Is Your Credit Scoring Engine AI Act Compliant?

Credit scoring is explicitly classified as high-risk by the AI Act. Obligations before August 2, 2026.

COUNTDOWN TO MANDATORY COMPLIANCE
Book Your Compliance Session
Fines up to EUR 15M or 3% of global revenue

No transition phase after August 2026. Sanctions apply immediately to non-compliant systems.

Key Milestones

February 2025

Transition phase begins

Inspections and recommendations start

August 2025

1 year before deadline

Last call for voluntary compliance

August 2, 2026

Mandatory enforcement

AI Act applies in full. Fines begin.

August 2027

Full enforcement

Systematic checks and sanctions

5 Core Obligations

Full Traceability

Record all decisions, training data, model versions, and modifications.

XAI Explainability

Explain why score is 71, not 65. Contributing variables are mandatory.

Human Oversight

Systematic audit of decisions before deployment. Escalation for ambiguous scores.

Technical Documentation

Impact assessments, risk evaluations, mitigation plans.

EU Registration

Mandatory registration in NFRA registry before August 2026.

What the AI Act Changes for Your Data

Open Banking

Requirement: Must be tracked and consent documented

Every access to customer bank flows must be recorded with timestamp and explicit consent. Audit trail required.

OCR Financial Statements

Requirement: Every extraction must be auditable and timestamped

RocketFin's drag-and-drop OCR automatically generates a timestamped log for each document processed — compliance built-in without extra development.

Scoring Decisions

Requirement: Every score must have an explainability report

Contributing variables, model weights, thresholds applied: everything must be explained. Ready for human review and regulatory audit.

Checklist: 12 Essential Points

Download
Complete model audit: algorithm, data, decision process
Risk mapping (discrimination, bias)
Robustness testing & adversarial scenarios
Customer impact documentation (e.g., rejection rates by profile)
Compliance roadmap with dates
Designate AI compliance officer
Human oversight protocol
Registry of contested decisions
Customer appeal process
Team training on AI Act
Vendor contracts updated (if external partners)
Regulator audit simulation (NFRA checklist)

RocketFin: AI Act Native

Built-in Explainability

5 contributing variables per score. No black-box effect. AI Act compliant by design.

Complete Audit Trail

Full recording of each decision, data, model versions. Regulator-ready.

Human Oversight

Automatic escalation of ambiguous scores. Pre-deployment validation. Compliant.

Verify Your Compliance with RocketFin

FAQ: Your Questions

Is my current scoring engine affected?

Yes, if you use any algorithm or ML to score B2B credit. Regardless of technology (rules, decision trees, deep learning) or vendor.

What's the difference between provider and deployer?

Provider = you create/sell the system. Deployer = you use it. Both must comply. If you're a customer, demand AI Act documentation.

Does Omnibus postpone obligations?

Not confirmed. Partial postponements are under discussion, but August 2026 deadline for credit scoring stands today. Do not wait.

Is OCR subject to the AI Act?

Yes, if OCR is used in a high-risk decision (e.g., extracting financial statements for credit scoring). RocketFin integrates OCR into its audit trail with complete traceability.

What penalties for non-compliance?

Fines up to EUR 15 million or 3% of global revenue (whichever is higher). Plus temporary deployment ban.

Where do I start?

Complete model audit → Documentation → Robustness testing → Human oversight → NFRA registration. RocketFin guides you at each step.