HATS and the EU AI Act

The EU AI Act (Regulation (EU) 2024/1689) establishes the world's first comprehensive regulatory framework for artificial intelligence. For providers and deployers of high-risk AI systems, the Act requires risk management, data governance, technical documentation, record-keeping, transparency, human oversight, accuracy, robustness, and cybersecurity. The challenge is not understanding what the Act requires; it is producing verifiable evidence that those requirements are being met on a continuous basis.

HATS is a publicly available technical conformance standard for continuous AI trustworthiness; certification under HATS provides independently verifiable evidence that a system satisfies the standard's defined controls. This document maps HATS capabilities to specific EU AI Act articles and explains how HATS attestation data can serve as evidence of compliance with the Act's requirements.

This document is not legal advice. Organizations subject to the EU AI Act should consult qualified legal counsel regarding their specific obligations.

Article 9: Risk Management System

Article 9 requires providers of high-risk AI systems to establish, implement, document, and maintain a risk management system. The system must identify and analyze known and reasonably foreseeable risks, estimate and evaluate risks that may emerge when the system is used in accordance with its intended purpose, and adopt appropriate and targeted risk management measures.

HATS addresses Article 9 through its continuous verification architecture. HATS Domain 5 (Operational Security) checks 17-20 verify that logging, incident response, configuration baselines, and monitoring infrastructure are operational. These checks produce a continuous record of risk management system functionality. When a regulator asks for evidence that a risk management system was operational during a specific period, the HATS attestation chain provides timestamped, cryptographically signed proof for each component of that system.

The Act also requires that the risk management system be a continuous iterative process run throughout the entire lifecycle of a high-risk AI system. HATS directly implements this requirement. The attestation chain is a continuous, iterative record that spans the entire lifecycle. Unlike periodic assessments that produce a snapshot, HATS produces a time series that demonstrates continuous operation.

Article 10: Data and Data Governance

Article 10 establishes requirements for training, validation, and testing data sets. These data sets must be subject to appropriate data governance and management practices addressing data collection, data preparation, formulation of relevant assumptions, prior assessment of availability and suitability of data sets, examination in view of possible biases, and identification of any possible data gaps or shortcomings.

HATS Domain 2 (Data Protection) checks 5-8 verify encryption, key management, and backup integrity for data at rest and in transit. For AI systems, these checks can be configured to verify the integrity of training data stores, the access controls on validation data sets, and the encryption of model artifacts. The attestation chain provides evidence that data governance controls were operational throughout the data lifecycle.

HATS does not directly assess data quality, bias, or representativeness, as these are domain-specific assessments that require human judgment. However, HATS can attest that the processes and tools used for bias assessment and data quality monitoring were operational and producing results, providing a continuous audit trail of the data governance process.

Article 11: Technical Documentation

Article 11 requires that the technical documentation of a high-risk AI system be drawn up before the system is placed on the market or put into service and kept up to date. The documentation must contain all relevant information to demonstrate conformity with the requirements set out in the regulation.

HATS does not generate technical documentation. However, the HATS attestation chain itself constitutes a form of technical evidence that supplements documentation. The chain provides a machine-readable, independently verifiable record of system behavior over time. For regulators who need to verify that the system described in the documentation is the system actually operating, the HATS attestation chain provides the bridge between documented intent and operational reality.

Article 12: Record-Keeping

Article 12 requires that high-risk AI systems be designed and developed with capabilities enabling the automatic recording of events (logs) over the lifetime of the system. Logging capabilities must conform to recognised standards or common specifications and ensure a level of traceability of the AI system's functioning throughout its lifecycle that is appropriate to the intended purpose.

This is where HATS provides its strongest alignment with the EU AI Act. The HATS attestation chain is, by design, a cryptographically secured automatic recording of events over the lifetime of the system. Each attestation record is a log entry that records what was checked, when it was checked, what the result was, and who performed the check. The chain structure ensures that logs cannot be modified, deleted, or reordered without detection. The post-quantum signatures ensure that the log integrity is maintained against future computational threats.

HATS Check 17 specifically verifies that logging infrastructure is operational and that log integrity is protected. This creates a self-referential property: the HATS chain records that the logging system (including the HATS chain itself) is operational and tamper-evident.

The Act requires that logs be available to deployers and, upon request, to national competent authorities. HATS attestation chains can be exported in a standard format and shared with deployers and regulators. The recipient can independently verify the chain integrity using the tools provided in the Conformance Suite.

Article 13: Transparency and Provision of Information to Deployers

Article 13 requires that high-risk AI systems be designed and developed in such a way as to ensure that their operation is sufficiently transparent to enable deployers to interpret the system's output and use it appropriately.

HATS contributes to transparency through its verification and replay capabilities. Deployers can query the HATS attestation chain to understand the operational state of the AI system at any point in time. The replay mechanism provides deterministic answers to questions about system behavior, control state, and operational parameters. This is not a substitute for model interpretability, but it provides operational transparency that complements technical interpretability measures.

Article 14: Human Oversight

Article 14 requires that high-risk AI systems be designed and developed in such a way as to be effectively overseen by natural persons during the period in which the AI system is in use. Human oversight measures must be identified and implemented by the provider, or identified as possible by the provider and implemented by the deployer.

HATS supports human oversight by providing the data necessary for oversight to be effective. A human overseer who has access to real-time HATS attestation data can monitor whether the system's controls are operating as intended, whether anomalies have been detected, and whether any control has degraded or failed. HATS Gateway nodes provide the API for integrating attestation data into oversight dashboards and alerting systems.

HATS Check 18 verifies that incident response automation is functional. This ensures that when human oversight identifies an issue requiring response, the automated response mechanisms are available and operational. The attestation chain records the verification of these mechanisms, providing evidence that the human oversight framework was supported by functional infrastructure.

Article 15: Accuracy, Robustness, and Cybersecurity

Article 15 requires that high-risk AI systems be designed and developed in such a way as to achieve an appropriate level of accuracy, robustness, and cybersecurity, and perform consistently in those respects throughout their lifecycle.

On cybersecurity specifically, the Act states that the systems shall be resilient as regards attempts by unauthorized third parties to alter their use, outputs, or performance by exploiting system vulnerabilities. HATS directly addresses this requirement through its 20 verification checks, which collectively verify the cybersecurity controls protecting the AI system. The continuous attestation model ensures that cybersecurity is not verified once at deployment but continuously throughout the system's lifecycle.

HATS Domain 3 (Network Security) checks 9-12 verify network segmentation, ingress and egress filtering, and DNS protection. Domain 4 (Application Security) checks 13-16 verify application versioning, API security, secrets management, and web application firewall configuration. Together, these checks address the cybersecurity surface area of an AI system and provide continuous evidence of protection.

The Act also requires resilience against errors, faults, or inconsistencies that may occur within the system or the environment in which the system operates. HATS Check 19 (configuration drift detection) and Check 20 (self-referential integrity) address this requirement by detecting changes in the system environment that might affect accuracy or robustness and by ensuring that the monitoring infrastructure itself is functioning correctly.

Article 17: Quality Management System

Article 17 requires providers of high-risk AI systems to put a quality management system in place that ensures compliance with the regulation. The quality management system must be documented in a systematic and orderly manner in the form of written policies, procedures, and instructions.

HATS provides the technical verification layer of a quality management system. While HATS does not replace the organizational policies and procedures required by Article 17, it provides the mechanism for continuously verifying that those policies and procedures are producing the intended results. The attestation chain serves as the automated evidence of quality management system effectiveness.

Article 26: Obligations of Deployers

Article 26 requires deployers to use high-risk AI systems in accordance with the instructions of use, monitor the operation of the system on the basis of the instructions of use, and inform the provider or distributor of any serious incident or any malfunctioning.

For deployers, HATS provides the monitoring capability required by Article 26. By deploying HATS verification nodes configured for the AI system in question, deployers create a continuous record of system operation. This record demonstrates compliance with the monitoring obligation and provides the data necessary to identify serious incidents or malfunctions.

Article 61: Post-Market Monitoring

Article 61 requires providers to establish and document a post-market monitoring system that is proportionate to the nature of the AI technologies and the risks of the high-risk AI system.

HATS directly implements post-market monitoring for the cybersecurity and operational integrity dimensions of AI system risk. The continuous attestation model means that post-market monitoring begins automatically when the system is deployed and continues throughout its operational lifetime without interruption.

Implementation Guidance

Organizations seeking to use HATS as part of their EU AI Act compliance program should: (1) identify the HATS conformance level appropriate to their risk classification; (2) deploy HATS verification nodes covering the checks relevant to their AI system; (3) maintain the attestation chain throughout the system lifecycle; (4) configure chain anchoring to meet the evidence retention requirements of their national competent authority; and (5) ensure that attestation data is available for export in the standard HATS format for regulatory review.

HATS addresses the technical verification and evidence dimensions of EU AI Act compliance. It does not address the organizational, procedural, or domain-specific requirements. A complete compliance program will combine HATS with appropriate organizational policies, domain-specific assessments, and qualified legal guidance.

For the full HATS specification, see the HATS Standard. For implementation tools, see the Conformance Suite. For how HATS integrates with insurance underwriting, see the Attested Risk Addendum.