Annex IVTechnical documentation from live systems

Stop losing enterprise deals to a compliance questionnaire.

Evidence-based Annex IV documentation generated from your live ML systems — so your security review doesn't stall your sales cycle.

Run the free readiness checkJoin the waitlist

Reads your stack via REST & ASTNo model weights leave your infraEU-hosted

modeldocs scan · candidate-rankerlive
The deal blocker

Your buyer's security team asked for your Annex IV technical file. You have a spreadsheet.

What you sent

A self-attested questionnaire and a slide that says "AI Act: in progress." The reviewer can't verify any of it, so it gets escalated.

// status: blocked in security review

What closes the deal

A complete Annex IV technical file where every claim points to evidence the reviewer's own engineers would recognise — runs, metrics, code paths.

// status: passed, contract signed
6–11 weeks

is what a stalled high-risk-AI security review adds to an enterprise sales cycle — usually right before the quarter closes. Documentation is the bottleneck, not the product.

The difference

Assertion-based vs. evidence-based.

Everyone else turns a questionnaire into a PDF. We read your live systems and map real artefacts to the exact Annex IV sections that require them.

Questionnaire toolsSelf-attested
Q14Does the system undergo validation and testing before deployment?
YesNoPartially
Q15Describe your design specifications and architecture choices.
"We follow standard ML best practices and review models before release…"
Generated output: "The provider asserts that validation and testing are performed."
modeldocsEvidence-linked
$ modeldocs map --section 2g
 
§2(g) validation and testing
evidence:
eval/holdout_metrics.json
auc=0.834 recall@10=0.71
fairness/ selection_rate by group
source:
mlruns/9f2c1a/metrics
registry://candidate-ranker/3
verified: 2026-05-02 · re-scan on retrain
Each line resolves to an artefact a reviewer's engineers can open and check.
How it works

Connect once. Map automatically. Stay current.

The scanner reads metadata and source — never weights or training data — and keeps the technical file in sync as your models change.

STEP 01

Connect

Point the open-source scanner at your stack. It reads run metadata over REST and your repos via static analysis — read-only, inside your infra.

MLflow RESTModel registryPython AST
STEP 02

Map

Every artefact is matched to the Annex IV section that requires it — design specs, data governance, validation, monitoring — with the source reference attached.

§2(b) design§2(g) validation§3 monitoring
STEP 03

Maintain

Models retrain and documentation decays. modeldocs re-scans on every change and flags the sections that drifted — so the file is true the day a buyer asks.

Free, no signup

Annex IV Readiness Check

Nine questions about your ML stack and deployment. Get an instant risk score and the three documentation gaps most likely to stall your next enterprise review.

Run the readiness check
9 questions~2 min to complete0 data stored
65/100
sample readiness score
Do you track experiments in MLflow or similar?
Are validation metrics versioned with the model?
Is there a documented post-market monitoring plan?
Who it's for

Built for EU AI Providers under Annex III.

// primary user

Technical founders, CTOs & ML leads at 20–100 person EU SaaS companies.

Specifically HR-tech and recruitment platforms that are Providers of high-risk AI — automated screening, ranking and matching of candidates. You're technical, you're time-poor, and you have no patience for compliance theater.

Annex III · §4(a) employment & worker management
You ship AI that screens, ranks or matches candidates.That puts you squarely in the high-risk category.
Your enterprise buyers run a vendor security review.And it now includes your AI Act technical file.
You'd rather connect a system than fill in a form.Evidence from your stack beats a 60-page self-assessment.
EU-hostedData stays in the EU
Open-source scannerRead and audit the code
Your code never leaves your infraReads metadata via REST & AST only
Early access

Get your technical file out of the way.

Join the waitlist and we'll onboard EU AI Providers in cohorts. Tell us what you build and we'll prioritise the integrations you need.

No spam. One email when your cohort opens. Unsubscribe in one click.

We store your work email to manage waitlist access. No data is shared with third parties.