Nothing can be cleared until the file is open. Currents opens the file.

Currents — step 1 of 3

Scan the system.
Then issue the passport.

Currents is the evidence scan. In ten working days it names every AI system reaching health, financial, or minors' data, classifies it against Annex III, and registers exactly what evidence is missing before a Ripple can be issued.

Step 1 — the scanFixed scope · 10 working daysAnnex III classification per systemFeeds directly into Ripples

Currents — the open file

Triage model · A&E

Annex III · no passport

Credit eligibility scorer

Art. 22 · gap: Art. 15

Minor-facing chat assistant

Art. 8 · gap: Art. 14

Claims RAG assistant

Corpus unaudited

Procurement agent

Tool-calls unlogged
5 systems scanned · 0 passports issued1 blocked pending evidence

No system is cleared at a border it was never presented at.

AL360° Oceans applies border control to AI: scan the system, issue the passport, grant the visa. Currents is step one. It establishes what is actually operating against health, financial, and minors’ data — the three contexts where a wrong model is wrong about a patient, a livelihood, or a childhood record — and what is not yet proven about any of it.

What forces a scan

Six conditions that mean the file is already overdue.

A competent authority has asked what AI you operate

The answer must be a register, not a recollection. A scan produces the register.

Your DPO cannot name which systems process Art. 9 data

Health, biometric, and special-category processing is running somewhere. No one can say where.

A vendor changed its underlying model and did not tell you

A silent model swap invalidates every fairness and accuracy claim you hold on file.

Agents are calling tools no one logged

EU AI Act Art. 12 requires automatic recording of events. Unlogged tool-calls are unevidenced acts.

A RAG assistant is retrieving from a corpus nobody has audited

An untrusted document is an untrusted instruction. Prompt injection enters through the corpus.

Procurement is about to renew AI it never scanned

Renewal without an updated scan re-approves last year's evidence for this year's model.

Failure modes

The scan looks for the failures nobody self-reports.

These are the conditions that survive a vendor questionnaire and fail a market-surveillance inspection.

Distribution shift

A triage or scoring model validated on a cohort that no longer resembles the population it serves. Accuracy holds in aggregate and collapses in a subgroup. EU AI Act Art. 15 requires accuracy and robustness to hold across the lifecycle — not on the day of validation.

Proxy discrimination

The protected attribute was removed; postcode, device class, and referral pathway reconstruct it. The disparity survives the deletion. Art. 10 requires examination of possible biases; GDPR Art. 22 requires the decision to be contestable when it is automated.

Prompt injection into a RAG corpus

A retrieved document carries an instruction, not just content. The assistant follows it. Where the corpus is a claims file, a patient record, or a safeguarding note, the injected instruction inherits the system's data access.

Silent vendor model swaps

The endpoint is unchanged; the model behind it is not. Every fairness metric, accuracy score, and Art. 11 technical document you hold now describes a system that is no longer running.

Unlogged agent tool-calls

An agent wrote to a core system and no event record exists. Art. 12 requires automatic recording over the system's lifetime. An unlogged act cannot be reconstructed, contested, or defended.

Oversight that exists only on paper

Art. 14 requires human oversight to be effective — a reviewer able to interpret the output and intervene. A reviewer who sees only an approve button, with no basis on which to disagree, is not oversight.

The shift

Before the scan, and after it.

Before the scan

  • No register of AI systems — only recollection
  • Art. 9 health data and Art. 8 minors' data processed at unknown locations
  • No Annex III classification — high-risk status is an opinion
  • Vendor claims held on file in place of findings
  • No named review owner per system
  • Agents and RAG pipelines outside every inventory

After the scan

  • Atlas holds the register: every system, owner, and context
  • Data categories mapped per system, with Art. 9 and Art. 8 flags raised
  • Provisional Art. 6 / Annex III classification recorded per system
  • Evidence gap register against Art. 10, 12, 14, 15 — gaps named, not implied
  • DPO, CISO, and procurement each hold a named queue
  • The passport queue: which Ripples to issue, in which order

How the scan runs

Ten working days. Fixed scope. One open file.

Week 1

Open the file

  • Scope: entities, deployments, data categories, sensitive-context spine (health · financial · minors)
  • Enumerate AI systems: vendor tools, model APIs, RAG pipelines, in-house models, agents
  • Trace integration paths — inference calls, embeddings, egress boundaries, credential scope
  • Classify data categories: GDPR Art. 9 special category, Art. 8 minors' data, financial profiling

Week 2

Name the gaps and decide

  • Provisional EU AI Act Art. 6 / Annex III classification per system
  • Evidence gap register — Art. 10 data governance, Art. 12 logging, Art. 14 oversight, Art. 15 accuracy
  • Provisional access decisions: cleared · cleared with limits · blocked pending evidence
  • Delivery: the open file, the gap register, and the queue of passports to issue

What the scan hands you

Six outputs, delivered at the end of week two.

Every AI system that touches health, financial, or minors' data — named and owned
Data-category map per system, with GDPR Art. 9 and Art. 8 flags raised
Provisional EU AI Act classification: Annex III high-risk, limited, or out of scope
Evidence gap register — what is missing before a Ripple can be issued
Provisional access decisions: cleared, cleared with limits, or blocked
The open file in Atlas — the register every later decision is written back into

Step 1 → step 2 → step 3

The scan is what makes the passport issuable.

Ripples — the evidence passport

Every system the scan opens a file on becomes a candidate for a Ripple: the durable, portable evidence record the system carries into every review. The scan supplies the gaps; the passport closes them.

Droplets — the context visa

A passport says what the system is. A Droplet says where it may operate: one deployment context, one data scope, time-bound and revocable. Agents and RAG assistants found in the scan cannot run without one.

The register stays open

Atlas holds the scan's findings permanently. Every passport issued, every visa granted or revoked, and every gap still open is written back to the same file. The scan is not a document — it is the start of a record.

01

Scan

Currents opens the file on every AI system reaching health, financial, or minors' data — and names what is unproven.

02

Issue

A Ripple is issued per system: the evidence passport it carries into every review, with its gaps closed and its diagnostics sealed.

03

Grant

A Droplet clears the system for ONE deployment context — time-bound, condition-bound, revocable on the day it drifts.

Addressed

Currents — the four objections we hear.

We can build the inventory ourselves in a spreadsheet.

A spreadsheet records names. A Currents records what a reviewer will actually ask for: the data categories each system processes, its provisional Annex III classification, its evidence gaps against Art. 10, 12, 14 and 15, the named review owner, and a provisional access decision. That output is the input to a passport. A spreadsheet is not.

We already have a software asset inventory.

Asset inventories track licences and hosts. They do not tell you which model provider sits behind an API, whether a vendor silently swapped that model last quarter, which agent holds write credentials to a clinical or core-banking system, or whether a RAG corpus has ever been checked for injected instructions. Those are the questions a scan answers.

We are not ready for a full governance programme.

The scan is not the programme. It is the border check that precedes it. It tells you what is already operating inside your perimeter, which systems are carrying no evidence at all, and which three need a passport first. Nothing is committed beyond the scan itself.

Our vendors have already assured us they are compliant.

Assurance is a claim. A scan produces a finding. The two diverge most often on distribution shift — a model validated on a population that no longer resembles the one it now scores — and on proxy discrimination, where a removed protected attribute is reconstructed from postcode, device, or referral pathway. Neither is visible in a vendor attestation.

Step 1 — the scan

Open the file
before someone else does.

Ten working days. Fixed scope. Every AI system reaching health, financial, or minors' data — named, classified against Annex III, and matched to the evidence it does not yet have.

AffectLog provides technical and operational evidence to support AI access decisions. Not legal advice, certification, notified-body conformity assessment, or regulatory approval.