No governance without classification.
Independent classification of AI agents through the full AIGN OS 4.0 regulatory pathway — from prohibited-use screening to a defensible evidence bundle.
An AI agent is an AI system. Before it acts, it must be qualified, screened and classified. AIGN OS 4.0 determines its regulatory character, the obligations that follow, and the evidence you can show to a regulator or auditor under pressure.
Organisations deploy AI agents faster than they can classify them.
Before an organisation can defend an AI decision, it must classify the underlying AI system — and before classification, it must clear a prohibited-use screening and a transparency check. Most organisations have no reliable AI inventory, no intended-purpose register and no classification logic. A person is not a governance system. A policy is not a control. A framework is not accountability.
The classification gap
Agents enter operations without an inventory, an intended-purpose register or a decision-impact assessment. Without classification, no obligation can be correctly assigned.
Operating model before roles
Organisations hire AI governance roles before designing the system those roles are meant to operate — compensating for missing classification logic with headcount.
The human-in-the-loop misconception
Human involvement does not automatically remove high-risk classification. It often becomes an oversight requirement after classification — not a reason to avoid it.
The regulatory pathway every AI agent must clear.
Layer 3 is the entry gate for the entire governance system — its outputs are the inputs to every other layer. The sequence is mandatory and non-reversible: each gate is cleared before the next is entered. Classification determines the compliance pathway; compliance does not determine classification.
AI System Qualification
Determine whether the agent is an AI system in scope of the regime. If it is, it enters the pathway.
AI System Qualification SheetProhibited AI Gate — Art. 5
Screen the use case for prohibited practices before any other step. A prohibited practice escalates to legal and board; no deployment is permitted.
Prohibited AI Gate ChecklistTransparency & Content Disclosure Gate — Art. 50
Determine whether chatbot disclosure, deepfake labelling, synthetic-content marking or emotion-recognition disclosure applies. These obligations apply from 2 August 2026, subject to final guidance.
Article 50 Transparency RecordHigh-Risk Mapping — Annex I / III, Filter & Profiling
Map the agent against Annex I (product/safety), Annex III (sensitive use), safety-component logic, the Art. 6(3) filter and the profiling gate that can block any filter exemption.
Annex I / III Mapping · Filter Record · Profiling GateHuman Involvement & Agentic Scope — Art. 14
Clarify whether the human role changes the task character or is post-classification oversight, and capture the agent’s autonomy boundaries and intervention points.
Human Oversight Design RecordGPAI Dependency — Title VIII
Record the agent’s foundation-model / GPAI dependency and the applicable transparency and systemic-risk tier obligations.
GPAI Dependency RecordFRIA Trigger & EU Database Registration — Art. 27 / 71
Determine whether a Fundamental Rights Impact Assessment and EU AI database registration are mandatory before deployment of a high-risk agent.
FRIA Trigger Sheet · EU Database Registration RecordResponsibility & Substantial Modification — Art. 25 / 26
Assign the provider/deployer role, identify shift risk, and test whether modification, fine-tuning or repurposing triggers renewed classification.
Responsibility Map · Substantial Modification GateClassification Evidence Bundle
All gate outputs, decisions, roles and the review date are compiled into a single auditable classification record — the defensible result.
Classification Evidence BundleClassification is one operational layer of a complete governance system.
AIGN OS 4.0 is an eight-layer governance operating system. The agent classification above lives in Layer 3 — the entry gate whose outputs feed every layer beneath it.
| Layer | Name | Primary function |
|---|---|---|
| 1 | Organizational Interface | Roles, accountability, board reporting and cross-functional ownership. |
| 2 | Governance Kernel | Lifecycle logic, autonomy boundaries, governance reflexes and escalation. |
| 3 | AI Classification & Regulatory Pathway | Qualifies agents; screens prohibited use; determines transparency; maps high-risk; records GPAI dependency; assigns responsibility; triggers FRIA and registration. The entry gate. |
| 4 | Compliance Engine | Transforms triggered obligations into controls, documentation and monitoring. |
| 5 | Framework Modules | Context logic for Global, SME, Education, Agentic AI, Data and Culture. |
| 6 | Governance Toolchain | Day-to-day instruments, evidence production and post-market monitoring. |
| 7 | Maturity & ASGR | Governance maturity, classification readiness and systemic capability scoring. |
| 8 | Trust & Certification | Trust Labels, audit scorecards, certification registry and evidence packages. |
What actually classifies an AI agent.
For an agentic system, autonomy and oversight are inputs to classification — not the classification itself. The result is the agent’s position on the regulatory pathway and its evidence bundle.
Classification is not paperwork. It is where adoption becomes accountable.
AIGN OS 4.0 is the AI Governance Operating System for Classification, Evidence and Defensible Trust — a DOI-registered operating system, not a checklist or a platform to up-sell. It introduces AI system classification as the missing operational layer between AI adoption and AI governance.
Classification capability
A repeatable ability to qualify and classify agents consistently and defensibly across the full regulatory pathway.
Defensibility
Every classification is reconstructable, attributable and justifiable under audit, regulatory scrutiny or legal challenge.
We do not sell a platform
AIGN holds no agent product and no orchestration tool. The verdict is independent of any vendor or cloud the agent runs on.
The six questions a board must be able to answer.
AIGN OS 4.0 defines a minimum evidence set for board-level AI oversight. The classification of an agent produces exactly the artefacts these questions require.
| Board question | Governance artefact |
|---|---|
| Which AI systems are material to our operations, decisions or risk? | AI System Register (classified) |
| How were they classified, and what is their regulatory pathway? | Classification Evidence Bundle per system |
| Who is accountable for each material system? | Responsibility Map / Accountability Matrix |
| Which controls are active and verified? | Control Map, DPIA+, audit outputs |
| What evidence can be produced to a regulator or auditor today? | Evidence Bundle, Classification Readiness Score |
| What has materially changed since the last classification review? | Reclassification Review Record, Monitoring Log |
For everyone who has to answer for what an agent does.
| Audience | What they need | AIGN OS 4.0 contribution |
|---|---|---|
| Boards & Executive | Is classification a management capability we control? | The six-question Board Evidence Standard and classified AI register. |
| Legal & Compliance | Which obligations actually apply to this agent? | Prohibited-use and transparency screening before any control design. |
| Risk | Are autonomy and oversight bounded and evidenced? | Human Oversight Design Record and reclassification triggers. |
| Procurement | How do we assess a vendor agent beyond marketing? | Vendor Classification & Evidence Questionnaire and responsibility map. |
| Audit | Can the classification be reconstructed? | An auditable Classification Evidence Bundle across the full pathway. |
| CHRO & People | Are we hiring roles before designing the system? | Operating-model design so role architecture follows the system. |
An Agent Classification Review — one system, full pathway, one evidence bundle.
The entry point runs a single AI agent through the complete Layer 3 regulatory pathway. The objective is not to approve or reject the agent by default — it is to establish its regulatory classification, the obligations that follow and the evidence you can defend.
You receive a defensible classification record
- AI system qualification and register entry
- Prohibited AI gate and Art. 50 transparency result
- Intended purpose register and decision-impact assessment
- Annex I / III mapping, filter and profiling result
- Agentic scope and human oversight design (Art. 14)
- GPAI dependency, FRIA trigger and registration assessment
- Provider / deployer responsibility map
- Classification Evidence Bundle and board-ready summary
- ASGR-compatible Classification Readiness Score
Classify before the obligations apply — not after.
Art. 50 transparency
Disclosure obligations for chatbots, deepfakes, synthetic content and emotion recognition — subject to final guidance and applicable scope.
Annex III high-risk
Application for Annex III high-risk systems — subject to the Digital Omnibus and standards-linked implementation framework.
Annex I high-risk
Application for Annex I high-risk systems — subject to the same final-adoption conditions.
The European Commission’s draft classification guidelines of 19 May 2026 were in public consultation until 23 June 2026 and have not been finally adopted. EU AI Act application dates are subject to ongoing Digital Omnibus negotiations and standardisation timelines. Verify current legislative status before treating any date as a binding obligation.
What enterprises ask before classifying an AI agent.
Is this agent selection or procurement?
No. This is classification through the AIGN OS 4.0 Layer 3 regulatory pathway. We determine an agent’s regulatory character and the evidence it requires — we do not run vendor selection or procurement.
Our agent has a human in the loop — does that mean it is not high-risk?
Not automatically. Human involvement does not remove high-risk classification on its own. It often becomes an oversight requirement after classification under Art. 14, rather than a reason to avoid classification.
Which EU AI Act dates apply to our agent?
Art. 50 transparency obligations apply from 2 August 2026. High-risk application follows for Annex III systems on 2 December 2027 and Annex I systems on 2 August 2028 — all subject to final adoption of the Digital Omnibus and the standards-linked implementation framework.
Do you sell a governance platform or tools?
No. AIGN OS 4.0 is an operating system, not a product to up-sell, and AIGN holds no agent platform to defend. That independence is the point: the classification verdict carries no interest in selling you technology.
What do we receive at the end?
A Classification Evidence Bundle: the agent’s regulatory pathway result, role responsibility, the controls that follow, an ASGR-compatible readiness score and a board-ready summary aligned to the six-question Board Evidence Standard.
What happens when the agent changes?
Substantial modification, fine-tuning, repurposing or intended-purpose drift triggers a reclassification — a re-entry into Layer 3. The post-market governance loop monitors for exactly these changes.
Before an AI agent acts on your behalf, classify what it is.
Start with one agent. We run it through the full Layer 3 regulatory pathway and deliver a defensible Classification Evidence Bundle. Send a written inquiry and we will respond with the next steps.
AIGN OS 4.0 Agent Classification is an independent advisory service. It does not constitute legal advice, regulatory certification or a guarantee of agent performance. Regulatory dates and classification outcomes are subject to final adoption of applicable instruments and are defined for each engagement. AIGN OS and related AIGN terminology, models and frameworks are the intellectual property of Patrick Upmann / AIGN; commercial use requires a valid AIGN license.