Regulatory alignment
Certification that regulators already recognise.
Ethicality certification is designed to produce the exact documentary evidence that AI regulators, auditors, and large procurement teams are already asking for. One programme — multiple jurisdictions.
Section 01
Why voluntary isn't enough.
Three jurisdictions now impose legal obligations on organisations deploying high-risk AI. Ethicality certification provides documented evidence of conformity — reducing audit exposure and enforcement risk.
EU AI Act
Art. 9, 10, 13, 17
AIMSS — core documentation requirements
Risk-management system, data governance, transparency to deployers, and post-market monitoring map directly to AIMSS Sections 2, 4, 5, and 9.
Canada AIDA (proposed)
Part 1
AIMSS — risk classification + impact assessment
High-impact system designation and the accompanying record-keeping requirements map to AIMSS Annex A (risk classes) and Annex B (impact assessment).
UK AI Liability framework
Cross-sector guidance
EUMS — accountability documentation
Demonstrable due diligence over procured AI systems — the precise evidence EUMS Sections 3, 4, and 6 require deployers to maintain.
Colorado AI Act
§6-1-1701 et seq.
EUMS — impact assessment + disclosure
Consequential decisions disclosure and annual impact assessment map to EUMS Sections 4 and 5.
NYC Local Law 144
AEDT bias audit
EUMS — workforce + monitoring
Bias audit and candidate notice requirements map to EUMS Section 7 (workforce) and Section 9 (monitoring).
California CPPA ADMT
Final regulations
EUMS — disclosure + human review
Pre-use notice, opt-out, and human review obligations map to EUMS Sections 5 and 6.
Section 02
What auditors and regulators see.
Sample excerpt from an Ethicality certification report — redacted, illustrative. Each section corresponds to a numbered clause in the certified standard, with assessor sign-off and source-evidence references attached.
§2.3
AI System Register
Inventory of every covered system: vendor, version, deployment context, named accountable officer, risk tier.
§3.1
Model Card (per system)
Intended use, known limitations, performance by population, evaluation methodology, retraining cadence.
§4.2
Use-Side Impact Assessment
Affected persons, harm pathways, mitigations, residual risk, sign-off by accountable officer.
§5.4
Data Governance Attestation
Lawful basis, retention, vendor data-processing terms, deletion rights, cross-border transfer record.
§6.1
Human Oversight Protocol
Override conditions, escalation chain, training record for human reviewers, audit log of overrides.
§9.2
Incident & Near-Miss Log
Date, system, harm category, remediation, regulator notification status.
Illustrative excerpt. Real certification reports are scoped to the certified organisation and made available to regulators under NDA on request.
Section 03
Procurement clause language.
Copy-paste contract language buyers can insert into supplier agreements to require independent AI assurance from vendors:
"Suppliers providing AI-enabled services must hold a current Ethicality certification (AIMSS or Ethical Use track) issued within the preceding 24 months, or provide equivalent third-party conformity documentation acceptable to [Organisation]."
Want it published in our public Supplier Demand Register? Publish your standard →