Tamper-evident inference records, a human-oversight queue, and audit-grade exports for every Article 12, 13, 14, and 26 obligation under the EU AI Act. Built for banks, insurers, and high-risk AI deployers facing the August 2026 enforcement trigger.
CB-12 sits beside your model serving infrastructure. Every inference and every human override is captured, hashed, and signed. The compliance officer gets a queue. The auditor gets a forensic export.
Every inference event logged with dual HMAC receipt chain. Hash-linked, append-only, exportable as forensic evidence. Tamper attempts visible at verification time.
Subject-facing notices generated per inference. Model card and intended-use disclosure surfaced to the human-in-the-loop reviewer alongside every flagged decision.
Oversight queue with role-bound reviewer dashboard. Stop, override, or escalate per decision. All reviewer actions captured into the same hash-chained ledger.
Data-subject dossier generation. Right-to-explanation responses. Incident reporting export. The full compliance evidence pack a Notified Body would request.
CB-12 was built specifically against the EU AI Act's high-risk classification and General Purpose AI obligations. It works as an inline appliance, an SDK in your inference path, or a hosted compliance endpoint — whichever your architecture allows.
Credit scoring, fraud detection, underwriting, claims AI — all high-risk under Annex III. CB-12 produces the audit trail your MaRisk officer, FCA / BaFin / ACPR examiner, or Notified Body needs.
Resume screening, interview AI, performance evaluation systems. CB-12 captures the model inputs, outputs, and human-override decisions required for Annex III(4) compliance.
Triage, diagnostic support, medical device AI. CB-12 evidence chains complement MDR/IVDR documentation, and the human-oversight queue maps directly to clinical review workflows.
CB-12 was designed around real customer-conversation profiles — not hypotheticals.
Latest run of the CB-12 Article-12-through-26 compliance test suite, 2026-05-16.
$ pytest tests/ -v
================================ test session starts ================================
platform win32 -- Python 3.12.6, pytest-8.3.2, pluggy-1.5.0
rootdir: /whl/compliance_box_cb12
collected 77 items
tests/test_article12.py::test_record_inference_appends_to_chain PASSED [ 1%]
tests/test_article12.py::test_dual_hmac_chain_validation PASSED [ 2%]
tests/test_article12.py::test_pseudonymization_deterministic PASSED [ 3%]
tests/test_article13.py::test_transparency_template_generation PASSED [ 5%]
tests/test_article14.py::test_oversight_queue_priority PASSED [ 7%]
tests/test_article14.py::test_sla_sweep_auto_escalation PASSED [ 9%]
tests/test_article26.py::test_subject_dossier_generation PASSED [ 11%]
tests/test_receipts.py::test_chain_tamper_detection PASSED [ 14%]
...
============================ 77 passed in 7.47s ============================Verified live: All 77 tests pass, including the dual-HMAC chain tamper-detection test. Full curl end-to-end trace from /infer through /article26 to chain verification captured and on disk.
Six-week pilot programs available for qualified EU-regulated deployers. Includes deployment, model integration, reviewer onboarding, and a forensic export demonstration with your compliance team.