Title: Article 12 of the EU AI Act starts in 80 days — practitioner toolkit with 14 months of production patterns

Body:

For anyone building AI products that reach EU users: Article 12 of the EU AI Act becomes applicable on 2 August 2026. For high-risk AI systems under Annex III (biometrics, employment scoring, credit, healthcare, education, law enforcement, critical infrastructure), the law requires automated event logging that holds up in audit, with retention of 5+ years for most categories. Penalty cap is 15 million euros or 3% of global turnover.

I have been running Article 12 logging in production for 14 months across a multi-provider setup (Anthropic, OpenAI, Google, DeepSeek, self-hosted Llama). The patterns I ended up with are different from what I assumed when I first read the text.

Some things that turned out to matter more than I expected:

Per-vote logging in multi-provider voting setups. If you only log the final outcome you cannot reconstruct decisions in an audit. Every voter, every gate, every threshold value, separately logged.

Hash chains plus Ed25519 signatures per batch. The text just says "automatic recording" but regulators expect tamper-evidence in any non-trivial audit.

Sectoral retention overlays. The headline retention from Article 12 is shorter than what MDR (medical), NIS2 (critical infrastructure) or the Law Enforcement Directive will impose on top.

I put the field patterns into a 40-page bilingual (DE/EN) practitioner toolkit plus five Excel templates, three checklists, and 50+ JSON schemas. Launch price 29 euros: https://yoendem.gumroad.com/l/eu-ai-act-article-12-toolkit

Curious what others are doing for the cross-provider observability piece — particularly if you have a clean way to handle the case where a fallback briefly routes through a non-EU model.