GetRegula is a powerful command-line interface (CLI) tool designed to assess the risk of AI projects under the EU AI Act. This tool is essential for developers and teams aiming to ensure compliance with AI regulations, regardless of their location or the size of their operation.

Overview

GetRegula scans your codebase for risk indicators and classifies your AI system into one of four risk tiers established by the EU AI Act. It not only identifies potential compliance issues but also provides actionable insights for addressing them, making it an invaluable resource for ensuring that AI products adhere to regulatory requirements.

Key Features

• Risk Assessment: Determine if your AI product is high-risk and which obligations apply with just a few commands.
• Codebase Scanning: Analyze your entire codebase for risk indicators across 8 programming languages, ensuring comprehensive coverage and compliance visibility.
• No External Dependencies: Operate entirely on your local machine without needing external APIs or settings, enhancing security and performance.
• User-Friendly: The CLI is designed for ease of use, facilitating smooth integration into your development workflow or CI/CD pipelines.

Highlighted Commands

• Basic Risk Check: Quickly assess your project's compliance with:

  regula assess  
  

• In-Depth Code Scan: Scan your codebase for specific patterns that may indicate high-risk compliance issues:

  regula check .  
  

• Documentation for Auditors: Generate a ready-to-submit evidence package for auditors:

  regula evidence-pack --sign .  
  

Target Audience

GetRegula is aimed at:

• Solo Founders and Indie Hackers: Those building AI products that may be marketed to EU users.
• Small and Medium-Sized Enterprises (SMEs): Teams wanting to proactively manage compliance risks before they impact sales.
• Engineering Teams: Developers seeking to integrate compliance scanning into their CI/CD processes to mitigate risks early in the development cycle.

Understanding Risk Tiers

The EU AI Act categorizes AI systems into four tiers based on risk severity:

1. Prohibited: Includes systems that may violate ethical norms, such as social scoring.
2. High-risk: Requires adherence to stringent obligations (e.g., medical diagnostics).
3. Limited-risk: Mandates transparency measures for systems such as chatbots.
4. Minimal-risk: Only logging of potential issues is needed for systems like recommendation algorithms.

Limitations and Important Considerations

It’s important to note that Regula serves as a risk indication tool, rather than a definitive legal compliance certificate. Findings should be validated by qualified professionals. False positives may occur, and human review is advised for any compliance actions taken based on Regula's output.

Conclusion

GetRegula empowers developers with the necessary tools to navigate the complexities of AI compliance under the EU AI Act. By integrating this risk scanner into the development process, teams can enhance their understanding of regulatory requirements, ultimately aiding in the responsible shipment of AI projects.