EU AI Act · Effective 2026-08-02
Audit-ready agentic operations.
STEADYWRK runs agentic dispatch operations with a policy gate on every decision, human escalation at sub-70% confidence, a 7-year append-only audit log, and machine-readable verification surfaces. Risk classification is complete. GPAI transparency documentation is in progress for the August 2, 2026 effective date. No certification is claimed — only the controls that are live and the work still in progress.
What does the EU AI Act ask of agentic systems?
The Act takes effect August 2, 2026. For agentic operations vendors — systems that automate consequential decisions in real workflows — the core obligations cluster around five areas.
Risk classification
AI systems are classified into four tiers: unacceptable, high-risk, limited-risk, and minimal-risk. Agentic dispatch systems — automating consequential resource-allocation decisions — require careful placement within this taxonomy. STEADYWRK has completed its initial risk classification pass.
Transparency for GPAI models
General-Purpose AI model providers must publish technical documentation before the August 2, 2026 effective date. STEADYWRK uses GPAI models in its decision pipeline and is actively drafting the required technical transparency artifacts.
Human oversight & escalation
High-risk and agentic systems must preserve meaningful human control. The Act requires that consequential decisions remain contestable and that humans can intervene, override, or halt autonomous actions. STEADYWRK's policy gate enforces this: sub-70% confidence escalates to a human queue; every override is logged.
Audit trail requirements
Providers and deployers of regulated AI must maintain logs sufficient for post-hoc review. The Act specifies retention appropriate to the risk profile and intended use. STEADYWRK operates a 7-year append-only audit log on every consequential decision.
Fundamental rights impact
Deployers in high-risk categories must conduct a Fundamental Rights Impact Assessment before deployment. Where STEADYWRK systems touch labor allocation, the assessment obligation applies and is scoped into the readiness roadmap.
How is STEADYWRK positioned for the August 2 deadline?
Honest readiness status — each item is either live in production, actively in progress, or on the roadmap with an expected window. No item is overstated.
Risk classification
Initial EU AI Act risk classification completed. Agentic dispatch operations assessed against the risk taxonomy; classification documented in the AI decisioning policy.
/ai-policy →GPAI transparency documentation
Technical transparency documentation for GPAI model usage is actively in progress. Target: complete before the August 2, 2026 effective date.
Human-in-loop escalation
Policy gate enforced in production: confidence below 70% routes to a human queue. Contractor deactivation, pricing exceptions beyond canonical bands, and any decision with >$5,000 margin impact are human-only.
/ai-policy →7-year append-only audit log
Every consequential decision emits an immutable audit event. The public subset is queryable via machine-readable endpoints. Retention designed for regulatory inspection.
/api/public/audit-receipts →Machine-readable verification surface
Audit receipts, dispatch evals, and the OpenAPI spec are published at stable no-auth endpoints — consumable by procurement tooling, auditors, and agents without manual extraction.
/api/prove →Fundamental Rights Impact Assessment
Scoped for the labor-allocation use case. Targeted for completion ahead of the enforcement window. Not yet complete — stated honestly.
Where can auditors and agents verify the posture directly?
Four public, no-auth endpoints are published for machine ingestion — designed so a procurement tool, regulatory auditor, or AI agent can verify the posture without manual extraction or human intermediation.
/api/prove
Proof index →
Top-level machine-readable proof surface. Start here for automated ingestion.
/api/public/audit-receipts
Audit receipts →
Append-only deploy receipts — build hash, gate result, registry version, timestamp.
/api/dispatch/analytics/evals
Dispatch evals →
Rolling 30-day dispatch performance metrics — completion rate, latency, override rate.
/openapi.yaml
OpenAPI 3.1 spec →
Full API surface in machine-readable OpenAPI 3.1 format for procurement tooling.
Scope · published June 15, 2026
What this page is, and what it is not.
This is a readiness posture page, not a certification declaration. The EU AI Act creates obligations for AI system providers and deployers; satisfying those obligations requires documented technical work, not just a public statement. This page describes what controls are live, what is in progress, and what is on the roadmap — with links to the underlying verification surfaces so any reader can check the claims directly.
No compliance is assertedfor use cases beyond STEADYWRK’s own agentic dispatch operations. If you are evaluating STEADYWRK as a vendor for a regulated use case, the AI decisioning policy, system card, and attestation surface are the correct starting points — not this page.
Regulation text evolves. The August 2, 2026 effective date is for GPAI provisions and certain provider obligations. Additional timelines apply to other system categories. Consult the official EU AI Act text and qualified legal counsel for jurisdiction-specific obligations.
Frequently asked questions.
What does the EU AI Act require from agentic operations vendors?
The EU AI Act (effective August 2, 2026) requires AI system providers and deployers to classify systems by risk tier, maintain human oversight mechanisms, keep logs sufficient for regulatory inspection, and — for providers of GPAI models or systems using them — publish technical transparency documentation. Agentic dispatch systems that make consequential resource-allocation decisions must preserve meaningful human control and contestability.
Is STEADYWRK EU AI Act certified?
No. STEADYWRK does not claim EU AI Act certification or completed compliance. What is true: risk classification is complete, GPAI transparency documentation is actively in progress targeting the August 2, 2026 effective date, and the operational controls — human escalation, 7-year audit log, machine-readable verification surfaces — are live in production. The honest framing is readiness-in-progress, not certification.
How does STEADYWRK ensure human oversight of AI decisions?
Every decision passes through a policy gate. If the agent's confidence falls below 70%, the decision escalates to a human queue rather than executing autonomously. Certain categories — contractor deactivation, legal or compliance interpretation, any decision with significant margin impact — are human-only regardless of confidence. Every override is logged to the append-only audit trail.
Where can I see the audit trail?
The public subset of the audit log is available at /api/public/audit-receipts (machine-readable JSON) and human-readable at /audit-log. The /api/prove endpoint provides a structured proof index. Audit receipts carry the build hash, gate result, canonical registry version, and timestamp — designed for procurement review and regulatory inspection.
What does "audit-ready agentic operations" mean?
It means the agentic system is architected so that every consequential decision can be traced, explained, and reproduced after the fact. For STEADYWRK: every decision is logged with agent ID, confidence score, inputs, output, and whether it escalated to a human. The log is append-only with 7-year retention. Machine-readable verification surfaces are published at stable no-auth URLs so an auditor or procurement tool can ingest them directly without manual extraction.
Which STEADYWRK verification surfaces are machine-readable?
Four public, no-auth endpoints are published: /api/prove (proof index), /api/public/audit-receipts (append-only audit receipts), /api/dispatch/analytics/evals (rolling dispatch performance metrics), and /openapi.yaml (OpenAPI 3.1 spec). The AI decisioning policy at /ai-policy and the attestation surface at /proof/attestation provide human-readable posture backed by the same data.
How is STEADYWRK's AI decisioning policy documented?
The AI decisioning policy at /ai-policy lists every decision category — AI-made, AI-assisted, or human-only — with the quantitative escalation threshold (confidence < 70%) and the specific categories that are human-only regardless of confidence. The system card at /system-card documents intended use, limits, safety mitigations, and escalation paths. Both are public and machine-discoverable via JSON-LD structured data.
Dig deeper