[guillermollopis]

Interesting approach. One thing worth noting: the compliance challenge isn't just about runtime behavior — it's about documentation that proves you went through the right process. Annex IV requires documenting your training data provenance, design rationale, testing procedures (with dated and signed test logs), and risk management system. A compliance layer at the agent level handles Article 14 (human oversight) and Article 12 (record-keeping) well, but doesn't address the upfront documentation burden of Sections 1-7 of Annex IV. For teams looking at the full picture, the AESIA guides (aesia.digital.gob.es) are the best practical reference available right now, since harmonised standards from CEN-CENELEC won't be finalized until Q4 2026 at the earliest.