EU AI Act conformity posture

Rebound implements a continuous, evidence-based risk management workflow. The Predictability Dashboard quantifies, in real time, the residual risk introduced by deploying any AI past its trust horizon. The Compliance & Audit Engine produces the documentary record auditors require.

Risk identification, estimation, evaluation, and treatment are mapped to k*-bounded operating envelopes and recorded with each decision.

The Rashomon Set Manager records the dataset versions used to validate each model in the pool, and re-validates on a configurable cadence. Drift signals from the Predictability Dashboard surface data-distribution changes.

Conformity reports are exportable on demand and structured to align with Annex IV. Per-deployment, per-decision rationale is retrievable from the audit ledger.

The audit ledger is append-only, cryptographically signed, and tamper-evident. Records can be retained for the lifetime of the system.

Every selection returns a structured rationale: chosen model, rejected alternatives, the k* in effect, the regime, and the risk function. This is the substrate for downstream transparency obligations.

The selector\u2019s refusal modality is the operational form of human oversight. Requests beyond k* are not silently degraded — they are routed back to a human in the loop.

Rebound\u2019s contribution is precisely about robustness: we quantify and constrain the operating envelope where accuracy claims hold. Cybersecurity controls are inherited from our SOC 2 Type II posture.

Rebound supports your conformity work; it does not by itself certify your AI system. Final responsibility for conformity assessment rests with the provider or deployer of the high-risk system. Talk to compliance@Rebound.ai to scope a joint conformity engagement.