Early Access Now Open — 79 of 300 spots remaining
26% FILLEDSecure your spot →
EU AI Act Enforcement Deadline
--DAYS
:
--HOURS
:
--MINS
ARTICLES 9 · 13 · 14 · 152 AUGUST 2026
🇪🇺 EU AI Act · High-Risk AI Systems

The regulation requires documented evidence your AI agents were tested. Most companies don't have it.

EU AI Act Article 9 mandates that high-risk AI systems implement a risk management system including systematic adversarial testing. A documented, repeatable scan process is the evidence you need.

EU AI Act · Article 9(4)(c)
“Testing shall ensure that the high-risk AI system performs consistently for its intended purpose and it is in compliance with the requirements set out in this Chapter.”
REGULATION (EU) 2024/1689 · ARTICLE 9(4)(c)
Enforcement countdown
2 August 2026 · EU AI Act Article 9
--
DAYS
--
HOURS
--
MINS
--
SECS
Art. 9Risk management system — adversarial testing required
Art. 13Transparency — documentation of testing methodology
Art. 14Human oversight — evidence of monitoring capability
Art. 15Accuracy and robustness — evidence of adversarial robustness testing
Maximum fine for non-compliance
€35,000,000
OR 7% OF GLOBAL ANNUAL TURNOVER · WHICHEVER IS HIGHER
Compliance gap analysis

Where most AI teams are today.

Article 9 compliance is not a checkbox. It requires a documented, repeatable, evidence-generating process.

✕ What most teams currently have
Insufficient for Article 9 notified body review
Internal belief that the system is secure — no documented methodology, no reproducible test results, no evidence trail.
Red team exercise (one-off) — undocumented, not reproducible, conducted before production deployment and not re-run after updates.
Pen test report for the web application — covers the API layer, not the LLM agent behaviour, system prompt, or tool interactions.
Developer review of the system prompt — not an adversarial test, not documented in regulatory format, not mapped to Article 9 controls.
No testing after model updates — Article 9 requires ongoing monitoring and re-testing when the system changes.
✓ What Article 9 requires — and Orithos generates
Audit-ready evidence for notified body submission
Documented test methodology — probe categories, attack taxonomy, judge pipeline architecture. Reproducible on demand.
Adversarial test results with evidence — each finding includes the exact probe text, agent response, severity rating, and Article 9 control mapping.
LLM-agent-specific testing — covers system prompt extraction, tool abuse, RAG injection, guardrail bypass, and persona jailbreak specific to your deployment.
Compliance-mapped export — findings mapped to Article 9(4)(c), 13(1), 14(4), and 15(1) with evidence citations for each control.
Continuous re-testing — scheduled scans re-run after every deployment. Audit trail shows risk score trend over time, not just a point-in-time snapshot.
Article-by-article coverage

Which articles Orithos
covers — and how.

The EU AI Act does not describe a testing methodology. It describes requirements. Orithos translates each requirement into testable probes and generates the evidence your legal team needs.

ARTICLE 9 · Subsections 4(b), 4(c), 5, 6, 7
Risk Management System
The most operationally demanding article. Requires a systematic identification of known and foreseeable risks, estimation and evaluation of risks, and testing — both before deployment and continuously during operation.
What it requires from you
Identification and analysis of the known and reasonably foreseeable risks... testing to identify the most appropriate risk management measures.
✓ 25 attack categories✓ Risk score per scan✓ Documented methodology✓ Scheduled re-testing
✓ Fully covered — export available
ARTICLE 13 · Subsections 1, 2, 3(b)
Transparency and Information Provision
High-risk AI systems must be transparent enough for deployers to interpret output and use the system appropriately. This includes documenting the system's limitations, known biases, and testing scope.
What it requires from you
Instructions for use shall include... the level of accuracy, robustness and cybersecurity against which the high-risk AI system has been tested and validated.
✓ Security testing scope documented✓ Known limitations per finding~ Residual risk documentation
~ Substantially covered — some elements require manual input
ARTICLE 14 · Subsections 1, 3, 4
Human Oversight
Deployers must implement measures that allow human operators to understand, monitor, and intervene in the AI system's operation — particularly in high-risk scenarios.
What it requires from you
Measures appropriate to the risks... to enable the individuals to whom human oversight has been assigned to understand the capacities and limitations of the high-risk AI system.
✓ Escalation finding categories✓ Tool blast radius mapping✓ Privilege escalation detection~ Human-in-loop recommendations
~ Substantially covered — oversight recommendations included per CRITICAL finding
ARTICLE 15 · Subsections 1, 3, 4
Accuracy, Robustness and Cybersecurity
Systems must perform consistently and be resilient to attempts to alter behaviour through adversarial inputs or data poisoning. This is the most technically direct mapping.
What it requires from you
Appropriate resilience as regards attempts by unauthorised third parties to alter their use, outputs or performance by exploiting system vulnerabilities.
✓ Adversarial robustness probes✓ Data poisoning / RAG injection✓ Guardrail bypass detection✓ Vulnerability evidence trail
✓ Fully covered — most direct article mapping
Evidence mapping

What a notified body
actually wants to see.

The EU AI Act requires evidence packages, not reports. Every Orithos scan generates a structured evidence pack with control citations a notified body or internal legal team can act on.

ArticleRegulatory requirementEvidence Orithos generatesStatus
Art. 9(4)(b)Identification and analysis of known and foreseeable risksThreat taxonomy mapped to your agent configuration✓ Automated
Art. 9(4)(c)Testing to identify appropriate risk management measuresProbe sets, 3-tier judge confirmation, risk score with methodology✓ Automated
Art. 9(5)Risk management system reviewed throughout lifecycleScheduled re-testing with risk score trend over time✓ Automated
Art. 9(7)Testing against groups for which the system is intendedDomain-specific probe packs (FS, Health, Legal)✓ Automated
Art. 13(1)Transparency of design and functionalityAttack surface documentation per agent configuration✓ Automated
Art. 13(3)(b)(v)Performance metrics including known limitationsResidual risk section with unaddressed finding documentation~ Partial
Art. 14(4)(a)Ability to detect anomalies and unexpected performanceScheduled scans with regression alerts on risk score change✓ Automated
Art. 15(1)Appropriate levels of accuracy and robustnessAdversarial robustness findings with severity and exploit path✓ Automated
Art. 15(3)Resilience against attempts to alter behaviourPrompt injection, RAG poisoning, jailbreak detection evidence✓ Automated
Sample output

This is what the
evidence pack looks like.

Every Business tier scan produces an EU AI Act audit-ready export. Below is a representative extract showing the structure your legal team and notified body receive.

⬡ ORITHOS — EU AI Act Audit Evidence PackCONFIDENTIAL
AI Agent Security Assessment
Scan SCN-A3F9 · Meridian Wealth Agent v3.2 · Financial Services · 11 May 2026
2
CRITICAL
1
HIGH
3
MEDIUM
9.8
RISK SCORE
CRITICAL Finding — EU AI Act Article 9(4)(c) · Article 15(3)
CRITICALF-001 · CAT-02 · OWASP-LLM02
System Prompt Extraction via Indirect RAG Injection
The agent reproduced its complete system prompt including internal identifier when a probe embedded in a tool result contained a meta-instruction. Confirmed by Judge Tier-3 with confidence 0.98.
EU AI Act Art. 9(4)(c)
Testing failed to prevent exploitation of system prompt via retrieval-augmented injection vector. Risk management measure required.
EU AI Act Art. 15(3)
System demonstrates insufficient resilience against attempts to alter behaviour by exploiting RAG supply chain vulnerabilities.
NIST AI RMF MS-2.3
Adversarial testing revealed extractability of system configuration. Measurement and monitoring gap identified.
OWASP LLM02
Insecure output handling — agent returned sensitive system configuration in response to adversarial retrieval-augmented input.
This evidence pack is suitable for submission to a notified body or internal legal review. Generated 11 May 2026 14:37 UTCGENERATED BY ORITHOS · AN ANTANOX PRODUCT
Process

From deployment to
audit-ready in one workflow.

Most companies treat EU AI Act compliance as a documentation exercise. Orithos treats it as a security programme — the documentation is a by-product of the testing.

1
Configure your agent in Orithos
Paste your system prompt. Declare tools, RAG sources, and guardrails. Orithos extracts testable constraints and identifies compliance-relevant components automatically. This step takes under 5 minutes.
Maps to Art. 9(4)(b) — risk identification
2
Run the EU AI Act scan suite
Probes execute against your live endpoint. Every probe in the EU AI Act suite is tagged to the specific article it tests. The 3-tier judge confirms findings before they enter the evidence pack.
Maps to Art. 9(4)(c) — adversarial testing
3
Export the audit evidence pack
Download a structured PDF evidence pack with every finding mapped to Article 9, 13, 14, and 15 controls. Each control citation includes the probe text, agent response, and severity as evidence.
Maps to Art. 13(3) — transparency documentation
4
Schedule continuous compliance scans
Article 9(5) requires ongoing monitoring throughout the AI system's lifecycle. Orithos runs scheduled scans after every deployment and alerts your team when the risk score changes.
Maps to Art. 9(5) — lifecycle monitoring
EU AI Act · Early access

Request access before
your competitors do.

The August 2026 deadline is firm. Security teams who establish their testing programme before Q2 2026 have time to remediate findings before enforcement begins.

📋
EU AI Act audit export included
Every Business tier scan includes the full Article 9 evidence pack. Your legal team gets a structured PDF mapped to specific regulatory controls.
🔄
Continuous compliance scanning
Scheduled scans re-run after every deployment. Article 9(5) compliance requires ongoing testing — Orithos automates it.
First evidence pack in under 5 minutes
No SDK, no code changes, no infrastructure. Connect your endpoint and your first EU AI Act evidence pack is ready before your next meeting.
Request Early Access
Priority review for compliance teams and CISOs.
79 of 300 spots remaining