marketing.docsPage.nav.postMarketMonitoring

Post-Market Monitoring — Art. 72

Art. 72 Overview

Article 72 of the EU AI Act requires providers of high-risk AI systems to establish a post-market monitoring system before placing a system on the market and maintain it throughout the system's entire operational lifecycle. The system must actively collect and analyse data on performance, safety, and adverse outcomes from real-world use. ActLoom provides a structured per-system monitoring plan with an event log timeline, review scheduling, and links to the incident management module.

What post-market monitoring gives you

Early warning before harm escalates

You can catch drift, degraded accuracy, and complaints before they become a serious incident or regulator question.

A repeatable review rhythm

Each system gets a cadence, owner, and baseline so monitoring does not depend on ad hoc memory.

A continuous evidence stream

Events, reviews, and linked corrective actions become a living record that strengthens audits and management reviews.

Operational aspect	What to know in ActLoom
Prerequisites	The AI system should already exist and be categorized accurately. Monitoring is most useful once a system has a production or near-production context.
Main inputs	Monitoring cadence, owner, baseline metrics, logged events, complaints, drift observations, corrective actions, and linked incidents.
Main outputs	Monitoring plan, event timeline, review deadlines, incident escalation path, and post-market reporting evidence.
Who typically uses it	Compliance, QA, product operations, safety, and owners of deployed high-risk systems.
Plan access	Monitoring is available across plans; it becomes more valuable when paired with incidents, reports, and governance reviews.
Relevant routes	/api/post-market/plans, /api/post-market/events, /api/post-market/events/[id]/escalate-to-incident

Monitoring plan structure

Each high-risk AI system registered in ActLoom automatically receives a monitoring plan with the following components:

Performance baseline — The accuracy, precision, recall, and fairness metrics established at deployment. New measurements are compared against this baseline.
Review cadence — Monthly, quarterly, or annual — configured per system based on risk profile. Upcoming reviews appear in the governance calendar.
Plan owner — A named team member responsible for conducting reviews and logging events. Receives reminder emails ahead of each review.
Event log — Chronological log of every performance event, user complaint, corrective action, and data drift detection associated with the system.
Incident links — Events that escalate to serious incidents are automatically linked to the corresponding IncidentReport record for unified tracking.

Recruitment AI — Monitoring Plan

Quarterly review · Owner: Sarah Kim

+ Log Event

Performance Degradation

highApr 12, 2026

Accuracy dropped 4.2% vs. baseline after data drift

Corrective Action

mediumApr 10, 2026

Retraining scheduled — model refresh complete

User Complaint

lowApr 5, 2026

Candidate flagged unexplained rejection

Drift Detected

mediumMar 28, 2026

Input distribution shift in applicant demographics

Fig 28. Post-market monitoring — Art. 72 event timeline with severity tracking and linked incident references.

Monitoring plan per AI system

Each high-risk AI system in ActLoom has its own monitoring plan with a defined review cadence (monthly, quarterly, or annual), assigned owner, and linked incident history. The plan is automatically generated when you register a high-risk system and can be customised from the system detail page under the "Monitoring" tab.

Event Logging

Any team member can log a post-market event from the system detail page (Monitoring tab → Log Event). Events are classified by type and severity, and each entry includes a free-text description, date, and optional link to a corrective action or incident record. The full timeline is viewable in the event log and exportable as PDF for regulatory submissions.

Event Type	Description	Severity options	May trigger incident?
performance_degradation	Accuracy, precision, recall, or F1 score below agreed threshold	High / Medium	Yes — if safety-critical
drift_detected	Input data distribution has shifted significantly vs. training baseline	Medium	Possibly — if correction not applied
user_complaint	End-user reported adverse outcome, unexpected behaviour, or perceived bias	Low / Medium / High	Yes — if harm occurred
corrective_action	Model retrain, weight update, patch, or configuration change applied	Informational	No
bias_identified	Statistically significant disparate impact detected in output data across protected groups	High	Yes — if fundamental rights affected
third_party_audit	External audit, assessment, or penetration test conducted	Informational	Only if critical findings
regulatory_inquiry	Market surveillance authority has initiated an inquiry or requested information	High	Possibly

Event → Action Flow

Log Event

Select event type, severity, description, and occurrence date from the Monitoring tab.

Auto-classify

ActLoom checks severity and type. High-severity events prompt a confirmation dialog with a suggested path.

Corrective Action?

If a fix is applied, log a corrective_action event and link it to the triggering event for a clear cause-effect chain.

Escalate if Needed

If the event qualifies as a serious incident, create an IncidentReport with one click — all event data pre-populated.

Data retention

The EU AI Act requires providers to maintain post-market monitoring records for at least 10 years after the system is taken off the market (Art. 18). ActLoom retains all event logs and monitoring plans for the full retention period even if you downgrade or cancel your subscription.

Signals worth logging even when they are not incidents

Repeated user complaints that point to a pattern, even if no serious harm has been confirmed.
Drops in accuracy, false-positive rate, or fairness metrics compared with the deployment baseline.
Data drift, input changes, or operational conditions that make previous validation less representative.
Corrective actions and retrains, so later reviewers can see what changed and why performance improved or degraded.

Related Sections

Incident Management

Go here when a monitoring signal crosses into serious-incident territory or needs an authority-facing workflow.

Governance & AIMS

Use this when recurring monitoring signals should become formal reviews, non-conformities, or objectives.

Documents

Read this when monitoring history needs to be packaged for audits, diligence, or management review.

Artifacts

Use this for the deliverable-level view of monitoring plans, review histories, and event timelines.

Ready to get started?

Join hundreds of companies using ActLoom to simplify AI Act compliance. Start your free assessment today — no credit card required.

Start Free Assessment View Pricing

Questions? Contact us at support@actloom.com

Loading…

ActLoom

Check My Compliance