What is KlarvoEngine?

KlarvoEngine is Klarvo's regulatory intelligence engine. It analyses your AI system through a 3-pass classification pipeline and produces an article-cited compliance memo with obligations, deadlines, and recommended controls — in under 60 seconds.

What is the EU AI Act?

The EU AI Act (Regulation 2024/1689) is the world's first comprehensive AI regulation. It classifies AI systems by risk level and imposes obligations on providers and deployers of AI systems operating in the EU.

Any organisation that provides or deploys AI systems affecting people in the EU — regardless of where the organisation is based. This includes websites with AI chatbots, companies using AI analytics, and businesses integrating AI models into their products.

Prohibited AI practices have been enforceable since February 2025. GPAI model obligations since August 2025. Article 50 transparency and most remaining obligations apply from August 2, 2026.

What are the penalties?

Up to €35 million or 7% of global turnover for prohibited practices. Up to €15 million or 3% for transparency and other violations. For SMEs, the penalty is whichever amount is lower.

Evidence Request Workflows

Evidence requests are a structured way to ask a specific team member to upload a specific piece of documentation. They're more targeted than general tasks — they specify exactly what evidence is needed, which control it supports, and who should provide it.

How Evidence Requests Work

Request Created → Notification Sent → Evidence Uploaded → Request Fulfilled ↘ Overdue → Reminder Sent

Creating an Evidence Request

Auto-Generated Requests

The AI System Wizard automatically generates evidence requests based on your classification:

Classification Result

Auto-Generated Requests

Any system

"Upload vendor documentation" (if vendor-based)

Transparency obligations

"Upload transparency notice screenshot"

High-risk candidate

"Upload oversight SOP," "Upload instructions for use," "Upload log retention evidence"

FRIA required

"Upload DPIA reference" (if applicable)

Manual Requests

Navigate to the AI System or Control

Click Request Evidence

Fill in:

- What's needed: Description of the specific document (e.g., "Vendor's SOC 2 Type II report for the current audit period")

- Who should provide it: Select a team member

- Due date: When you need it

- Linked control: Which control this evidence supports

Click Send Request

Fulfilling a Request

The assignee receives a notification (in-app + email if enabled) with:

What evidence is requested

Which AI system and control it's for

Due date

Direct link to upload

To fulfill:

Click the link in the notification (or navigate to Tasks → Evidence Requests)

Upload the requested file

The evidence is automatically linked to the specified control

The request status updates to "Fulfilled"

Tracking Requests

Track all evidence requests in:

Tasks page: Filtered view of evidence request tasks

AI System detail: Evidence tab shows pending requests

Control detail: Shows which controls are awaiting evidence

Overdue Handling

When an evidence request passes its due date:

The assignee receives a reminder notification

The request appears in the dashboard's Compliance Alerts

The Compliance Owner or Admin can reassign or escalate

Best Practices

🎯 Be specific: "Upload the vendor's SOC 2 report" is better than "Upload security docs"

📅 Set reasonable deadlines: Some evidence (like vendor certifications) takes time to obtain

🔗 Link to controls: Always specify which control the evidence supports

📬 Follow up: If a request is overdue, reach out directly to the assignee

📋 Use for onboarding: When a new system owner joins, send evidence requests for everything they need to provide