Page 1 of 1

Customer Discovery Form - eyREACT Pilot Programme

AI regulation in Europe is moving fast, and AI startups, innovators, and builders are under growing pressure to prove compliance without slowing down innovation. Our pilot programme is designed to bridge that gap: giving teams a practical way to map their current AI landscape, uncover compliance bottlenecks, and use automation with human oversight to remove friction.

This questionnaire is a conversation starter. The goal is to capture how things work today, where the pain points lie, and what outcomes would make the biggest impact for your company.

Let's build a compliance platform built around real-world needs—yours!

Your name and company name:

Your best work email:

AI System Landscape

What types of AI/ML systems are you currently running in production?

Which frameworks and platforms do you use (e.g., TensorFlow, PyTorch, Hugging Face, MLflow, Kubeflow, SageMaker, Vertex AI)?

Are your models mostly trained in-house, fine-tuned from pre-trained models, or accessed via vendor APIs?

How do you currently deploy and monitor models in production?

Evidence Source and Documentation

Where do you currently store compliance-related documentation (model cards, training data documentation, risk assessments, audit reports)?

In what formats are these documents typically stored (PDF, CSV, JSON, YAML, Word, Confluence, Git, shared drives)?

Do you maintain a “compliance binder” or equivalent today? If yes, in what form (static docs, spreadsheets, internal wikis)?

How often do you update compliance evidence (continuously, quarterly, only for audits)?

Risk and Compliance Workflows

Who in your organisation is responsible for AI risk management and compliance (compliance manager, risk officer, project owner, team lead)?

How do you identify whether an AI system qualifies as high-risk under the EU AI Act (or similar regulations)?

Do you already maintain a risk register or use a probability/impact risk matrix? If yes, how?

What workflows exist for assigning risk owners and tracking mitigation actions?

How do you currently prepare for external audits or regulatory reviews?

Technical Integration Points

Would you prefer to upload compliance evidence:

Via an API integrated with your ML pipelines?

Via a manual upload through a web UI?

Both?

Would ingestion need to be batch-based (periodic sync) or event-driven (real-time push)?

Do you currently tag or classify documents by compliance requirement? If not, would automation here be valuable?

Do you already use any internal APIs or hooks that eyreACT could connect to?

Security and Governance Requirements

Are there restrictions on which vendors/tools can host compliance evidence?

What evidence retention requirements apply in your industry (e.g., how long must audit evidence be stored)?

Do you currently use immutable storage, cryptographic integrity checks, or other audit-grade evidence protections?

Pain Points and Priorities

What are the most time-consuming aspects of proving compliance today?

What formats do you need for reports (PDF, HTML, Excel)?

How often do you need to generate compliance reports (ad hoc, quarterly, annually)?

Would lightweight automated checks (PASS/FAIL against 3–5 key AI Act requirements) be useful, or do you need more detailed assessments?

If eyreACT could integrate seamlessly into your existing AI/ML workflows, what outcomes would be most valuable to you?

Who else in your organisation should be involved in discussions about compliance platform adoption (e.g., CIO, CISO, Head of AI, Risk/Legal team)?