EU AI Act Compliance

The operational infrastructure your high-risk AI needs

The EU AI Act compliance deadline is August 2, 2026.

If you're building or deploying high-risk AI in financial services, healthcare, HR, or critical infrastructure, you need more than policy work — you need operational tooling. LangSmith provides the tracing, evaluation, and human oversight your systems need, deployable in your EU cloud region today.

Book a Compliance AssessmentRead the EU AI Act Guide

Non-compliance carries penalties up to €15M or 3% of total worldwide annual turnover.

Three technical requirements. One platform.

Observability and tracing

Regulators want a record of the actions your AI system takes. LangSmith captures every LLM call, tool invocation, and reasoning step — inputs, outputs, timestamps, and agent context — giving you the audit trail Articles 12 and 13 require.

Continuous evaluation

The Act requires ongoing measurement on production traffic. LangSmith's online evaluators continuously score traces for bias, toxicity, hallucination, PII leakage, and adversarial inputs — with alerts when a metric crosses your threshold.

Human oversight built in

Article 14 requires that humans can intervene, override, and interrupt AI systems. LangGraph's interrupt primitive makes human-in-the-loop a first-class part of the agent graph. LangSmith's annotation queues and webhooks make every intervention auditable.

Start your compliance assessment

Trusted by enterprises in financial services, healthcare, and critical infrastructure

Klarna
Elastic
Rakuten
Workday
LinkedIn
Vanta
Cisco
Bridgewater
Lyft
The Home Depot
Cloudflare
Bristol Myers Squibb
GitLab
NU
Monday.com
Coinbase
Rippling
dbt Labs

The compliance deadline is real

The EU AI Act is the first comprehensive AI regulation. If you're building high-risk AI systems in financial services, healthcare, HR, manufacturing, or critical infrastructure, the clock is running. Many teams have started the policy work — but you also need the operational infrastructure to back it up.

Aug 2, 2026
EU AI Act high-risk compliance deadline
€15M
Maximum penalty or 3% of global annual turnover
100K+
Active organizations already on LangSmith
Book a Compliance Assessment

Article-by-article compliance coverage

The EU AI Act's technical requirements map directly to LangSmith capabilities — from risk management to post-market monitoring

Articles 9, 12, and 13 require a living risk management system, automatic event logging over the system's lifetime, and traceable, interpretable decisions. LangSmith's end-to-end tracing captures every LLM call, tool invocation, and reasoning step with structured metadata: inputs, outputs, timestamps, and agent context. LangSmith Studio visualizes the full execution graph — including state transitions and tool calls — so you can inspect each decision step by step. The Insights Agent processes trace data to automatically surface failure modes and usage trends. For EU data residency, LangSmith EU keeps all trace data in-jurisdiction. With self-hosted and BYOC options, the entire stack runs in your cloud region.

Talk to a compliance expert
LangSmith trace view showing full agent execution

Sovereign AI Infrastructure

Keep your compliance data in-jurisdiction.

For EU data residency requirements, deployment matters. LangSmith EU SaaS, BYOC, and full self-hosted options are designed for agent workloads in production. Your data never leaves your perimeter.

Full Observability Icon

LangSmith EU (eu.smith.langchain.com)

All trace data stays in the EU. GDPR, SOC 2 Type II, and HIPAA compliant. Available on all plans at no extra cost. The fastest path to in-jurisdiction compliance for most teams.

Trust center
Model Neutral Icon

BYOC

Control plane managed by LangChain, data plane in your cloud (AWS, Azure, GCP). Compliance data stays in your cloud region. Ideal for enterprises that need data residency without the full operational burden of self-hosting.

Admin Access Control Icon

Full Self-Hosted

Entire stack in your Kubernetes cluster. The complete stack runs in your own cloud region — your data never leaves your perimeter. Terraform modules for AWS, Azure, and GCP.

Self-hosted docs

Why LangSmith for EU AI Act compliance

Built for agents, not just models

The Act's requirements were written for AI systems that reason, retrieve context, call tools, and make multi-step decisions. LangSmith traces the full agent execution graph — not just individual model calls.

Sovereign deployment options

LangSmith EU keeps all trace data in-jurisdiction. With BYOC, data stays in your cloud region. With full self-hosted, the entire stack runs in your Kubernetes cluster. The right choice depends on how much operational control you need.

Same practices, built in

Full tracing, continuous evaluation, and human-in-the-loop oversight are the same practices teams already follow to run agents well in production. Compliance is a byproduct of doing the work right.

Compliance in production

Klarna

"LangChain has been a great partner in helping us realize our vision for an AI-powered assistant, scaling support and delivering superior customer experiences across the globe."

Sebastian Siemiatkowski, CEO and Co-Founder, Klarna

Read case study
Vodafone

"We've been using LangChain's components for over a year now. It's been a critical enabler for our transition from open-source experimentation to production-grade AI systems."

Antonino Artale, Senior Manager of Cloud Solutions, Orchestration and Intelligence, Vodafone

Read case study

Speak to a LangSmith compliance expert

August 2 is close. We'll walk through your high-risk AI systems, map them against the Act's technical requirements, and help you understand which deployment option fits your data residency needs.