⚠️
STATIC ANALYSIS — Limited confidence
Code and documentation were analysed statically — the audit engine did not
execute the system live. Where session traces were provided, behavioural
findings derive from those traces, not from live execution.
Some verdicts rely on heuristic signals and are labelled accordingly;
they may not reflect actual runtime behaviour.
For a full technical dossier with executable evidence and SHA-256 seal,
contact contact@factnotebook.com.
1. 🧨 EXECUTIVE SUMMARY
FINAL VERDICT
⚠️ PARTIAL TECHNICAL ALIGNMENT (57/100 — threshold: 75)
📌 DECISION SYNTHESIS
| Layer |
Value |
Detail |
| Regulatory verdict |
⚠️ PARTIAL EVIDENCE |
Evidence maturity below deployment threshold (57/100 — threshold: 75) |
| Regulatory Final Score (gates applied) |
57.17/100 |
🟡 Partial (threshold : 75) · After gate kill-switches, coverage factor, and proof factor |
| DOC↔CODE Sincerity |
🟢 TRUSTED (100.0%) |
Declared vs implemented alignment |
| Recommended decision |
P1 remediation required. Controls present but evidence incomplete. |
|
Key finding : No sufficient technical evidence identified within the analyzed scope for: Article 12.
Algorithmic sincerity analysis performed on 17/06/2026
📊 KEY INDICATORS (KPIs)
This report does not only produce a score. It produces verifiable technical evidence, re-executable tests, and a cryptographically sealed dossier.
| Metric |
Value |
Meaning |
| Technical signals extracted |
92 |
Facts collected from source code |
| Maturity score |
46 checkpoints |
Articles 9–15 EU AI Act (Annex III) |
| Controls Failing Verification |
0 |
Active evidence of control absence (not just missing evidence) |
| Evidence Gaps (NOT OBSERVED) |
14 |
No evidence found in audit scope — does not assert absence |
| Raw Maturity Score (pre-gates) |
79 / 100 |
Weighted average across 7 articles — before gate penalties |
| Unsupported Documentation Ratio |
100.00% |
🚨 CRITICAL — Share of documented controls without technical implementation evidence — 100% = no documented control is technically corroborated |
Interpretation : Critical divergence detected between documented controls and technical implementation.
🔥 TOP 3 BUSINESS RISKS
- REGULATORY: Regulatory exposure increased due to critical deficiencies under Article 12 (record-keeping). Process mining shows 0% strict compliance over 20 sessions, with all sessions non-compliant. No audit trail evidence was found, undermining the ability to demonstrate conformity to regulators.
- OPERATIONAL: Deployment approval risk — Article 12 documentation fidelity is critically low at 57.17/100, indicating poor doc-code consistency. This gap may delay or block market placement as regulators require robust evidence of record-keeping before authorization.
- REPUTATIONAL: Technical audit trail insufficient for due diligence by enterprise customers or potential acquirers requiring AI Act conformity evidence. The 100% non-compliance rate in audit trail logging erodes trust and may deter partnerships or investments.
🎯 RECOMMENDED DECISION
❌ EVIDENCE INSUFFICIENT — Available technical evidence is insufficient to support a positive assessment within the analyzed scope. Technical remediation required.
- Immediate action : Priority remediation on critical gaps before deployment in regulated context.
- Next step : Technical architecture review (see Section 7).
Methodology Notice
Evidence levels (E0–E5), contradiction detection, assurance scoring and control mapping are defined in the FactNotebook Technical Evidence Framework.
View methodology →