Tapaustutkimukset

Miten tiimit käyttävät AIRegistraa.

Esimerkkiskenaariot — fiktiiviset, perustuvat design partner -keskustelujen kuvioihin. Aidot tapaustutkimukset korvaavat nämä, kun asiakkaat menevät live.

Skenaariot

Kaksi kuviota

Nämä ovat kaksi muotoa, joita design partner -keskustelut ovat ottaneet useimmiten. Molemmat paikkamerkit korvataan aidoilla, nimellisillä tapaustutkimuksilla.

Esimerkkiskenaario — fiktiivinen

Sample scenario — fictional. Based on patterns we see in mid-market SaaS conversations.

A 120-person B2B SaaS company shipping AI features

From "we have six policies in three docs" to a defensible Article 4 readiness PDF in roughly six weeks.

Asiakasprofiili

Toimiala: B2B SaaS — workflow automation for legal teams
Koko: 120 employees, ~25 in engineering, ~15 in product
Maantiede: HQ Tallinn, Estonia. Customers across the EU and UK.
AI-kypsyys: Ships AI summarisation features (powered by a third-party LLM API). Internal adoption of AI tools across go-to-market and engineering. No formal governance pre-AIRegistra.
Sääntelykonteksti: GDPR exposure as a processor for EU customers. EU AI Act exposure as both Provider (AI features) and Deployer (internal AI tool usage).

Ongelma

Procurement requests from EU customers asking for the AI usage policy started arriving in early 2026. The team had three different policies in two different documents owned by no one. Internal tool usage was untracked — finance discovered the AI line item had doubled across two quarters with no explanation. The team had committed to producing a defensible AI Act readiness response by the end of Q2 2026 with no clear path.

Ratkaisu

Adopted AIRegistra in week 1. Imported the last 90 days of billing CSVs across week 1–2 — surfaced 18 AI tools, of which 6 were unknown to the compliance owner. Declared both Provider (their own AI features) and Deployer (internal tools) roles in week 2. Worked the EU AI Act readiness checklist across weeks 3–5, attaching evidence as it was created. Ran the first Article 4 training session in week 4, recorded attendance, attached as evidence. Generated the first snapshot PDF in week 6.

Lopputulos

Procurement responses now point to the snapshot PDF and the live readiness state. Time-to-respond on AI-related questionnaires dropped from "we will get back to you in 5 days" to a same-day response with an attached PDF. Finance gained visibility into AI spend per team and per category for the first time. The compliance owner moved from "I have no idea what we have" to "I can defend this in an audit" within two months.

"Honestly the biggest thing was just having one place to point at when a customer asked. The PDF is real evidence; before we had vibes."
— Compliance owner — name redacted while company is finalising public reference.

Tool Register EU AI Act Training Provider + Deployer

Esimerkkiskenaario — fiktiivinen

Sample scenario — fictional. Based on patterns we see in AI-first startup conversations.

A 35-person AI-first startup

A team of 35 with no formal compliance owner builds defensible Article 4 evidence without hiring.

Asiakasprofiili

Toimiala: AI-first startup — vertical AI for healthcare administration
Koko: 35 employees, ~20 in engineering and ML, no dedicated compliance role
Maantiede: HQ Helsinki. Customers in Nordic and Baltic markets.
AI-kypsyys: High — the entire product is AI. Internal adoption of additional AI tools across go-to-market is also high.
Sääntelykonteksti: EU AI Act applies as Provider (their core product likely sits in the high-risk Annex III category for healthcare AI). GDPR sensitive given health-data context. Multiple national supervisory authorities in scope.

Ongelma

A 35-person company cannot justify a full-time compliance hire but the product's regulatory profile (healthcare + AI) makes the obligations real. The CTO had been informally tracking obligations in a Notion page. Investor due diligence on a Series A round flagged the gap; a customer hospital procurement team flagged the same gap two weeks later.

Ratkaisu

Adopted AIRegistra. Designated the COO as compliance owner (~5 hours / week scope, not full-time). Declared Provider role for the core product and Deployer role for internal tools. Worked the Provider checklist methodically over six weeks, attaching technical documentation as evidence. Used the policy templates to adopt an AI usage policy and an Article 4 training plan without writing them from scratch. Ran the first training session async via Loom — recorded, attached as evidence.

Lopputulos

The Series A diligence question moved to "yes, we have this and here is the documentation" — closed in the next round. The hospital procurement team accepted the readiness PDF as part of vendor onboarding. The COO retains compliance ownership without it consuming their week. Total elapsed time from adoption to defensible evidence: roughly seven weeks.

"We could not afford to hire a compliance person and we could not afford to skip compliance. AIRegistra is what made the maths work."
— COO — name redacted while company is finalising public reference.

Provider role Healthcare Series A diligence Solo compliance owner

Haluatko olla tapaustutkimus?

Design partnerit saavat lukitun hinnan, kuukausipuhelun ja nimensä julkaisupostauksessa. ~30 paikkaa; kohortti sulkeutuu, kun täynnä.

Hae design partneriksi