Description of the oxethica Platform
What is oxethica?
oxethica is an AI governance platform that automates and simplifies regulatory processes to facilitate compliance and reduce risks. The platform helps companies determine the scope of the EU AI Act for their AI systems and implement the necessary compliance measures in a structured manner.
1. Registration and access
Using this free tool simply requires you to provide an email address. No payment details need to be entered and no subscription is required. Registration does not entail any financial obligations.
2. Free self-assessment
The free self-assessment tool serves as a first step in assessing whether an AI system is subject to regulatory requirements at all.
The European Commission estimates that only 5–15% of all AI applications will be subject to stricter rules. The vast majority of AI systems in use are therefore not covered by the strict requirements of the EU AI Act. The self-assessment tool enables an initial, well-founded assessment before more complex compliance processes are initiated.
3. Structured querying and inventorying
A key feature of the platform is the structured recording and inventorying of AI systems. The platform enables the creation of a detailed AI inventory in which all systems in use can be recorded and the risk level determined for each individual system.
The platform provides a predefined questionnaire for this purpose and guides the user systematically through the relevant assessment categories. The user is solely responsible for answering the questions and entering correct and complete information. oxethica provides the structure and framework – the quality of the results depends directly on the accuracy and completeness of the information entered. The tool does not perform any substantive checks or validation of the entries.
4. Risk classification
Based on the information entered, the tool performs a risk classification. The EU AI Act divides AI systems into four risk classes: unacceptable risk, high risk, limited risk and minimal risk – each with different requirements.
- Unacceptable risk: Prohibited systems that may not be used in the EU.
- High risk: This applies, among other things, to systems in healthcare, education, biometric recognition or the financial sector. Strict documentation, transparency and audit obligations apply to these systems.
- Limited risk: Transparency obligations apply, e.g. the labelling of AI-generated content or automated interactions.
- Minimal risk: AI systems that do not fall into any of the above categories – such as email spam filters or simple chatbots – are generally exempt from the specific requirements of the EU AI Act. There are no mandatory compliance obligations for them.
The classification is a computational result based on user input and does not replace legal advice.
5. Importance of context and data
The risk class of an AI system is not a fixed characteristic – it depends on the specific context of use and the data employed. The same technology may fall into different risk classes depending on its purpose and target audience.
Developers and operators must continuously reassess the security and compliance of their AI system as soon as the data input or use case changes. The questionnaire therefore includes specific questions on purpose, data sources and potential impacts on fundamental rights. Here too, the responsibility for providing accurate and truthful answers lies entirely with the user.
6. Compliance Documentation
For systems classified as regulated, specific obligations are derived based on the input provided. Structured Model Cards provide clear, documented outputs to support decision-making and audits – exportable as PDFs. The exported documents reflect solely the information entered by the user and have no independent legal validity.
7. Up-to-date regulatory requirements
As AI technologies continue to evolve, it is likely that the EU will adapt and expand its regulations – therefore, continuous monitoring of risk classification is essential. The platform is continuously updated to reflect changes in the EU AI Act and other relevant regulations.