22,000 EU financial entities. In force since 17 Jan 2025 with no transition. Hael maintains the ICT risk framework, register and testing records.

Intent-based prohibitions on harmful AI uses, enforced by the Texas AG with a 60-day cure period. Hael records the acceptable-use governance the AG expects.