Professional investors only · Passive research portal under §67 WpHG. Not investment advice, not a solicitation, not an offer. Keine Anlageberatung. Legal ›

EU AI Act Compliance & Transparency — Algorithmic Trading Documentation

Why AI Act Compliance Matters for Trading Algorithms

The EU AI Act (effective 2025) imposes transparency and auditability requirements on algorithmic systems — including trading algorithms. Regulators and institutional investors now require:

  1. Model documentation — what does the algorithm do, what data does it use, what are the known limitations?
  2. Explainability — not “black-box AI predicts the market,” but “this algorithm detects mean reversion using X statistical test, then executes conditional on Y signal”
  3. Human oversight — is there a human in the loop to catch edge cases? (“Augmented Intelligence” vs rogue automation)
  4. Bias mitigation — are there edge cases where the model fails? (Flash crashes, regime changes, data anomalies)
  5. Audit trail — can independent auditors verify that the live execution matches the documented algorithm?

DataFortress.cloud operates as a German GmbH with full AI Act compliance built-in.

Our AI Act Posture

1. Full Model Documentation

Every strategy published on this site includes:

  • Economic intuition — the market inefficiency the strategy targets (momentum, mean reversion, sentiment, regime shift, etc.)
  • Signal definition — the exact statistical test or indicator used (Bollinger Band cross, RSI threshold, correlation breakpoint, etc.)
  • Risk controls — position sizing, leverage limits, stop-loss rules
  • Backtest results — performance on historical data with assumptions clearly stated
  • Live track record — daily forward-test results against real market data

You can read the full documentation on any strategy page (click any strategy name from the leaderboard).

2. Human-in-the-Loop Risk Management

Our strategies are not autonomous rogue algorithms. The execution model is:

  • Daily decision framework — strategies run once per day at market open, submitting orders for manual review (or automated execution with kill-switch monitoring)
  • Real-time alerts — if a position moves > 3% in a single day, the research team is notified
  • Drawdown monitoring — if a strategy hits its max-drawdown threshold, trading is paused
  • Circuit breaker logic — flash-crash detection (> 5% move in < 1 minute) triggers immediate halt

The AI does the heavy lifting (quantitative screening); the team provides risk oversight.

3. Explainable, Not Black-Box

We do not use:

  • Neural networks with no clear interpretation
  • Ensemble models that cannot be audited
  • “LLM predicts market” hype

We do use:

  • Statistical hypothesis testing (measurable, repeatable, auditable)
  • Regime detection (identifiable market states)
  • Factor exposure measurement (you can see what the algorithm is “betting on”)
  • Mean reversion / momentum / sentiment / insider activity — explicit economic signals

Every decision is traceable.

4. Independent Auditability

Our infrastructure is designed for third-party verification:

  • Open-source frameworkfull Python implementation on GitHub, so auditors can inspect the code
  • Append-only data store — Postgres write-once log so no trading result can be retroactively altered
  • Git-versioned strategies — every algorithm change is logged with date and rationale
  • Reproducibility — strategies are deterministic; given the same market data and seed, they produce the same results
  • Public track record — all results are live, daily-updated, and verifiable

If your auditor wants to inspect the code, the data, or the methodology, we provide full access.

German Regulatory Advantage

DataFortress.cloud GmbH operates under:

  • BaFin oversight (German Financial Supervisory Authority) — not a licensed fund manager, but subject to German AML/KYC and general anti-fraud rules
  • §67 WpHG (Securities Trading Act) — reverse-solicitation posture means we only provide information to professional investors who request it, not active marketing to retail
  • GDPR (Personal Data Protection) — all investor data is EU-protected
  • EU AI Act (2025) — full compliance built from the start

This is not a US or offshore structure; your capital stays within the EU regulatory perimeter.

The AI Act in Plain English

The EU AI Act has four risk categories. Trading algorithms fall into:

  • High-risk: If the algorithm controls capital deployment (our case)

Our mitigations:

RequirementOur Approach
Risk assessmentDaily stress-test; monthly drawdown review
DocumentationStrategy pages + DDQ + infrastructure pages
TransparencyPublic track record; explainable signals
Data governanceAppend-only Postgres; no data tampering possible
Human oversightKill-switches; drawdown alerts; team review
Audit trailGit-versioned code; timestamped trade logs

All documented and available for regulatory review.

Request Documentation Package

If you are subject to the EU AI Act (fund, family office, insurance) and need full AI compliance documentation for your trading strategy allocation:

For professional investors

Request the investor deck, DDQ, and extended analytics. Firm-gated and reviewed manually.

Request access

Or download our Due Diligence Questionnaire and Infrastructure Overview for the full transparency picture.

Compliance Note: This is not legal advice. If you are regulated under the EU AI Act, engage a compliance counsel (e.g., a Fachanwalt für IT-Recht) to review. We provide full transparency; your legal team validates that it meets your requirements.