Regulatory Framework Mappings

Every incident in the Provyn Index is mapped to relevant articles and controls from major AI governance frameworks. Use these mappings for compliance gap analysis, risk assessment, and regulatory reporting.

EU AI Act

In force — phased enforcement
Official source →

The world's first comprehensive AI regulation framework. Classifies AI systems by risk level and imposes requirements on high-risk systems. Enforcement begins August 2025 with full compliance required by August 2026.

ISO/IEC 42001:2023

Published — certification available
Official source →

International standard for AI Management Systems. Specifies requirements for establishing, implementing, maintaining, and improving an AI management system within organizations.

NIST AI Risk Management Framework

Published — voluntary adoption
Official source →

Voluntary framework from the National Institute of Standards and Technology to help organizations manage AI risks. Organized into four functions: Govern, Map, Measure, and Manage.

Category-to-Framework Mapping

Each incident category maps to specific regulatory requirements. Click any incident category in the database to see these references in context.

EU AI Act

HallucinationView incidents →
Art. 9Risk Management SystemArt. 13Transparency & InformationArt. 14Human Oversight
BiasView incidents →
Art. 10Data & Data GovernanceArt. 9Risk Management SystemArt. 71Fundamental Rights Impact Assessment
Privacy LeakView incidents →
Art. 10Data & Data GovernanceArt. 5(1)(a)Prohibited Practice: Subliminal Manipulation
Safety FailureView incidents →
Art. 9Risk Management SystemArt. 15Accuracy, Robustness & CybersecurityArt. 14Human Oversight
Copyright ViolationView incidents →
Art. 53Obligations for General-Purpose AI Models
Deepfake / FraudView incidents →
Art. 50Transparency for Certain AI SystemsArt. 5(1)(a)Prohibited Practices
Financial ErrorView incidents →
Art. 9Risk Management SystemAnnex III(5)High-Risk: Access to Essential Services
Medical ErrorView incidents →
Art. 9Risk Management SystemAnnex III(1)High-Risk: Biometrics & Health
Agent ErrorView incidents →
Art. 14Human OversightArt. 15Accuracy, Robustness & Cybersecurity
DefamationView incidents →
Art. 13Transparency & Information

ISO/IEC 42001

HallucinationView incidents →
6.1.2AI Risk AssessmentA.6.2.4Documentation of AI System Performance
BiasView incidents →
A.8.4Data Quality for AIA.6.2.6Fairness in AI Systems
Privacy LeakView incidents →
A.8.5Privacy and AIA.6.2.5Data Provenance
Safety FailureView incidents →
6.1.2AI Risk AssessmentA.7.3AI System Lifecycle Management
Copyright ViolationView incidents →
A.5.4Legal Compliance
Financial ErrorView incidents →
6.1.2AI Risk Assessment
Medical ErrorView incidents →
6.1.2AI Risk Assessment
Deepfake / FraudView incidents →
A.6.2.7Transparency of AI Systems
Agent ErrorView incidents →
A.7.4Human Oversight of AI
DefamationView incidents →
A.6.2.4Documentation of AI System Performance

NIST AI RMF

HallucinationView incidents →
MEASURE 2.5AI System AccuracyGOVERN 1.2Trustworthy AI Characteristics
BiasView incidents →
MAP 2.3AI System Bias AssessmentMEASURE 2.6Fairness Assessment
Privacy LeakView incidents →
MAP 5.1Privacy Risk IdentificationGOVERN 1.7Privacy Values
Safety FailureView incidents →
MAP 3.5Safety RisksMANAGE 2.2Risk Treatment
Copyright ViolationView incidents →
GOVERN 1.2Legal Compliance
Financial ErrorView incidents →
MAP 3.4Financial Impact Assessment
Medical ErrorView incidents →
MAP 3.5Safety-Critical Applications
Deepfake / FraudView incidents →
GOVERN 1.2TransparencyMAP 1.6Misuse Assessment
Agent ErrorView incidents →
GOVERN 1.4Oversight ProcessesMANAGE 4.1Incident Response
DefamationView incidents →
MAP 3.3Reputational Harm

Need a compliance-ready risk assessment?

Generate a filtered report of AI incidents relevant to your industry and regulatory requirements.

Build Risk Assessment →