Geo wedge - EU AI Act

EU AI Act-Ready AI Teammate: High-Risk Classification, Transparency, Logging

An EU AI Act-ready AI teammate handles caller-transparency disclosure, retains full conversation logs for the regulated retention window, keeps human oversight on consequential decisions, and supports the documentation needed for high-risk classification under Regulation (EU) 2024/1689. Ainora is built with these requirements in mind.

This page describes Ainora as a product built with EU AI Act requirements in mind

It does not offer AI Act audits, conformity assessments, or legal advisory services. CTAs on this page are “book a demo” - not “audit my compliance” or “review my AI Act readiness”. Consult qualified legal counsel or a notified body for conformity assessment decisions specific to your organisation.

Book a 20-min demo Call Jessica: +1 (218) 636-0234

See providers compared →

Disclosure

Automated-call disclosure on every inbound call

Source: EU AI Act, EUR-Lex

Audit logs

Full conversation logs retained per workspace policy

Human oversight

Binding decisions stay with human teammates

EU residency

Logs and audio stored in EU regions only

Why Is “AI Act Compliance” Mostly Empty Marketing Today?

The EU AI Act, Regulation (EU) 2024/1689, was published in 2024 and is being phased in through 2026 and 2027. It is the first horizontal AI regulation of its scale globally. See the European Commission's AI regulatory framework page and the Article-by-Article navigable reference for the regulatory text.

Most AI agent vendors selling into Europe today either say nothing about the AI Act or say something vague. There are three reasons.

First, the obligations vary sharply by risk class. The Act sorts AI systems into prohibited, high-risk, limited-risk, and minimal-risk categories. The obligations on a high-risk system (conformity assessment, technical documentation, post-market monitoring, registration) are very different from those on a limited-risk system (transparency disclosure to the user). A vendor cannot make a single “AI Act compliant” claim across all customer use cases.

Second, voice agents calling consumers sit in a borderline area. Depending on the use case, an outbound voice agent may be classified as high-risk (if it influences consequential decisions on credit, employment, essential services) or as limited-risk (if it provides information, books appointments, takes service requests). The classification is the customer's responsibility for their use case; the vendor's responsibility is to provide a product that supports either path.

Third, the customer-facing transparency requirement is concrete and enforceable now. Article 50 of the AI Act requires that a person interacting with an AI system is told they are interacting with one. Voice agents must disclose. Many vendors handle this; few address it on a marketing page.

What Does the AI Act Actually Ask of Voice Agents?

The AI Act is a long regulation. For voice and ops AI agents specifically, four obligation areas dominate the practical picture. The European AI Office publishes the implementing guidance that fills in the regulatory text.

Transparency to the natural person (Article 50). A user interacting with an AI system must be informed that they are doing so, unless the interaction is obvious from the context. For voice agents calling consumers - debt collection, appointment reminders, lead qualification - the disclosure is required and must be audible at the start of the interaction.

High-risk classification (Annex III). Annex III lists categories that trigger high-risk classification: credit scoring, recruitment screening, essential services, law enforcement, etc. If a voice agent is used to make or substantially influence one of these decisions, the system is high-risk and triggers the full Article 9-15 obligation set: risk management system, technical documentation, record-keeping, transparency, human oversight, accuracy and cybersecurity. If the same agent is used for appointment booking or general customer service, it is limited-risk and only Article 50 disclosure applies.

Human oversight (Article 14). High-risk systems must be designed so a human can intervene, override, and stop the system. For Ainora, this is the escalation pattern: the agent screens, schedules, and summarises; binding decisions stay with human teammates the customer designates.

Logging and record-keeping (Article 12). High-risk systems must keep automatic logs of relevant events for a period that allows post-market monitoring and conformity assessment. The vendor must support full conversation logging, retrieval, and retention controls.

How Is Ainora AI Act-Ready by Design?

Article 50 disclosure built in

Every inbound call begins with an automated-call disclosure. Phrasing configurable per language and per customer regulator.

Full conversation logs

Audio, transcript, and tool-call trace retained per workspace policy. Retrievable for the AI Act's record-keeping window.

Human oversight by design

Voice agents screen, schedule, summarise, and escalate. Binding decisions (credit, employment, claim approval) stay with human teammates the customer designates.

EU residency for logs

Audit logs and call recordings stored in EU regions only. No US transfer of records that might be subject to AI Office or national supervisory authority access.

Documentation support for high-risk use cases

When a customer's use case falls into Annex III high-risk categories, we supply architecture documentation, data-flow diagrams, and security annex to support their conformity assessment.

Honest Read: Who Discusses the AI Act Concretely?

	US enterprise platforms	DACH vendors	Altis	Ainora
Article 50 disclosure on calls	Inconsistent	Yes (voice product)	N/A (no voice)	Yes
Annex III high-risk awareness	Rarely on marketing page	Some	Not addressed	Yes - addressed on this page
Article 14 human-oversight pattern	Varies	Generally yes	Slack-mediated	Yes (escalation by design)
Article 12 logging	Yes	Yes	Yes	Yes (EU residency)
AI Office tracking	Not visible	Some	Not visible	Yes - followed and reflected in product
Documentation support for conformity assessment	Enterprise tier	Some	N/A	Yes

Comparison reflects publicly available product positioning as of 2026-05-05. Sources: each vendor's own product pages.

Honest framing

Few competitors discuss the AI Act concretely on their marketing pages today. That is partly because enforcement is still standing up and partly because public confusion about the Act creates a temptation to either overclaim or stay silent. Ainora's position is to be specific about what we do - Article 50 disclosure, full logging, human oversight, EU residency, documentation support - without overclaiming a “fully AI Act compliant” badge that no vendor can credibly issue while implementing acts and standards are still being published.

Where Does AI Act Posture Determine the Vendor Choice?

Debt collection

Borderline high-risk depending on consequential effect on the debtor

Recruiting and HR screening

Annex III high-risk category

Healthcare clinics

Limited-risk (appointment booking) but adjacent to high-risk medical-device territory

Customer success and renewals

Limited-risk; Article 50 disclosure is the headline obligation

Sales ops

Generally limited-risk; transparency is the headline obligation

Related geo-wedge pages:

Europe Baltic + CEE Multilingual AI Teammate GDPR-Compliant Providers compared

Frequently Asked Questions

Classification depends on the customer's use case, not the vendor. Annex III lists the high-risk categories: credit scoring, recruitment, essential services, law enforcement, and similar. If the customer uses Ainora to screen for one of those decisions, the system is high-risk and the full Article 9-15 obligation set applies. If the customer uses Ainora for appointment booking or general customer service, the system is limited-risk and Article 50 disclosure is the relevant obligation.

A clear automated-call disclosure at the start of every inbound call. Phrasing is configurable per language and per regulator and reviewed against Article 50 wording. The customer's compliance team approves the final phrasing for their workspace.

Retention is configurable per workspace. The default is 12 months for transcripts and 90 days for audio. Customers with high-risk use cases typically extend retention to match their risk management plan.

EU regions only. No US transfer. The specific regions are named in the Data Processing Agreement.

We supply the architecture documentation, data-flow diagrams, model card information, and security annex that the customer needs to feed into their conformity assessment. We do not perform the assessment ourselves - that is a regulated activity for the customer or their notified body.

Ainora is built on top of general-purpose models supplied by major model providers. Those providers carry the GPAI obligations under the Act. Our obligation is to be transparent about our model-provider relationships in the DPA and sub-processor list.

We track AI Office publications and the European Commission's AI implementation pages. When implementing acts or standards land, we update the product and notify customers in writing of any change to the product's regulatory posture.

Justas Butkus

Founder & CEO, AInora

Building AI digital administrators that replace front-desk overhead for service businesses across Europe. Previously built voice AI systems for dental clinics, hotels, and restaurants.

View all articles

Ready to try AI for your business?

Hear how AInora sounds handling a real business call. Try the live voice demo or book a consultation.

Try Voice Demo Book Consultation