EU AI Act Governance That Works in Practice

The EU AI Act's transparency requirements and enforcement powers take effect 2 August 2026. I help organizations turn AI Act obligations into a working governance system, not a binder. My graduate research at the Technical University of Munich focused on the AI Act itself.

Start now: the high-risk deadline is December 2027, but preparation takes time. The AI Act Readiness Diagnostic™ is the fastest way to know what an audit or acquisition due-diligence team would surface before they do.

From AI Act Requirement to Working System

AI Act Readiness Diagnostic™

A fixed-fee assessment, delivered in three to four weeks. I map your AI use cases against the EU AI Act obligations and ISO 42001 requirements, score the gaps, and hand your board a remediation roadmap it can act on. This is the fastest way to know what a regulator, auditor, or acquirer's due-diligence team would identify before they do, and it is the entry point to everything below.

Operational AI Management System

Governance that lives in your workflows, not in a binder. A complete AI model inventory with risk ratings, decision rights and board reporting, model risk ownership, procurement gates, and monitoring that produces audit-ready evidence. Aligned to ISO 42001, the standard buyers and regulators increasingly treat as the baseline.

Corridor Interoperability Mapping

For organizations that also operate in the Gulf or broader MENA region, one governance system can be mapped across both EU AI Act and local regulatory expectations. This dual-regime capability is uncommon among EU-focused advisors and comes directly from the combination of my TU Munich research and prior regional work.

Regulatory Monitoring

Primary-source intelligence on the EU AI Act, national implementation guidance, and broader AI regulation affecting your footprint. Verified against official texts rather than secondary coverage. The signal, without the noise.

Engagements are scoped before they begin. Delivered in English or Arabic.

What colleagues say

His successful execution of several projects utilizing Artificial Intelligence and Machine Learning methodologies to assess key concepts in international relations showcased his ability to organize complex data, extract meaningful insights, and drive technological advancements.

Team Lead · Leidos

His adaptability to changing workflows, including the integration of new technologies, streamlined our processes and enhanced the timeliness and quality of our deliverables. He demonstrated profound knowledge and understanding of both regional dynamics and global affairs.

Manager · Leidos

His deep familiarity with Gulf financial sector culture, combined with his multilingual capabilities and analytical rigor, makes him an exceptionally strong candidate for advisory and governance roles requiring both regional expertise and institutional credibility.

Vice-President, Communications · Qatar National Bank

Writing

Analysis and perspective on the EU AI Act and AI governance, with additional insight on cross-border implications for organizations operating in MENA.

3 min read

Is Your AI System High-Risk? The Answer Is Rarely Obvious

Two years after the EU AI Act passed, companies still struggle with the most critical question: which systems are actually high-risk? The official guidelines reveal why the exemptions are narrower than most assume.

Read article
3 min read

One AI Governance System for Two Regions

Companies selling AI into Europe and the Gulf typically run two separate compliance projects. The legal frames differ, but the engineering converges. One unified system, built once and mapped to both regimes, costs less and moves faster.

Read article

How We Work Together

I work with clients on project-based engagements and short-term assignments. Typical engagements follow a three-phase structure:

Phase 1·4–6 weeks

Diagnostic

The AI Act Readiness Diagnostic™: I map your AI use cases against EU AI Act obligations and ISO 42001 requirements, run the gap analysis, and identify what a regulator or auditor would flag. For organizations with Gulf or MENA exposure, the assessment can include dual-regime mapping.

Deliverable

A board-ready roadmap, prioritized by regulatory and audit risk.

Phase 2·8–12 weeks

Build

Building the operational AI management system: model inventory and risk ratings, governance and decision rights, monitoring, and procurement controls, aligned to ISO 42001 and EU AI Act requirements. For organizations with Gulf or MENA exposure, the same system can be mapped against local regulatory expectations so one build satisfies both regimes.

Deliverable

An operational AI management system that produces audit-ready evidence.

Phase 3·Optional

Ongoing Retainer

Regulatory monitoring, framework updates, board briefings, and advisory support as the EU AI Act and national implementation guidance evolve.

Schedule Initial Consultation

About

Rabii Agoujgal helps organizations prepare for the EU AI Act and build AI governance that survives regulatory audit and acquisition due diligence. His graduate research at the Technical University of Munich focused on the EU AI Act itself, which lets him read the regulation at a depth most advisors do not, and translate obligations into working systems rather than compliance theater.

He also brings financial-sector credibility from the inside. He worked in communications at Qatar National Bank, producing external messaging and handling media relations. That background shapes how he approaches transparency and disclosure requirements. Most AI governance programs built by technical or legal teams struggle with plain-language explanation of AI decisions to customers and boards. In regulated financial services, in particular, that weakness is often where audits and regulators surface problems.

Earlier in his career, he conducted regional risk and intelligence analysis across MENA and Europe. That experience informs how he assesses regulatory and geopolitical exposure for organizations operating across multiple jurisdictions and regulatory regimes.

He is completing the IAPP AI Governance Professional (AIGP) certification and works in Arabic and English.

EU AI Act
Risk tiering, high-risk obligations, transparency requirements, enforcement timeline
ISO 42001
AI management systems, governance frameworks, certification readiness
Governance Architecture
Model inventory, human oversight, decision rights, audit-ready evidence
Procurement & Vendor Risk
Third-party AI assessment, contract requirements, due diligence frameworks
Cross-Border Governance
Multi-jurisdiction strategy and dual-regime mapping
MENA / Gulf Governance
Cross-border compliance for organizations with exposure in the MENA region (CBUAE, SAMA, QCB, SDAIA guidance; Morocco Law 09-08)

Let's work together

For organizations preparing for the EU AI Act, get in touch.

If you are looking for a defined starting point, see the engagement model above.

Get in touch