MEOK.AI
Sign inStart Free
Features
Pricing
Blog
About
🚀 Activate your agent

Free forever · No credit card

Fintech vertical · 28 April 2026

EU AI Act for Fintech

Three regs stack: AI Act + DORA + NIS2. We ship the evidence pack.

Credit scoring and insurance pricing AI are explicitly Annex III high-risk under the EU AI Act. DORA Reg 2022/2554 has been fully applicable since 17 January 2025. NIS2 transposition is biting now in Germany + Belgium. The compliance stack is real and we have the bolt-on.

£299/mo
Article 10 Bias for Credit
Demographic parity + equalized odds + calibration on every prediction. Auditor-verifiable signed certs.
MCP free
DORA + NIS2 Crosswalk
MIT-licensed control mapping. Pull into your agent stack via uvx.
£399/mo
Article 13 Transparency Logs
Decision-trace logging for instructions for use + post-market monitoring.
£4,950
Audit-Prep Bundle
14-day delivered: Annex IV technical file, RMS, FRIA, signed evidence.

What's binding for fintech now

  • EU AI Act Article 4 — staff AI literacy programme (in force 2 Feb 2025).
  • EU AI Act Article 5 — prohibited practices fully in force (no social scoring, no manipulative subliminal techniques).
  • EU AI Act GPAI obligations 51-55 — if you use GPAI for any production decisions, the foundation provider has obligations; downstream you have your own.
  • DORA Reg 2022/2554 — ICT third-party risk register, incident classification, threat-led penetration testing schedule, ICT risk management framework.
  • NIS2 (where transposed) — Germany 17 Oct 2026, Italy + Spain in transposition. Penalty ceiling €10M / 2% turnover (essential entity).

Frequently asked

Is fintech AI high-risk under the EU AI Act?

Annex III(5)(b) lists 'AI systems intended to be used to evaluate the creditworthiness of natural persons or establish their credit score' as high-risk — explicitly. Credit scoring fintech is in scope. Insurance pricing AI (Annex III(5)(c)) is also explicitly high-risk for life + health insurance underwriting + pricing.

Does DORA apply on top?

Yes if you're a financial entity covered by DORA Reg 2022/2554 — banks, payment institutions, e-money institutions, investment firms, crypto-asset service providers (under MiCA), insurers, asset managers. DORA has been fully applicable since 17 January 2025 and stacks on top of EU AI Act for AI-powered ICT services.

What's the bias-detection requirement?

EU AI Act Article 10 requires demonstrably unbiased training data + post-deployment bias monitoring across protected groups (age, sex, disability, ethnicity where lawfully collected). For credit scoring this means demographic-parity + equalized-odds metrics tracked continuously, with Article 9 RMS feedback if drift detected. Evidence must be auditor-verifiable.

What's the timeline?

Article 4 (literacy) — already binding since 2 Feb 2025. Article 50 watermarking (if you ship generative outputs) — 2 Aug 2026. Annex III high-risk obligations (the bulk for credit scoring + pricing) — 2 Dec 2027 after Digital Omnibus delay. DORA — already fully applicable. NIS2 — depends on member state transposition (Germany 17 Oct 2026).

What does MEOK ship for fintech?

Pre-built bundle: Article 10 bias-detection (£299/mo) for credit/pricing models + DORA-NIS2 crosswalk MCP + transparency logging (£399/mo) for decision traces + audit-prep bundle (£4,950) for full Annex IV technical file. Stripe-checkout end-to-end, MIT-licensed source on PyPI.

Free 30-min fintech triage

Bring your stack (credit-scoring? pricing? GPAI in customer ops?), we map gaps to AI Act + DORA + NIS2.

Book free triage →90-sec scorecard →

MEOK AI Labs · CSOAI LTD · UK Companies House 16939677