Fencia analyzes technical documentation and detects compliance risks under the EU AI Act, GDPR and ISO 42001.

What documents can I scan?

PDF, DOCX and TXT files up to 25 MB: technical specifications, model cards, risk assessments, privacy policies.

Does Fencia replace legal advice?

No. Fencia is a RegTech support tool. It does not replace professional legal advice. Human review is recommended for final decisions.

TLS 1.3 + AES-256 encryption. GDPR-compliant European infrastructure. Minimal retention. Your documents are never used to train models.

Sample report · Anonymized example data

Not real data · For illustration only

technical-specification-v2.pdf·EU AI Act · GDPR · ISO 42001

Compliance Analysis Report

Fencia compliance scan · Flash mode · Sample data

Warning

EU AI Act

4 gaps

GDPR

1 gap

ISO 42001

0 gaps

Total findings

The technical specification presents significant gaps in risk management documentation and transparency obligations required for high-risk AI systems under the EU AI Act. Immediate action is recommended on Articles 9 and 13 before any conformity assessment.

Findings (5)

CriticalArt. 9 EU AI Act

No risk management system documented

Evidence from document

“The technical specification describes the model architecture and training dataset, but contains no section on risk identification, risk estimation, risk evaluation, or residual risk controls as required by Art. 9(2).”

Recommendation

Implement and document a continuous risk management system covering the full lifecycle. At minimum: (1) identify known and foreseeable risks, (2) estimate and evaluate risks, (3) adopt risk management measures, (4) residual risk communication.

HighArt. 13 EU AI Act

Transparency information incomplete for deployers

Evidence from document

“Section 4 ("System Description") describes intended use but omits: accuracy metrics disaggregated by demographic group, foreseeable unintended uses, and performance limitations under out-of-distribution inputs.”

Recommendation

Expand the instructions for use to include: (a) accuracy and performance metrics per subgroup, (b) known limitations and conditions under which accuracy degrades, (c) human oversight measures the deployer must implement.

HighArt. 17 EU AI Act

Quality management system not referenced

Evidence from document

“No reference to a quality management system (QMS) or equivalent process is present in any of the scanned documents. Art. 17 requires providers of high-risk AI systems to put a QMS in place.”

Recommendation

Establish or reference an existing QMS covering: design and development controls, data governance procedures, post-market monitoring, incident reporting, and corrective action processes. ISO 42001 certification is a recognized approach.

MediumArt. 13(3)(b) GDPR

Missing legal basis for automated decision-making

Evidence from document

“The privacy policy (pages 3–4) describes data collection for "service improvement" without specifying the legal basis for automated profiling that affects user decisions.”

Recommendation

Add an explicit legal basis (Art. 6(1) GDPR) for each processing purpose involving automated decision-making. If relying on legitimate interests, document the balancing test. If consent-based, ensure granular consent mechanisms are implemented.

LowArt. 11 EU AI Act

Technical documentation lacks version history

Evidence from document

“The document is dated but contains no version history or change log. Art. 11 and Annex IV require technical documentation to reflect the current version of the AI system and record significant changes.”

Recommendation

Add a version table at the beginning of the technical documentation recording: version number, date, description of changes, and responsible author. Maintain this log through the system lifecycle.

Run this on your own documents

Upload a PDF, paste a URL, or connect Google Drive. Results like this in under 3 minutes. No credit card required.

Analyze my first document free Talk to sales

No credit card required · Results in 3 minutes · EU AI Act · GDPR · ISO 42001