Transparency rules in2 Aug 2026
Help center / Roadmap and documents

Org-wide vs per-system documents

Veillo's documents come in two shapes. Knowing which is which saves you from generating the wrong thing or wondering why a template is greyed out.

Updated May 2026

Organisation-wide documents

These cover the whole company, so you generate one of each. They do not depend on any particular system.

  • AI Literacy Policy (Article 4): how your people are expected to use AI responsibly.
  • Article 50 Disclosure (Article 50): how you tell people when they are dealing with AI or AI-generated content.
  • Risk Management Procedure (Article 9): the process you run to spot and reduce the risks your high-risk systems create.

Per-system documents

These are specific to a single high-risk system, so you generate one for each high-risk system you confirm. They name the system and pull in its details.

  • Annex IV Memo: the technical documentation you hold for the system.
  • Human Oversight Protocol: who watches the system and how they step in.
  • Incident Response Procedure: what you do if it causes or risks serious harm.
  • Data Governance Procedure: how you keep its input data fit for purpose.

Until you have a confirmed high-risk system, the per-system templates stay disabled, with a note telling you so. That is expected, not a bug.

When your register changes

If you add a high-risk system, generate its four per-system documents. If a system's use changes enough to affect its classification, regenerate the documents that name it so they stay accurate. The quarterly review is there to catch exactly this kind of drift.

Was this helpful?

Still need help?

Get in touch and a human will answer, or book a short walkthrough.

A note on cookies

We use strictly necessary cookies to run the site and keep it secure. With your OK, we also use privacy-respecting, EU-hosted analytics to see how Veillo is used. No advertising, no third-party trackers. Read our cookie policy.