AI Compliance Matrix

The EU AI Act (Regulation 2024/1689) is the world's first comprehensive AI-specific regulation. It establishes a risk-based classification system with four tiers: unacceptable risk (banned), high-risk (heavy obligations), limited risk (transparency obligations), and minimal risk (voluntary codes of conduct). The Act entered into force on August 1, 2024, with a phased compliance timeline: prohibited practices apply from February 2025, obligations for general-purpose AI models from August 2025, and high-risk system requirements from August 2026.

For engineering teams, the high-risk tier creates the most implementation work. Article 9 requires a documented risk management system that is iterative and updated throughout the AI system lifecycle. Article 10 mandates data governance practices including examination of training data for biases, relevance, and representativeness. Article 11 requires technical documentation sufficient for authorities to assess compliance. Article 13 demands transparency measures so deployers understand the system's capabilities and limitations. Article 14 requires human oversight mechanisms that allow human operators to understand, monitor, and override the system. Article 15 mandates accuracy, robustness, and cybersecurity requirements appropriate to the system's intended purpose.

General-purpose AI model providers face obligations under Article 53: maintaining technical documentation, providing information to downstream providers, establishing a copyright compliance policy, and publishing a training content summary. Models with systemic risk (above 10^25 FLOP training threshold) face additional obligations under Article 55 including adversarial testing, incident tracking, and energy consumption reporting.

The California Consumer Privacy Act (CCPA), as amended by the California Privacy Rights Act (CPRA), grants consumers rights over their personal information and imposes obligations on businesses processing it. While not AI-specific, several provisions directly affect AI systems. Section 1798.100 establishes the right to know what personal information is collected and how it is used, which extends to AI training data and inference inputs. Section 1798.105 creates deletion rights that complicate model retraining when training data must be erasable.

Most critically for AI, Section 1798.185(a)(16) directed the California Privacy Protection Agency to issue regulations governing automated decision-making technology (ADMT). These ADMT regulations, currently in rulemaking, would require businesses to provide consumers with access to information about the logic of automated decisions, the right to opt out of ADMT in certain contexts, and pre-use notices for profiling decisions with significant effects. Engineering teams should design AI systems with opt-out mechanisms and decision explanation capabilities now, even before final ADMT rules are published.

The Health Insurance Portability and Accountability Act (HIPAA) predates modern AI but its requirements for protected health information (PHI) create significant constraints on AI systems in healthcare. The Privacy Rule (45 CFR Part 164, Subpart E) requires minimum necessary use of PHI, which means AI systems should only receive the PHI fields actually needed for the task. The Security Rule (45 CFR Part 164, Subpart C) mandates technical safeguards including access controls, audit controls, integrity controls, and transmission security for electronic PHI (ePHI) processed by AI systems.

AI-specific HIPAA concerns include: model memorization of PHI in training data, which can lead to PHI exposure through inference-time attacks; the use of PHI for model training without proper authorization or de-identification under the Safe Harbor or Expert Determination methods (45 CFR 164.514); business associate agreement (BAA) requirements when third-party AI services process PHI; and the breach notification obligations under the Breach Notification Rule (45 CFR Part 164, Subpart D) when AI system vulnerabilities lead to unauthorized PHI disclosure. The HHS Office for Civil Rights has signaled increased scrutiny of AI systems handling PHI.

SOC 2 (System and Organization Controls 2) is an audit framework based on the AICPA Trust Service Criteria. While not a regulation, SOC 2 compliance is effectively required for B2B AI service providers because enterprise customers demand it. The five trust service categories — Security, Availability, Processing Integrity, Confidentiality, and Privacy — each have AI-specific implications that extend beyond traditional software controls.

Processing Integrity (PI1.1 through PI1.5) is particularly relevant for AI: you must demonstrate that system processing is complete, valid, accurate, timely, and authorized. For AI systems, this means documenting model accuracy metrics, establishing validation procedures for model outputs, and maintaining evidence that the system performs as described. Security (CC6.1 through CC6.8) requires logical and physical access controls that extend to model artifacts, training data, and inference endpoints. Confidentiality (C1.1, C1.2) requires protecting confidential information throughout the AI pipeline, including training data, model weights, and inference inputs/outputs.

ISO/IEC 42001:2023 is the first international management system standard for artificial intelligence. It follows the Annex SL high-level structure shared by ISO 27001 and ISO 9001, making it integrable with existing management systems. The standard requires organizations to establish an AI management system (AIMS) covering the planning, development, deployment, and monitoring of AI systems.

Key clauses include: Clause 4 (Context) requiring organizations to identify interested parties and their AI-specific requirements; Clause 6 (Planning) mandating AI risk assessment and treatment processes; Clause 7 (Support) requiring AI-specific competence, awareness, and communication; Clause 8 (Operation) covering AI system lifecycle processes including data management, model development, and deployment; and Clause 9 (Performance Evaluation) requiring monitoring, measurement, analysis, and internal audit of AI systems. Annex A provides a reference set of AI-specific controls covering responsible AI, data management, system development, and third-party relationships. ISO 42001 certification is becoming a market differentiator for AI service providers.

The NIST AI Risk Management Framework (AI RMF 1.0, published January 2023) provides a voluntary framework for managing AI risks. Unlike the EU AI Act, it is not legally binding, but it is increasingly referenced in US federal procurement requirements and serves as a de facto standard for AI risk management practices. The framework is organized around four core functions: Govern, Map, Measure, and Manage.

Govern (GV) establishes the organizational context, policies, and processes for AI risk management. Map (MP) identifies and contextualizes AI risks, including risks from third-party components. Measure (MS) employs quantitative and qualitative methods to analyze, assess, and track AI risks. Manage (MN) prioritizes and acts on risks through mitigation, transfer, or acceptance. Each function contains categories and subcategories (e.g., GV-1.1, MP-2.3) that map to specific practices. The companion NIST AI RMF Playbook provides implementation suggestions for each subcategory. While voluntary, implementing the NIST AI RMF demonstrates due diligence and can support compliance arguments for other regulations.