Skip to Content
Back to blog

AI & MCP

The EU AI Act will make it illegal not to have an AI Control Plane

Cameron McClellan

Cameron McClellan

June 6, 2026 - 11 min read

The EU AI Act will make it illegal not to have an AI Control Plane

Enterprise AI governance has been optional. The EU AI Act makes it mandatory. For high-risk AI systems, audit trails, human oversight, and risk management become legal obligations from December 2027, backed by fines up to €15 million or 3% of global annual turnover.

Those obligations describe controls that have to live on the path between an agent and the systems it touches. A policy document cannot enforce them. Meeting the Act is an infrastructure problem.

This article covers what the Act requires, why it came about, when it takes effect, and how an AI Control Plane maps to each obligation, including how enterprises have built this infrastructure themselves and what Speakeasy provides as a product.

What does the EU AI Act require of high-risk AI systems?

The Act sorts AI systems by risk. A small set of practices is banned outright. A larger category, high-risk AI, is permitted but heavily regulated.

High-risk systems are those listed in Annex III of the regulation:

  • Employment and recruitment
  • Credit scoring
  • Insurance and essential services
  • Critical infrastructure
  • Education
  • Law enforcement and justice
  • Border management
  • Biometrics

An enterprise that uses AI to screen job applicants, price a loan, or triage access to a public service is operating a high-risk system.

The diagram below shows how the Act sorts AI systems across three tiers, from outright bans to heavily regulated high-risk systems to transparency-only obligations.

EU AI ACT · RISK CLASSIFICATIONHow the Act sorts AI systemsMost enterprises fall into the high-riskcategory and face full obligations.ARTICLE 5Banned practicesSocial scoring · manipulation · real-time biometrics in public spacesPROHIBITEDANNEX IIIHigh-risk AIEmployment · credit · insurance · infrastructure · education · law enforcement · border · biometricsREGULATEDCHAPTER IVGeneral-purpose AIChatbots and generative AI must disclose AI use and label AI-made media from August 2026TRANSPARENCYV1 · RISK TIERS

EU AI Act obligations for high-risk AI systems

For high-risk systems, the Act imposes four obligations that map closely to what a mature governance program already does:

  • Record-keeping and traceability. High-risk systems must automatically log events over their lifetime so that their functioning can be traced and reconstructed after the fact.
  • Human oversight. Systems must be designed so that a person can understand their output, intervene, and stop them.
  • Risk management. Operators must run a continuous process to identify, evaluate, and mitigate the risks a system poses.
  • Data governance. The data feeding a high-risk system must be governed, with controls over what it contains and how it is handled.

EU AI Act fines and penalties

The Act sets three penalty tiers:

  • €35 million or 7% of global annual turnover for prohibited practices.
  • €15 million or 3% for non-compliance with high-risk obligations.
  • €7.5 million or 1% for supplying incorrect information to authorities.

In each case the higher of the fixed amount or the percentage applies. These are turnover-based fines on the scale of the GDPR, designed to make non-compliance more costly than compliance.

Why EU AI Act compliance is an infrastructure problem

Each of those obligations describes a control that has to live on the path between an agent and the systems it touches. A policy document cannot enforce any of them, which makes compliance an infrastructure problem.

Why voluntary AI governance frameworks became law

We covered the governance gap in depth in 2026 is the year of enterprise AI governance.

What the voluntary frameworks already required

Voluntary frameworks (NIST AI RMF, ISO 42001) required audit trails, human oversight, and risk management years before the Act. Adoption was low. The EU AI Act is the mandatory version of what those frameworks asked for voluntarily.

AI GOVERNANCE · CONTEXTVoluntary frameworks became lawThe Act requires what NIST and ISOasked for voluntarily — with penalties.EXISTEDVoluntary frameworksNIST AI RMFISO 42001OECD AI principlesTHE GAPLow adoptionNo legal obligationNo enforcementNo audit requirementTHE RESULTEU AI ActMandatory audit logsMandatory oversightFines up to 3% turnoverV1 · GOVERNANCE CONTEXT

The scale of the governance gap

Gartner expects 40% of enterprise applications  to include task-specific AI agents by the end of 2026, up from under 5% in 2025. IBM’s 2025 Cost of a Data Breach Report  found that 13% of organizations had already suffered breaches of AI models or applications, and 97% of those lacked proper AI access controls.

What this means for every enterprise

Every enterprise now has to close the same gap, and closing it requires a control point on the path that every agent shares.

When do the EU AI Act’s high-risk requirements take effect?

The Act’s deadlines run from 2025 to 2028. The bans and model-maker rules already apply. The high-risk obligations that most enterprises will feel land in December 2027 and August 2028.

TIMELINE · EU AI ACTWhat takes effect, and for whomFeb 2025IN FORCE
Banned AI practices
Social scoring, manipulative AI, and untargeted facial-recognition scraping are prohibited, for everyone.
Aug 2025IN FORCE
Rules for general-purpose AI models
Model providers must publish technical documentation, respect copyright, and assess systemic risk.
Aug 2026UPCOMING
AI transparency duties
Chatbots and AI-generated content must be disclosed and labeled, for anyone deploying them.
Dec 2027HIGH-RISK DEADLINE
Required audit logging, human oversight, risk management, and data governance
For AI used in lending, underwriting, claims, hiring, eligibility, and access to services.
Aug 2028UPCOMING
Required audit logging, human oversight, risk management, and data governance
For AI inside medical devices, vehicles, machinery, and other certified products.
EU AI ACT · 2025–2028

Did the EU AI Act deadlines change?

The high-risk deadlines were originally 2 August 2026 and 2 August 2027. A provisional agreement  under the Digital Omnibus  moved them to 2 December 2027 and 2 August 2028.

The change still awaits formal adoption, but the EU has now spent its one obvious lever for relief. These are very likely the final dates.

December 2027 vs August 2028: what applies when

December 2027 is the date to plan against first. It covers AI used to make regulated decisions: approving loans, underwriting and pricing insurance, handling claims, screening candidates, and determining who gets access to a service. For a mid-size bank, lender, insurer, or healthcare provider, that is the date those systems have to be logged, overseen, and governed, or they cannot run in the EU.

August 2028 extends the same obligations to AI built into regulated products (medical devices, vehicles, and industrial machinery) on each product’s existing certification timeline.

Does the EU AI Act apply to companies outside regulated industries?

A company outside those sectors might read this as someone else’s problem, and that would be a mistake.

The Act regulates high-risk AI first because that is where the liability is clearest. But the gaps it targets exist in every enterprise running AI, including unlogged agents, absent human oversight, and shadow AI nobody approved.

Its scope has already widened once, from banned uses to general-purpose models to regulated products, and other jurisdictions are drafting comparable rules. Building the governance layer now lets a regulated company meet its deadline and puts everyone else ahead of the rules still being written. In both cases, the layer is the AI Control Plane.

How EU AI Act compliance maps to the AI Control Plane

An AI Control Plane is the governing layer between every AI agent in an organization and every system it can reach. It unifies connection, identity, policy enforcement, and observability so that every prompt, response, and tool call flows through a single controlled path.

It does four things (Connect, Control, Secure, and Observe), and each is where one of the Act’s obligations is met.

AI CONTROL PLANE · EU AI ACTHow the AI Control Plane meets each requirementEU AI ACT REQUIREMENTFUNCTIONHOW THE CONTROL PLANE MEETS ITRecord-keeping andtraceabilityOBSERVE
A structured log of every AI interaction: tool name, arguments, result, and the identity behind it.
Human oversight andrisk managementCONTROL
Role-based access and versioned policy at the tool-call boundary, with the ability to scope and revoke.
Data governance andresidencySECURE
PII redaction and content inspection in the request path, with the gateway deployed in the customer's own VPC.
Uncontrolled andshadow AICONNECT
A single registry with SSO-integrated identity, and hooks that detect shadow MCP servers the moment they appear.
CONNECT · CONTROL · SECURE · OBSERVE

Traceability becomes an audit log the Control Plane keeps

The Act requires high-risk systems to log events automatically so their behavior can be reconstructed. A Control Plane produces that log as a byproduct of routing. Because every tool call passes through it, it records what each agent did, with what arguments, against which system, and under whose identity.

This AI observability layer means that when an auditor asks what data an agent touched last quarter, the answer is a query rather than an investigation.

Human oversight becomes policy the Control Plane enforces

Oversight and risk management require the ability to constrain a system and intervene when it misbehaves. A Control Plane enforces who can use what, and under what conditions, as versioned, testable rules applied at the point of use.

Access is scoped to teams and roles, and revocation takes effect the moment an identity changes. A misbehaving agent can be stopped without taking down everything around it.

Data governance becomes infrastructure the Control Plane owns

Data governance and residency obligations are hard to meet when prompts and responses leave the organization’s control. Running the gateway inside the enterprise’s own VPC keeps that traffic on infrastructure the enterprise controls.

Inspecting traffic in the request path means PII and data exfiltration can be redacted or blocked before they leave.

Shadow AI becomes an inventory the Control Plane maintains

The Act penalizes uncontrolled deployment, and uncontrolled deployment is the default state of most orgs today. Bringing every agent and every tool onto a single plane, with identity attached, turns shadow AI from an unknown into an inventory.

When an employee connects an unapproved MCP server, the Control Plane detects and blocks it at the protocol layer before it surfaces in a postmortem.

How enterprises have built the AI Control Plane

The enterprises furthest ahead on AI deployment built this infrastructure first, and treat it as a competitive advantage. Those that built it themselves and the platform vendors that reached the same conclusion are both worth examining.

Building an AI Control Plane in-house

Uber is the clearest public example. Before scaling AI broadly, it built an LLM gateway, an MCP gateway and registry across thousands of internal services, and an agent identity system extending its Zero Trust infrastructure to multi-agent workflows.

JPMorgan Chase built its AI platform  governance-first, with a C-suite oversight council and compliance embedded from the start.

How major platform vendors are responding to AI governance requirements

The major platform vendors independently converged on the same architecture:

  • ServiceNow  featured its AI Control Tower at Knowledge 2026.
  • Google  built Cloud Next 2026 around the agentic enterprise Control Plane.
  • Microsoft  extended Entra identity governance to AI agents, with per-agent IDs and scoped access policies.

Are enterprises appointing dedicated AI governance leaders?

Forrester predicts  that 60% of Fortune 100 companies will appoint a dedicated head of AI governance in 2026. Major firms like Sony  and UBS  already have, with governance roles tracking the build-out of the technical layer.

Why building before the deadline matters

Building the Control Plane before the compliance deadline means arriving at December 2027 with an infrastructure already in place rather than an implementation still in progress.

The Speakeasy AI Control Plane

Speakeasy is building the AI Control Plane. We started with the connection and identity layer (the first place companies get stuck when they move past ad-hoc AI adoption) and have been extending across the four functions since.

SPEAKEASY · AI CONTROL PLANEEvery call on a governed pathConnect, Control, Secure, and Observemap to each EU AI Act obligation.01 · CALLERS02 · CONTROL PLANE03 · DESTINATIONSAI agentsMCP clientsDevelopersCLI · IDE toolsAutomationsPipelines ·workflowsConnectMCP gateway · tool registryshadow AI detectionControlRole-based access · versioned policyscoped revocationSecurePII redaction · VPC gatewaycontent inspectionObserveFull audit log · tool · argsresult · identityLLM providersClaude · GPTGeminiAPIs & dataInternal servicesSaaS toolsJira · SlackGitHubCALLERSCONTROL PLANEDESTINATIONSV1 · SPEAKEASY

The MCP gateway routes and governs agent-to-tool connections, policy is enforced server-side instead of on individual laptops, and every tool call is logged with the identity behind it.

How the AI Control Plane makes governance and AI enablement the same investment

The Control Plane fits the Act because governance and enablement stop pulling against each other. The same layer that lets AI reach every team records and constrains what it does, delivering the traceability, oversight, and control the Act requires on a single path.

Enterprises that built this internally spent years and dedicated platform teams doing it. The product delivers the same governance posture in weeks.

For a platform or security team mapping out how AI should flow through the organization before the compliance clock runs out, the Speakeasy AI Control Plane is where that conversation starts.

Further reading

Frequently asked questions

For high-risk systems (those listed in Annex III, covering employment, credit scoring, essential services, critical infrastructure, education, law enforcement, justice, border management, and biometrics) the Act requires automatic record-keeping and traceability, human oversight, continuous risk management, and data governance. Non-compliance carries fines of up to €15 million or 3% of global annual turnover, whichever is higher.

Standalone high-risk systems (Annex III) apply from 2 December 2027, and AI embedded in regulated products (Annex I) from 2 August 2028. These dates were postponed from 2026 and 2027 under the Digital Omnibus, and as of June 2026 the change is a provisional political agreement awaiting formal adoption. The Act’s prohibitions and general-purpose AI rules are already in force.

The Act sets three tiers. Prohibited practices under Article 5 carry up to €35 million or 7% of global annual turnover. Non-compliance with high-risk obligations carries up to €15 million or 3%. Supplying incorrect, incomplete, or misleading information to authorities carries up to €7.5 million or 1%. In each case the higher of the fixed amount or the percentage applies.

An AI Control Plane is the governing layer between every AI agent in an organization and every system it can reach. It unifies connection, identity, policy enforcement, and observability so that every prompt, response, and tool call flows through a single controlled path. It is to AI agents what an identity provider is to human access to SaaS.

The Act’s core requirements map directly onto the Control Plane’s functions. Traceability is met by the audit log of every tool call. Human oversight and risk management are met by role-based access and policy enforced at the tool-call boundary. Data governance and residency are met by inspecting traffic in the request path and running the gateway inside the customer’s own VPC. Shadow AI control is met by bringing every agent and tool onto a single registry with identity attached.

Last updated on

AI everywhere.

Control here.

Talk to usLearn more