Dr. Vladyslav Petrov

Dr. Vladyslav Petrov · Senior .NET Architect · AI Orchestration · EU AI Act compliance-by-design

AI features that pass the EU AI Act — without a rebuild before the deadline.

I don't tell you how to comply — I build it and own the result. One engineer who speaks the regulation, not a handoff to lawyers. Compliance is designed into the architecture from the first line of code — not bolted on afterwards.

Discuss your project →

Who this is for

You shipped AI features — and hit the EU AI Act, GDPR and ISO all at once.

Your lawyer explains the law but never touches the code. Your developers write the code but don't read the regulation. The market keeps asking for “Legal + Technical” in one person — and can't find it. You need one person who covers both sides inside the system itself.

What I solve

Compliance as a property of the design — not a retrofit.

AI features designed for the AI Act from day one

Risk classification, human oversight, logging and transparency are part of the architecture — not written in before an inspection. Not a retrofit against moving deadlines, but a system where compliance is a property of the design.

Documented responsibility matrix

You know exactly who is the provider, who is the deployer, and where your obligations run (Art. 26–27). I don't absorb your regulatory risk — I make it manageable and documented.

Transparency by design

Article 50 as a living mechanism in the product, not paperwork: users see they are talking to AI, disclosure is built into the UX — not into a PDF.

What you walk away with is what you will actually be asked for: risk classification of your AI features, technical documentation, transparency disclosures, post-market monitoring — and a system that backs all of it with logs: what ran, when, and on which data.

I design against ISO/IEC 42001 (AI management systems) and the EU AI Act — an anchor the market recognises, built into the architecture rather than papered on afterwards.

Separately: AI literacy for your staff (Art. 4) — this obligation is already in force. If your team works with AI without training, you are already behind the requirement. A fast, low-risk way to start working together.

Deadlines without panic

Half the market scares you with a single date. The real picture is more nuanced — and I track it.

  • Already in force Prohibited practices and staff AI literacy (Art. 4) — since February 2025.
  • August 2026 Transparency obligations (Art. 50) — chatbots, generative content, disclosure.
  • December 2027 High-risk systems (Annex III) — pushed back by the Digital Omnibus package. If you are planning around the old date, you are planning wrong.

Precise dates aren't pedantry. They are the difference between “rebuild everything by tomorrow” and a calm engineering programme.

Under the hood

Compliance is a property of the system. Someone has to build the system.

My specialisation is AI orchestration around production LLMs:

  • RAG and agent pipelines — grounding on your data, governed tool use — not “a chatbot on top of an API”.
  • Reliability and observability — retries, fallbacks, response-quality evaluation, full tracing: every AI answer can be explained and reproduced. What an auditor calls logging — and you call control.
  • Provider lock-in abstraction — multi-model orchestration: switch or combine LLM providers without rewriting the product. Regulatory bonus: control over data residency.
  • .NET backend integration — not a prototype sitting next to your product, but production code inside it.

The buyer's biggest fear: “Can we trust the output without a major rework?” — You can, if the system is built so that trust is verifiable.

How we work

No “sign up for a year”. The entry is small and verifiable.

  1. Scoping sprint — 2 weeks

    Inventory of your AI features, risk classification, provider/deployer boundaries, a work plan. You leave with a document you can act on — with me or without me.

  2. Execution — 2–3 months

    We build: architecture, compliance layer, logging, documentation. The Petrosoft team delivers; I am the architect and your single point of accountability.

  3. Pre-deadline audit

    The system is checked against the current requirements — your lawyers/DPO join here; legal sign-off stays with them.

  4. Quarterly retainer

    Regulation keeps moving (the Digital Omnibus won't be the last shift) — your system and documentation keep up.

Start with a scoping sprint →

Why me

Usually you get lawyers without engineering, or engineers without law.

PhD · Senior .NET architect · specialised at the intersection of engineering and AI regulation. A rare profile — and exactly the one this problem needs.

I work async-first: written communication as the default mode. Precise, documented, nothing lost across endless calls.

Petrosoft

A company behind the projects — not a freelancer running out of hours.

Behind the projects stands Petrosoft s. r. o. — a team I lead. I am the public face and the lead architect, but a team delivers the project, not one person: we take on the whole project, and capacity is not limited by a single calendar.

Contact

A question about the AI Act — or a project on the horizon? Write to me.

Email: vlad.petrov@vladpetrov.eu
LinkedIn: linkedin.com/in/vlad-petrov-phd