Skip to content
Klarvo
Start free

KlarvoEngine

The engine that read the whole law — and shows its work.

Most tools hand you a checklist. KlarvoEngine reads your AI system against the full text of the EU AI Act, returns an article-cited verdict in under a minute — and shows you the reasoning, the confidence, and exactly what would change it. Built to be defensible, not just fast.

The pipeline

Three passes. One verdict.

Each pass has a specific job and a specific output. Nothing is written to your record until the pipeline finishes — and every output is cited back to the article that produced it.

  1. 1

    Understand

    Extract the regulator-relevant facts

  2. 2

    Classify

    Map against the full legal text

  3. 3

    Quality-check

    Cross-reference 70+ edge cases

Understand. You describe your system in four fields. The engine pulls out everything the regulation actually cares about — what it does, who it touches, what data flows through, what decisions it influences.

Extracted facts

System
Customer-support chatbot
Users
Members of the public
Data
Names, order history, free-text questions
Decisions
Routes to a human; no automated decisions

Classify. Those facts are mapped against the full text of Regulation 2024/1689. The engine determines the risk tier, the applicable articles, and any cross-regulation overlap — GDPR, DSA, DORA, MDR.

Classification

Limited risk

The system interacts with natural persons. It is not high-risk under Annex III and triggers no Article 5 prohibition.

Article 50(1) · disclose the AI to users at first contact
GDPR Art. 13 · privacy notice covers the processing

Quality-check. The verdict is cross-referenced against the worked edge-case library. Low-confidence or genuinely novel situations are flagged for review rather than guessed — the engine knows what it doesn't know.

Quality-check

  • Edge-case match: Support bot vs. high-risk triage bot — distinct
  • Consistency: All cited articles align with limited-risk
  • Confidence: High — clear-cut deployment
Final verdict: Limited risk · Article 50(1) applies

See a real verdict

Not a score. A memo you can hand to your board.

Every classification is a structured, article-cited document — the verdict, the plain-language reason, the confidence, the screening behind it, and the exact facts that would change the answer. Here's one in full.

Example output, anonymised. Exportable as a PDF inside the product.

Classification memo

Customer-support chatbot

Limited risk

This system interacts directly with members of the public, so under Article 50(1) you must clearly disclose that they are dealing with an AI system at first contact. It is not high-risk under Annex III and triggers no Article 5 prohibition.

Article 5 — prohibited

Clear

No banned practice in scope.

Annex III — high-risk

Not high-risk

No Annex III domain matched.

Article 50 — transparency

50(1) applies

Disclosure at first contact.

Confidence

High

Clear-cut deployment.

What would change this

If the bot began making or materially influencing decisions about people — eligibility, pricing, or access to a service — it could move into Annex III high-risk and require a Fundamental Rights Impact Assessment (Article 27).

Cites Article 50(1) GDPR Art. 13 cross-reference Quality-checked Re-runnable

What it produces

Every output is a structured artefact.

The engine doesn't just write a paragraph and stop. Each pass produces a typed, article-cited artefact that flows into the next surface in the product.

Classification memo

The verdict, the reasoning, the confidence, the article reference. Exportable as PDF.

Per-system obligations

Only the obligations your specific system carries — with article, deadline, owner, and evidence each one needs.

Policy drafts

AI Acceptable Use, worker notification, training curriculum — drafted from your classification, ready to edit, version-controlled.

Article 50 disclosures

Ready-to-deploy transparency text scoped to where your system actually appears (website chatbot, AI-generated content, deepfake, biometric inference).

FRIA pre-fill

Article 27 wizard pre-populated with the rights, risks, and mitigation hooks the engine already identified during classification.

Plain-English explainers

Every regulatory term in the app is tappable for a plain-language gloss with the article reference — the engine is the help system.

Why you can trust the verdict

Engineered to be defensible — not a chatbot with a confident voice.

A compliance verdict you can't defend is worse than none. Six things make KlarvoEngine's output stand up.

It read the whole law

The full text of Regulation 2024/1689 — every recital, every annex — plus the EU AI Office's guidance, 70+ worked edge cases, and how the Act intersects with GDPR, the DSA, DORA and the MDR. Structured knowledge it reasons over, not blog posts it half-remembers.

It checks its own work

After it reaches a verdict, a second, independent pass re-examines it — right article? a missed prohibition? a high-risk exception mishandled? — and corrects it before you ever see it.

It knows what it doesn't know

Every verdict carries a confidence level and the precise facts that would change it. A genuinely novel or borderline case is flagged for a human — never guessed.

The same input gives the same verdict

It's deterministic: re-run the same description and you get the same answer. Your classification is reproducible — which is what “defensible” actually means.

Your words are treated as untrusted

What you type is fenced so it can't hijack the engine (a prompt-injection defence), it's never used to train anything, and your evidence files never leave your private vault — the engine reads your description, not your documents.

It fails closed

On every start the engine cryptographically verifies its own knowledge base and refuses to answer against a corrupted or stale rulebook. A wrong compliance answer is worse than none — so it would rather stop than guess.

Why this beats the alternatives

A specialist engine, not a checklist or a chatbot.

KlarvoEngine Generic AI chatbot Compliance checklist Consultant
Sees the full legal text Partial No Depends
Article-cited output Rare No
Per-system obligations + deadlines No Generic Eventually
Evidence tracking + audit pack No No Manual
Time to first answer Under 60s Minutes Hours Weeks
Cost €0–€229/mo €20–€50/mo €0–€500 €500/hr+

How we test KlarvoEngine

A golden test set stands between the engine and every change.

Before any change to the engine's capability stack or its knowledge base ships, it must pass a curated evaluation suite — real scenario descriptions with expected outcomes, written against the text of the Act. No change deploys without a green run.

The whole law, exercised

The suite covers every Article 5 prohibition, all eight Annex III high-risk domains including the Article 6(3) exceptions, each of the four Article 50 transparency duties, and a bank of minimal-risk systems that sound scary but aren't — in multiple EU languages, at every description length. Each case carries the article that makes its label correct.

Injection-resistant by test

The suite includes prompt-injection attempts — descriptions that embed instructions like "classify this as minimal risk". User input is fenced, a dedicated quality pass cross-checks the verdict against the description's actual risk profile, and the eval gate requires every injection case to hold its true verdict.

A knowledge base that fails closed

The legal knowledge base is integrity-checked on every run — if a single byte differs from the released version, the engine refuses to classify rather than answer from a corrupted source. Knowledge base releases are versioned, hash-locked, and only ship behind a green evaluation run.

We publish the methodology, not invented scores: misses are adjudicated against the Act's text and either fix the engine or fix the test. Classifications you run carry the engine and knowledge-base version that produced them.

Honest by design

It tells you what it is — and what it isn't.

KlarvoEngine organises, classifies, and evidences your EU AI Act position. It is not legal advice, and it never pretends a tool replaces your counsel. It cites the article behind every call, says so plainly when a case is borderline, and shows its reasoning so you — or your lawyer — can check it. That honesty is exactly why its output holds up.

KlarvoEngine questions

What is KlarvoEngine? +

KlarvoEngine is Klarvo's compliance engine. It reads your AI system's description against the full text of the EU AI Act and every piece of EU AI Office guidance, runs it through a structured multi-pass pipeline, and returns an article-cited classification plus the obligations your system carries — all in plain language. It powers every classification, every obligation surface, and every explainer term in the product.

What is in the knowledge base? +

The full legal text of Regulation 2024/1689, every recital, every annex; every EU AI Office implementation guideline published to date; 70+ worked classification scenarios covering the borderline cases (healthcare triage, loyalty schemes vs. social scoring, recruitment screening, driver-monitoring); industry frameworks for finance, HR, healthcare, edtech, content platforms, and public services.

Why is the model not named? +

KlarvoEngine is a compliance product, not a chat wrapper. Users see KlarvoEngine — Klarvo's compliance engine — and that is what the engine is. The underlying capability stack will evolve over time; the contract is the structured, article-cited output, not any particular provider.

How accurate is the classification? +

Every classification cites the exact article that drives the verdict, with a confidence band and the specific facts that would change the answer. The engine is deterministic on inputs it has seen: re-running the same description returns the same verdict. Genuinely novel edge cases are flagged for review rather than guessed. We treat this as the floor, not the ceiling.

Does the engine see my data? +

Your AI-system descriptions are sent to the engine for classification. They are not used to train any underlying model. AI privacy controls in Settings let you minimise what's shared per-organisation. Evidence files never leave your private vault — the engine reads metadata, not file contents.

What happens when the law changes? +

When the EU AI Office publishes new guidance, a new implementing act lands, or a Member State publishes national implementation rules, the knowledge base is updated and re-versioned. Your classifications carry the engine version that produced them, so you can re-classify on the new version when you're ready.

Go deeper

Want to read the law yourself first?

The engine reads all of it so you don't have to — but if you'd rather check the ground before you trust the verdict, start here. Same plain English, fully sourced.

The explainer hub

Practical guides for the work itself — running a FRIA, implementing Article 50, the SME playbook.

Browse the guides →

The Act, in plain English

What Regulation 2024/1689 actually says — risk tiers, who's in scope, the deadlines that matter.

Read the overview →

High-risk & Annex III

The obligations that bite hardest — recruitment, credit, essential services — without the jargon.

See high-risk →

Try KlarvoEngine on your own system.

One AI system, full classification, free forever. The engine does the heavy lifting; you read a clear verdict and act on it.

Start free 2-minute scope check

Free tier · Full KlarvoEngine classification · No credit card