What the EU AI Act Actually Requires for Autonomous AI Agents

The EU AI Act came into full effect in stages through 2025 and 2026, and the compliance conversations happening in most enterprises are a mixture of genuine preparation and regulatory theater. The theater version: legal teams creating documentation, checking boxes, and hoping the auditors don't look too carefully. The genuine version: engineering and governance teams understanding what the Act actually requires at a technical level and building infrastructure that creates real compliance, not the appearance of it.

For autonomous AI agents — the category most affected by the Act's high-risk provisions — genuine compliance requires behavioral contracts, audit trails, human oversight mechanisms, and transparency documentation. The Armalo trust infrastructure provides a foundation for several of these requirements, but understanding how it fits requires understanding what the Act actually mandates.

This post cuts through the regulatory jargon to explain which EU AI Act provisions apply to autonomous agents, what they require technically, and how a trust architecture maps to those requirements.

TL;DR

• High-risk classification matters: Agents in certain categories (employment, education, credit, essential services, law enforcement adjunct) face the most stringent requirements — including conformity assessments and notified body involvement.
• Transparency is structural, not documentary: The Act requires that AI systems can explain their decisions; behavioral contracts with documented verification methodology create this explanation capability.
• Human oversight is a design requirement: Agents in high-risk categories must be designed for meaningful human oversight, not just notification after the fact.
• Behavioral records are required by law: Organizations must be able to produce documentation of how their AI systems behave and what controls exist — behavioral pacts plus evaluation history are the technical foundation.
• The fine structure is significant: Up to €30 million or 6% of global turnover for certain violations — the compliance cost is substantially lower than the non-compliance cost.

---

EU AI Act Requirement to Armalo Feature Mapping

---

Which Agents Are "High-Risk"?

The EU AI Act's risk classification is not about how powerful the AI is or how autonomous it is — it's about the category of decision the AI influences. High-risk AI systems are those that affect:

• Employment decisions: Hiring, promotion, task assignment, performance evaluation
• Education access: Admissions, scoring, assessment, classification of students
• Credit and financial services: Credit scoring, loan eligibility, insurance pricing
• Essential services: Access to utilities, public benefits, emergency services
• Law enforcement adjunct functions: Risk assessment, evidence evaluation, crime prediction
• Migration and border control: Visa assessment, border crossing decisions
• Administration of justice: Legal research tools used in judicial contexts
• Critical infrastructure: Systems affecting power, water, transportation safety

An AI agent used for customer service FAQs is probably not high-risk. An AI agent that evaluates employee performance, determines whether loan applications should proceed, or ranks medical cases for attention is squarely high-risk.

The practical consequence: if your AI agents operate in any of these categories, you face the full high-risk compliance regime — conformity assessments, notified body involvement for certain sub-categories, technical documentation requirements, logging obligations, and post-market monitoring requirements.

---

Transparency Requirements: What "Explainability" Actually Means

Article 13 of the Act requires that high-risk AI systems be designed in a way that enables deployers to understand how the system works, what its inputs and outputs mean, and how to interpret its decisions. This is often summarized as "explainability," but the actual requirement is more specific and more achievable.

What Article 13 requires is not that the AI can explain its reasoning in human terms for every decision (which would be impossible for transformer-based systems without significant engineering). It requires that the deployer has enough documentation of the system's behavior to understand: what inputs influence outputs, what the system is and isn't designed to do, and what conditions might cause the system to produce unreliable outputs.

Behavioral contracts with documented evaluation methodology satisfy this requirement structurally. A pact that specifies what the agent does (scope), how compliance is measured (verification methodology), what constitutes a failure (threshold and criteria), and what evaluation history shows (score distribution and compliance rate) is exactly the kind of behavioral documentation that Article 13's transparency requirements call for.

The key insight: transparency documentation is not a post-hoc writing exercise. It's most effectively built by designing agents with formal behavioral contracts from the beginning, which creates the documentation as a byproduct of good governance practice.

---

Human Oversight as an Engineering Requirement

Article 14 of the Act requires that high-risk AI systems be designed with human oversight measures that enable competent persons to understand the system's capabilities and limitations, monitor its operation, and intervene when necessary.

The critical phrase is "when necessary" — which means the oversight capability must exist and be usable, but doesn't require a human to approve every decision. The operative question is: if the system starts behaving incorrectly, can a human detect it quickly and stop it before significant harm occurs?

Three technical mechanisms satisfy this requirement:

Behavioral dashboards that make score trends, evaluation results, and anomaly flags visible to human operators in real time. Not logs buried in a data warehouse, but actionable monitoring surfaces that surface degradation when it occurs.

Configurable intervention capabilities that allow authorized humans to suspend agent operation, override specific output types, or reduce the agent's scope of authority without requiring engineering changes. The Armalo Room protocol provides exactly this — a live command-and-control interface for watching and intervening in agent operations.

Audit trails that enable post-hoc reconstruction of what the agent did and why, even if the human oversight was reactive rather than real-time. The evaluation log, pact condition compliance records, and LLM session traces create this reconstruction capability.

---

Post-Market Monitoring: Why Continuous Evaluation Is a Legal Requirement

Article 61 requires that providers of high-risk AI systems implement a post-market monitoring plan. The monitoring must cover the system's performance in real-world conditions and identify any risks that weren't apparent during pre-deployment assessment.

This is a direct mandate for continuous evaluation, not just initial certification. The regulatory framing acknowledges what the trust infrastructure community has understood for longer: AI systems behave differently in production than in evaluation, and the only way to detect that divergence is ongoing monitoring.

Score decay (one point per week) combined with continuous evaluation creates a technical architecture that satisfies Article 61. The score at any moment reflects recent production behavior, not historical evaluation performance. Significant behavioral changes trigger anomaly detection. The evaluation log provides the documented monitoring record required by the Article.

The compliance consequence: organizations that rely on point-in-time certifications to satisfy Article 61 are taking a legal risk. The Act specifically requires post-market monitoring — which in technical terms means continuous, not periodic.

---

The Fine Structure: Why Compliance Economics Work

The EU AI Act's fine structure creates strong compliance incentives:

• Prohibited AI practices: up to €35 million or 7% of global annual turnover, whichever is higher
• High-risk system violations: up to €15 million or 3% of global annual turnover
• Incorrect information to authorities: up to €7.5 million or 1.5% of global annual turnover

For a global enterprise with €1 billion in annual turnover, a high-risk violation exposure is €30 million. The cost of implementing a full trust architecture for AI agents — behavioral contracts, continuous evaluation, audit logging, human oversight mechanisms — is a fraction of that exposure for most organizations.

The compliance economics are clear: build the infrastructure, reduce the exposure. The question is not whether compliance is worth the investment; it's which compliance approach provides genuine risk reduction versus which provides compliance theater that won't withstand regulatory scrutiny.

---

Frequently Asked Questions

Does the EU AI Act apply to AI agents operated outside the EU? If the AI agent's outputs affect people in the EU — European customers, European employees, European citizens accessing services — the Act applies regardless of where the agent is deployed or operated. Extra-territorial application is explicit in the regulation.

When do GPAI (General Purpose AI) obligations apply? GPAI obligations (Articles 51-56) apply to foundation model providers, not to organizations that deploy foundation models in their products. A company deploying Claude or GPT-4 to power their agents is not a GPAI provider; Anthropic and OpenAI are. Deploying organizations face the high-risk system requirements, not GPAI requirements.

What does "conformity assessment" actually require? For most high-risk AI systems, conformity assessment can be self-conducted (the deploying organization assesses their own compliance against the Annex IV requirements). For certain sub-categories (biometric identification, critical infrastructure), third-party notified body assessment is required. Self-conducted conformity assessment is extensive but manageable with proper documentation infrastructure.

How long must behavioral records be retained? The Act requires that logs supporting conformity assessments be retained for at least 10 years after the system is placed on the market. Operational logs enabling post-market monitoring must be retained for at least 6 months after each use of the system. For agents operating at scale, this means robust, cost-efficient archival of evaluation records.

What is a "fundamental rights impact assessment"? High-risk AI deployers in the public sector, and some private sector categories, must conduct a Fundamental Rights Impact Assessment (FRIA) before deployment. This assesses how the AI system might affect rights to non-discrimination, privacy, due process, and access to justice. Behavioral contracts that specify scope limitations and fairness requirements are inputs to this assessment.

Can Armalo certification substitute for EU AI Act conformity assessment? Armalo certification is not a substitute for conformity assessment — it's an input. The trust infrastructure (behavioral contracts, evaluation history, audit trails, human oversight mechanisms) creates the documentation foundation that conformity assessment requires. Organizations still need to conduct the formal assessment and produce the Article 11 technical documentation, but organizations with Armalo infrastructure have most of the required evidence already assembled.

---

Key Takeaways

1. Classify your AI agents against the high-risk categories immediately — the compliance timeline is not forgiving, and discovering late that an agent is high-risk creates emergency remediation requirements.
2. Build behavioral contracts with documented verification methodology — this creates the Article 13 transparency documentation as a byproduct of good governance, not as a separate compliance exercise.
3. Implement continuous evaluation now, not at deployment — Article 61's post-market monitoring requirement applies to production systems, and point-in-time certifications won't satisfy it.
4. Design human oversight mechanisms as engineering requirements, not post-hoc additions — the ability to intervene must be built in, not bolted on.
5. Maintain tamper-evident audit logs with appropriate retention — 6-month operational log retention and 10-year conformity documentation retention are legal minimums.
6. Conduct fundamental rights impact assessments for agents affecting individual outcomes — discrimination, due process, and access to services are all in scope.
7. Use compliance as a product differentiator, not just a cost center — organizations that can demonstrate genuine EU AI Act compliance to enterprise buyers have a procurement advantage that's difficult for non-compliant competitors to quickly replicate.

---

--- Armalo Team is the engineering and research team behind Armalo AI — the trust layer for the AI agent economy. We build the infrastructure that enables agents to prove reliability, honor commitments, and earn reputation through verifiable behavior.