The Spreadsheet That Decides Whether AI Regulation Can Actually Protect You

Here's something that will change how you think about AI regulation forever. The most powerful enforcement tool in the EU's sweeping new AI law isn't a list of banned features. It's not a test the algorithm has to pass. It's not even a government inspector with a checklist. It's a document most companies haven't finished writing yet — and in many cases, haven't started.

The EU AI Act — the world's first comprehensive law specifically governing artificial intelligence — began phasing in enforcement in 2024, with the most significant obligations for high-risk systems kicking in on 2 August 2026. Billions of words have been written about what it bans. Far fewer words have been written about the hidden machinery that determines whether the law applies to a specific system at all. That machinery runs on three unglamorous questions. And until a company answers all three, correctly, in writing, the regulation essentially can't see their AI.

Three Questions Nobody Talks About

The questions sound almost insultingly simple. What AI systems do you have? What role does your company play with each one? And: Does any of it count as "high-risk"?

That's it. Inventory. Role. Risk class. Three steps. But here's the kicker — most organizations, when they actually sit down to answer question one, discover their AI estate (the full collection of AI-powered tools they're running, often including things they didn't realize were AI) is significantly larger and more fragmented than anyone expected. A customer service chatbot here. A resume-screening plugin in the HR software there. A fraud-detection module baked into the payment platform. A facial comparison feature quietly added to the building access system eighteen months ago. Nobody told legal about that last one.

That gap between "what we think we have" and "what we actually have" is, right now, the single biggest compliance blindspot in AI regulation anywhere in the world.

What a Real AI Inventory Actually Looks Like

Most teams, when they hear "AI inventory," picture a spreadsheet with a column for system names. Chatbot. Analytics dashboard. Screening tool. Done. That's not an inventory. That's a list of product nicknames, and it's nearly useless for compliance purposes. This article is part of a series — start with Only 0 1 Of People Can Spot A Deepfake Heres The 3 Step Meth.

A minimum viable AI inventory — the bare floor of what regulators actually need — identifies, for every single system: the business owner, the technical owner, the vendor (if it's bought software), the intended purpose, the user group, what data goes in, what decision or output comes out, where a human reviews the result, which regulatory risk route it likely falls under, what transparency obligations it triggers, who holds the evidence that it works, and what happens when something goes wrong.

That's not a column. That's twelve columns. Per system. And it has to be accurate.

According to Information Age, this is precisely the artefact most compliance teams underestimate — and the gap between a weak inventory and a proper one is the gap between knowing whether your obligations apply and just hoping they don't.

"When the EU AI Act applies, a system may need role analysis, risk classification, vendor evidence, user-facing transparency notices, human oversight records, incident escalation, or coordination with privacy review — and the inventory is where that routing should begin." — Analysis via Information Age

Think of it this way. Imagine a city where no one has ever drawn a proper map. Everyone knows there are buildings — houses, factories, shops. But until someone actually walks every street and writes down each structure, its address, its purpose, and who owns it, the city's zoning laws can't be enforced. You might accidentally classify a hospital as a warehouse. It gets inspected under the wrong standard. The wrong people are held accountable. The EU AI Act is the zoning code. The inventory is the map. Without the map, compliance is just expensive guesswork.

The Misconception That's Tripping Everyone Up

Here's what most people — including most business reporters — get wrong about the EU AI Act. They read the headlines about prohibited features (no mass facial scraping of the internet, no AI that reads your emotions at work) and they conclude: The law works like a banned-substances list. Check if your thing is on it. If not, you're fine.

It's an easy mistake to make. The prohibitions are dramatic. They make headlines. "AI can't do X" is a much better story than "company must document field 7 of a compliance spreadsheet." Previously in this series: Your Wifi Router Knows Its You And No Law Says It Cant.

But the actual regulatory mechanism is a classification machine. And it runs on documented facts about your specific system in its specific context. The prohibited list is real — but it only covers a small slice of AI deployments. The much larger and more consequential category is high-risk: AI systems that touch decisions about hiring, credit, benefits, education, law enforcement, critical infrastructure, or — directly relevant here — biometric identification (using your face, fingerprints, or gait to figure out who you are).

Under Annex III of the EU AI Act, biometric identification and categorization systems are explicitly listed as high-risk. That means serious obligations: transparency notices for users, human oversight requirements, detailed technical documentation, and evidence that the system has been tested and validated. But — and this is the part that matters — those obligations only attach if someone has correctly classified the system as high-risk in the first place.

Miss the classification. Miss the obligations. Miss the safeguards. The law is still there. It just can't see your system if you haven't done the paperwork correctly.

Same Algorithm. Completely Different Risk Class.

This is where the facial comparison angle gets genuinely fascinating. Take the same underlying technology — software that compares one face against another. Deploy it as a door-access system at an office building, where an employee scans their face to enter and the system checks it against their enrolled profile. That's verification: one face checked against one known record. One-to-one. The person already consented, already enrolled, already knows the system exists.

Now take that same software and deploy it in a shopping mall, scanning every face that walks past and checking each one against a database of thousands of individuals. That's identification: one face checked against many unknown records. One-to-many. The people being scanned didn't consent. They don't know. The system is making inferences about their identity in real time.

The algorithm doing the comparison might be identical in both cases. But according to the risk classification framework in the EU AI Act — as detailed in guidance from the International Association of Privacy Professionals — the second deployment is unambiguously high-risk, carrying the full weight of documentation, oversight, and transparency requirements. The first may carry significantly lighter obligations. Up next: Sweden Live Facial Recognition Police Law Enforcement Safegu.

The difference isn't in the code. It's in the role. And that role only exists — legally, provably, enforceably — if someone wrote it down correctly in the inventory.

This is exactly why the visibility gap between compliance teams and technical teams is so dangerous. Legal knows the rules. Engineering knows the system. But neither one, alone, can produce a complete and accurate inventory. When those two groups don't talk — when the person who understands the algorithm doesn't sit down with the person who understands the regulation — systems get mislabeled. High-risk becomes low-risk on paper. The safeguards that should have applied never get triggered.

At CaraComp, working with facial comparison technology day in and out, this distinction between verification and identification isn't abstract — it's the difference between a system that needs one set of safeguards and a system that needs an entirely different compliance architecture. The classification has to come first. Everything else follows from it.

So here's the question worth sitting with. If an AI system helped decide something important about you — whether you get a job interview, whether your insurance claim goes through, whether you're flagged at a border crossing — would you want the company's biggest legal obligation to be "build a better algorithm"? Or would you want it to be "prove, in writing, exactly what this system is doing, who approved it, and who answers if it gets you wrong"?

Because right now, whether you get option B depends entirely on whether someone at that company filled out their inventory correctly. The most powerful protection in the world's most ambitious AI law is a spreadsheet. And most of them aren't finished yet.