FRIA: the AI Act obligation that should already be in place
From 2 February 2026, deploying high-risk AI in the EU requires a Fundamental Rights Impact Assessment. If yours lives in a Word document in a shared folder, it does not exist as far as the auditor is concerned.
EU legal obligation
What a FRIA is and why it matters
FRIA
The FRIA (Fundamental Rights Impact Assessment) is the assessment of the impact on fundamental rights required by Article 27 of the EU AI Act from deployers of high-risk AI systems in the European Union. It has been mandatory since 2 February 2026 — it is not a recommendation, and its absence is an audit finding.
A FRIA assesses the affected groups, the rights at stake (with probability and severity), the mitigation measures, human oversight and the redress mechanism. It is not the same as a GDPR DPIA, although the two can reference each other.
What Art. 27 requires
Linedat models the FRIA as a versioned dossier linked to the AI system, with separation of duties and an automatic finding when it is missing.
Linked to the AI system
The FRIA is tied to an inventoried high-risk AI system with its risk class — there are no orphan FRIAs.
Impact on fundamental rights
Affected groups (including vulnerable populations) and rights at stake with likelihood × severity.
Mitigation, oversight and redress
Mitigation measures, human oversight and a mandatory redress mechanism.
Approval with separation of duties
The person who drafts the FRIA cannot approve it; approval requires four eyes.
How Linedat covers it
Linedat models the FRIA as a versioned dossier linked to the AI system, with separation of duties and an automatic finding when it is missing.
FRIA: Fundamental Rights Impact Assessment
The FRIA required by EU AI Act Art. 27, versioned and linked to the AI system — not a Word document sitting in a folder.
View capability →AI GovernanceAI System Inventory by Risk Class
The AI Act audits systems, not API calls. Every AI system inventoried with its risk class.
View capability →AI GovernanceBias Detection with p-value
We do not tell you there is bias: we prove it, with a p-value.
View capability →AI GovernanceVersioned Model Cards and Dataset Cards
Transparency is not an attached PDF: it is a versioned card with status.
View capability →Privacy (GDPR)DPIA: Proactive Impact Assessment (Art. 35)
Do not wait for the risk to find you: the catalogue tells you which assets require a DPIA.
View capability →FAQ
Respuestas sobre implementación y capacidades
Related standards
Bring compliance to your own data
Connect your sources and see it in your environment. Free to start.
