EU AI Act: What AI Agent Developers Need to Know Before August 2026
Published March 17, 2026
The EU AI Act entered into force in August 2024. The first compliance obligations for high-risk AI systems take effect in August 2026 — five months from now. If you are building or deploying AI agents in production, this affects you.
This guide covers what the Act requires, which articles matter most for AI agent developers, and how to map those requirements to practical engineering work you can do today.
Who Does This Apply To?
The EU AI Act applies to providers (anyone who develops an AI system and places it on the market) and deployers (anyone who uses an AI system under their authority). If you are building AI agents that serve EU users, you are likely a provider. If your company uses AI agents internally, you are a deployer.
The obligations vary by risk classification:
| Risk Level | Examples | Requirements |
|---|---|---|
| Unacceptable | Social scoring, real-time biometric surveillance | Banned outright |
| High-risk | AI systems in employment, education, critical infrastructure, law enforcement | Full compliance with Articles 9-15, 26, 96 |
| Limited risk | Chatbots, AI-generated content | Transparency obligations only |
| Minimal risk | Spam filters, AI-powered search | No specific obligations |
Most AI agent systems fall into the high-risk category if they are used in decision-making contexts (hiring, lending, healthcare triage, legal analysis) or the limited risk category for general-purpose assistants. Even limited-risk systems need transparency — users must know they are interacting with an AI.
The key question is not whether the Act applies to you. It is whether you have the engineering infrastructure to demonstrate compliance when regulators ask.
The Eight Articles That Matter
After analyzing the full text of the regulation, we identified eight articles with direct engineering implications for AI agent developers. Here is what each one requires and what it means in practice.
Article 9: Risk Management System
What it requires: Providers shall establish, implement, document, and maintain a risk management system throughout the AI system’s lifecycle. The system must identify and analyze known and reasonably foreseeable risks, estimate and evaluate risks that may emerge, and adopt appropriate risk management measures.
What it means for agent developers: You need a documented policy for how your agents handle risks. For LLM-powered agents, the primary risks are cost runaway (an agent stuck in a loop burning API credits), data leakage (an agent sending PII to an LLM provider), and unauthorized actions (an agent taking actions outside its intended scope).
Engineering implementation: A governance policy chain that evaluates every agent action against defined rules. At Curate-Me, this is our 5-step governance chain: rate limiting, cost estimation, PII scanning, model allowlists, and HITL gates. Each step can deny a request before it reaches the LLM provider. The chain is configurable per organization and per API key.
Article 11: Technical Documentation
What it requires: Technical documentation shall be drawn up before the AI system is placed on the market and shall be kept up-to-date. It must include a general description of the system, detailed information about design and development, and information about monitoring, functioning, and control.
What it means for agent developers: You need documentation that describes what your agents do, how they are built, and how they are controlled. This is not a README — it is a formal technical description that a regulator can review.
Engineering implementation: Automated technical documentation generated from your agent configuration, governance policies, and system architecture. Agent traces and execution logs serve as evidence of how the system functions in practice.
Article 12: Record-Keeping
What it requires: High-risk AI systems shall technically allow for the automatic recording of events (logs) over the lifetime of the system. The logs must enable the tracing of the system’s operation and be maintained for a period appropriate to the intended purpose.
What it means for agent developers: Every agent action must be logged automatically. Not just LLM calls — every tool invocation, every file access, every network request. The logs must be complete enough to reconstruct what happened and why.
Engineering implementation: Immutable audit trails with structured logging. Every gateway request records the model used, tokens consumed, cost incurred, governance decisions applied, and the full request/response payload. Time-travel debugging lets you replay any agent execution step by step.
Article 13: Transparency
What it requires: High-risk AI systems shall be designed and developed in such a way as to ensure that their operation is sufficiently transparent to enable deployers to interpret the system’s output and use it appropriately.
What it means for agent developers: Users and deployers must be able to understand what the agent is doing and why. Black-box agent execution is not compliant. You need visibility into the agent’s reasoning, tool calls, and decision-making process.
Engineering implementation: Agent execution tracing with visible reasoning chains. Desktop streaming for visual oversight of agent actions. Request detail logging that shows each governance policy evaluation. The Curate-Me dashboard provides all of this through the Activity feed and request detail views.
Article 14: Human Oversight
What it requires: High-risk AI systems shall be designed and developed in such a way that they can be effectively overseen by natural persons. Human oversight measures shall aim to prevent or minimize risks. Natural persons to whom human oversight is assigned must be able to fully understand the capabilities and limitations of the AI system, properly monitor its operation, and be able to decide not to use the system or to interrupt its operation.
What it means for agent developers: This is the most engineering-intensive article. Agents must have a human-in-the-loop mechanism. A human must be able to review, approve, or reject agent actions — especially high-cost or high-risk ones. The human must have enough context to make an informed decision.
Engineering implementation: HITL approval queues. When an agent attempts an action that exceeds a cost threshold, touches sensitive data, or falls outside its normal operating parameters, the action is paused and queued for human review. The reviewer sees the full context: what the agent is trying to do, why, the estimated cost, and the governance chain’s assessment. They can approve, reject, or modify the request.
At Curate-Me, the HITL gate is the final step in the governance chain. Any request estimated to cost above a configurable threshold (default: $5.00) is held for approval. The dashboard’s approval queue shows pending requests with full context.
Article 15: Accuracy, Robustness, and Cybersecurity
What it requires: High-risk AI systems shall be designed to achieve an appropriate level of accuracy, robustness, and cybersecurity, and perform consistently in those respects throughout their lifecycle.
What it means for agent developers: Your agents need to be resilient against adversarial inputs (prompt injection, jailbreaks), data poisoning, and security exploits. The system must maintain its safety properties even when users or external inputs try to subvert them.
Engineering implementation: PII scanning to prevent data leakage. Content safety filters to detect prompt injection and jailbreak attempts. Model allowlists to prevent agents from using unapproved models. Skill security scanning to block malicious plugins before they are installed.
Article 26: Deployer Obligations
What it requires: Deployers shall use high-risk AI systems in accordance with instructions of use and take appropriate technical and organizational measures, including monitoring and cost governance.
What it means for agent developers: If you are deploying AI agents (even ones you built yourself), you need operational controls. Cost governance is explicitly mentioned. You must monitor agent behavior and have measures to intervene when things go wrong.
Engineering implementation: Daily budget caps, per-request cost limits, and real-time spend monitoring. The governance chain enforces cost limits before requests reach the LLM provider. When an org hits 80% of its daily budget, the system fires a webhook alert. At 100%, all requests are denied until the next day.
Article 96: Record-Keeping Obligations
What it requires: Providers and deployers of high-risk AI systems shall keep logs automatically generated by their AI systems for a period appropriate to the intended purpose, and in any event for a minimum of six months.
What it means for agent developers: Your audit logs must be retained for at least six months. Not just application logs — the automatically generated records of AI system operation. This means gateway request logs, agent execution traces, governance decisions, and cost records must all be durable.
Engineering implementation: MongoDB-backed audit trail with configurable retention policies. Gateway usage records are stored with request ID, org ID, model, tokens, cost, governance decisions, and timestamps. The compliance engine checks that your retention period meets the six-month minimum and flags non-compliance.
The Compliance Score
We built a compliance engine that maps these eight articles to your current platform configuration and produces a compliance score. It inspects your governance policies, feature flags, and audit trail to generate a per-article assessment with three statuses:
- Compliant: The article’s requirements are fully met by your current configuration.
- Partial: Some requirements are met but others need attention.
- Non-Compliant: The article’s requirements are not met.
For each non-compliant or partially compliant article, the engine provides a specific remediation action. Several articles offer one-click fixes — for example, enabling PII scanning satisfies part of Article 15, and enabling the HITL gate satisfies Article 14.
What To Do Now
August 2026 is five months away. Here is a priority-ordered list of what to implement:
1. Enable audit logging with 6+ month retention. This satisfies Articles 12 and 96. If you are using the Curate-Me gateway, this is already happening — every request is logged to MongoDB with full context.
2. Set up cost governance. Daily budgets and per-request limits satisfy Article 26. This is also just good engineering practice — an uncontrolled agent can spend thousands of dollars in minutes.
3. Enable PII scanning. Prevents your agents from sending sensitive data to LLM providers. Satisfies part of Article 15 and demonstrates risk management for Article 9.
4. Implement HITL approval queues. Article 14 requires human oversight. A cost-based HITL gate is the minimum viable implementation. Configure it for requests above a threshold that makes sense for your use case.
5. Document your governance policies. Articles 9 and 11 require documentation. Export your governance configuration, write a one-page description of your agent system, and keep both up to date.
6. Run a compliance scan. Use the compliance page to see where you stand. Fix the one-click items first, then address the manual configuration items.
The Bottom Line
The EU AI Act is not optional for anyone serving EU users, and its scope is global — it applies based on where your users are, not where your company is incorporated. The good news is that the engineering requirements map cleanly to capabilities that you should be building anyway: cost control, audit trails, human oversight, and security scanning.
The bad news is that five months is not a lot of time to build these capabilities from scratch. If you are starting now, start with the governance gateway — it gives you cost control, PII scanning, audit trails, and HITL in a single integration.
Check your EU AI Act compliance score at dashboard.curate-me.ai/compliance . Eight articles assessed. One-click remediation for common gaps.
Curate-Me is the governance layer for AI agents. Cost caps, PII scanning, rate limiting, HITL approvals, managed runners, and a full audit trail — zero code changes.