Practice EU AI Act Work Security About Talk to us
August 2 enforcement. T minus --d --h
Regulatory readiness

EU AI Act ready
in 4 weeks.
Fixed fee.

A 4-week readiness assessment for 40 to 400 person companies. We produce your AI system inventory, gap analysis, risk classification, prioritized roadmap and a quick-wins memo your team can act on this week. €20,000 to €25,000 fixed fee. Refund clause if you don’t act on findings within 30 days.

Get the free worksheet → See the 4-week scope No call required for the worksheet
35M€

maximum fine, or 7% of global turnover

Regulation (EU) 2024/1689

78%

haven’t taken meaningful compliance steps

Vision Compliance, 2026

50%+

no complete inventory of AI systems in use

PwC, 2025

~10d

of your team’s time across 4 calendar weeks

Worklabs engagement

Who this is for

Two situations. Most clients land in one of them.

Situation 01

You haven’t started.

The deadline is real. The board is starting to ask. Your legal counsel has flagged it. You haven’t had time to scope the work. You’re not even sure which of your AI systems fall under the Act. You don’t have an inventory.

Situation 02

You started, then stalled.

Someone did a first pass. Maybe an external lawyer wrote a memo. There’s a 50-page document on SharePoint. Nothing has actually changed in operations. The deadline is close and nobody owns the next step.

If you’re in neither situation, you’re ahead of 78% of European mid-market. You probably don’t need us.

The 4-week scope

What you get, week by week.

Not a 50-page PDF that nobody reads. An action plan with named owners and weekly checkpoints.

Week 01 AI System Inventory

We map every AI system in use across the organization. Including shadow AI, the tools your team adopted without IT knowing. Each one is classified by risk tier per the Act.

Output Living AI System Inventory (Notion or Sheets), pre-classified.
Week 02 Gap Analysis

For each AI system, what the Act requires vs. what you have. Documentation, transparency, human oversight, data governance, conformity assessment status, vendor contract clauses.

Output Per-system gap report plus cross-cutting findings memo.
Week 03 Risk Classification & Roadmap

High-risk, limited-risk, minimal-risk. Obligations per category. Prioritized action plan with timeline, effort estimates and recommended owners.

Output Risk Classification Report plus 12-month compliance roadmap.
Week 04 Quick Wins & Handoff

Three things you can do this week to reduce exposure right away. Plus the executive briefing for the board and the 30-day check-in already on the calendar.

Output Quick Wins Memo plus Board Briefing Pack plus 30-day check-in.
Why buy this from us

vs. ChatGPT, your existing law firm, or a Big Four advisory.

Approach
What you get
Cost
ChatGPT prompt
A generic checklist of EU AI Act obligations. Doesn’t know your stack, your shadow AI, your vendor contracts, or your sector-specific risk.
€20 / mo
Your existing law firm
A legal memo on what the Act says. Excellent on legal interpretation. Limited on the operational gap because they don’t sit with your engineers.
€8 to €15K typical
Big Four advisory
A 60-page report with a maturity model and benchmarks. Strong on governance frameworks. Heavy on slideware. Senior partners sell, juniors deliver.
€80 to €150K typical
Worklabs
A 4-week working session with an operator who shipped governed AI in production at a PE-backed enterprise SaaS. Output is operational, not theoretical. Refund clause if you don’t act.
€20K to €25K fixed

If you need legal liability advice, you still want your law firm. We’re not lawyers, we’re operators. The two work well together.

The refund clause, explained

50% back if you don’t act on at least 3 findings within 30 days.

Most AI consulting engagements end with a report and a handshake. Six months later, nothing changed. That’s not the outcome we’re selling.

  1. Week 4 / Delivery. We hand off the assessment, the roadmap, the quick-wins memo. We schedule a 30-day check-in on the spot.
  2. Days 1 to 30 / Your team executes. The quick wins are designed to be do-able. You don’t need budget approval or external help for any of them.
  3. Day 30 / Check-in call. We review what’s been done. Three findings actioned or more, the engagement closes clean. Fewer, we refund 50% within 7 days. No negotiation.

The clause exists because we’re confident. We won’t recommend things you can’t act on.

Before you book a call

Get the self-assessment
worksheet. Free.

A 1-page diagnostic you can run with your team in 30 minutes. Identifies your AI risk tier, the 7 obligations that apply to most mid-market companies, and the 3 quick wins to start this week. Yours by email. No call required.

Sent within 5 minutes. One follow-up after 7 days. No sequence.

Common questions

About the assessment specifically.

How much of our time does this take?

Roughly 10 days of your team’s time spread across 4 calendar weeks. Two days of stakeholder interviews in week 1, two days of technical walkthroughs in week 2, one day of risk classification workshop in week 3, half a day of board briefing prep in week 4, plus async review of working documents. We do the heavy lifting between sessions.

Who else from our team needs to be involved?

Minimum: the AI or IT lead, one operational leader (typically COO or Head of Operations), and one risk, compliance or legal point of contact. The CFO or CEO joins for the kickoff and the board briefing. We can run it with as few as 3 people. Works better with 5 to 6.

What if we have AI systems we don’t know about?

That’s normal and it’s exactly what the inventory phase surfaces. Shadow AI, the tools individual team members adopted without IT, is one of the most common findings. We have a method for discovery that doesn’t require everyone to confess.

What if our AI systems are mostly low-risk?

That’s the most common finding for mid-market. Most systems fall under limited-risk or minimal-risk classifications. The obligations are lighter but still real (transparency, basic documentation). The assessment tells you what you do and don’t need to do, and often saves you from over-investing in compliance theater.

What if August 2026 has already passed?

The Act continues to apply and enforcement intensifies. If you’re reading this after August 2 and haven’t done the work, the assessment becomes a remediation assessment instead of a readiness assessment. The structure is the same. The urgency is higher.

Can you handle the actual remediation work?

Yes. That’s the Implementation phase from our practice page. If the assessment surfaces gaps that need building (logging infrastructure, governance workflows, vendor contract renegotiation), we can either run the remediation directly or scope it for your team to execute. The assessment is sold separately so you’re not locked in.

Do you offer this in Spanish, Italian or French?

Yes. The deliverables come in the language your team works in. If your board reads in English and your operations team works in Spanish, we produce both.

Are you lawyers?

No. We’re operators with experience shipping governed AI in production. The assessment is operational and architectural, not legal. For liability questions, pair this work with a specialist EU AI Act lawyer. We work alongside legal counsel and can refer you to lawyers we trust if helpful.