Third-party AI tools compliance audit

Problem: an 80-employee SME used 12 SaaS tools integrating AI (CRM, chatbot, scoring, writing) without knowing which were affected by the AI Act. Solution: compliance audit of each third-party tool (terms, data processing, AI Act classification), risk matrix, substitution or framework recommendations. Result: 4 non-compliant tools identified, 8-week remediation plan.

Problem

an 80-employee SME used 12 SaaS tools integrating AI (CRM, chatbot, scoring, writing) without knowing which were affected by the AI Act.

Solution delivered

compliance audit of each third-party tool (terms, data processing, AI Act classification), risk matrix, substitution or framework recommendations.

Result achieved

4 non-compliant tools identified, 8-week remediation plan.

Why this matters for SMEs

This case shows how clear scoping, fit-for-purpose tooling and explicit gain tracking turn a business need into an operational result for an SME.