Human Oversight (EU AI Act Article 14)
Verify your agents have human-in-the-loop controls for high-risk actions.
Deadline: August 2, 2026
EU AI Act Article 14 enforcement begins. Non-compliance penalties up to 15M or 3% of global turnover.
What is Article 14?
EU AI Act Article 14 requires high-risk AI systems to be designed with human oversight capabilities:
High-risk AI systems shall be designed and developed in such a way… that they can be effectively overseen by natural persons during the period in which they are in use.
Specifically, Article 14 requires:
- Understanding - Humans can interpret the system’s capabilities and limitations
- Interpretation - Humans can correctly interpret outputs
- Override - Humans can override or interrupt the system’s operation
- Safe Halt - A “stop button” brings the system to a safe halt
What Inkog Detects
Inkog’s universal_missing_oversight rule detects when high-risk actions lack human approval gates.
Detection Rule
id: universal_missing_oversight
title: Missing Human Oversight for High-Risk Actions
severity: HIGH
category: governance
compliance_mapping:
eu_ai_act: ["Article 14.1", "Article 14.4"]
nist_ai_rmf: ["GOVERN 4.1"]
iso_42001: ["7.2"]What Triggers Detection
| Pattern | Detected | Explanation |
|---|---|---|
ToolCall without preceding HumanApprovalNode | Yes | High-risk tool with no approval gate |
graph.add_edge(A, B) where B is high-risk | Yes | Direct path to dangerous action |
Missing interrupt_before in graph compile | Yes | No interruption point configured |
human_input=False on high-risk crew | Yes | Human input explicitly disabled |
Framework-Specific Patterns
LangGraph
LangGraph uses interrupt_before to pause execution for human review.
Vulnerable Pattern
from langgraph.graph import StateGraph
graph = StateGraph(TradeState)
graph.add_node("analyze", analyze_market)
graph.add_node("execute", execute_trade)
graph.add_edge("analyze", "execute") # Direct path - no human check!
# VULNERABLE: No interrupt_before
app = graph.compile()Compliant Pattern
from langgraph.graph import StateGraph
graph = StateGraph(TradeState)
graph.add_node("analyze", analyze_market)
graph.add_node("human_review", wait_for_approval)
graph.add_node("execute", execute_trade)
graph.add_edge("analyze", "human_review")
graph.add_edge("human_review", "execute")
# COMPLIANT: Interrupt before execution
app = graph.compile(interrupt_before=["execute"])CrewAI
CrewAI uses human_input=True to require human confirmation.
Vulnerable Pattern
from crewai import Crew, Process
crew = Crew(
agents=[analyst, trader],
tasks=[analyze_task, trade_task],
process=Process.sequential,
# VULNERABLE: No human input required
)Compliant Pattern
from crewai import Crew, Process
crew = Crew(
agents=[analyst, trader],
tasks=[analyze_task, trade_task],
process=Process.sequential,
human_input=True, # COMPLIANT: Requires human confirmation
)LangChain
LangChain uses approval callbacks or custom middleware.
Vulnerable Pattern
from langchain.agents import AgentExecutor
agent_executor = AgentExecutor(
agent=agent,
tools=tools,
# VULNERABLE: No approval mechanism
)Compliant Pattern
from langchain.agents import AgentExecutor
def require_approval(tool_input):
"""Custom approval callback."""
print(f"Agent wants to execute: {tool_input}")
approval = input("Approve? (yes/no): ")
if approval.lower() != "yes":
raise ValueError("Action not approved")
return tool_input
agent_executor = AgentExecutor(
agent=agent,
tools=tools,
handle_tool_error=True,
callbacks=[ApprovalCallback()], # COMPLIANT: Approval callback
)Microsoft Copilot Studio
Copilot Studio uses approval nodes in topic flows.
Vulnerable Pattern
topics:
- id: "delete-account"
nodes:
- id: "get-email"
type: "question"
- id: "delete"
type: "powerautomate"
# VULNERABLE: Direct deletion, no approvalCompliant Pattern
topics:
- id: "delete-account"
nodes:
- id: "get-email"
type: "question"
- id: "confirm"
type: "approval"
properties:
approvers: ["manager@company.com"]
timeout: 24h
- id: "delete"
type: "powerautomate"
# COMPLIANT: Approval required before deletionHigh-Risk Actions
Not all actions require human oversight. Focus on:
| Category | Examples |
|---|---|
| Financial | Transactions, payments, refunds |
| Data Deletion | Account deletion, record purging |
| Access Changes | Permission grants, role modifications |
| External Communication | Emails, notifications, API calls |
| Irreversible Actions | Any action that cannot be undone |
Compliance Evidence
Inkog generates Article 14 compliance evidence:
{
"article_mapping": {
"Article 14": {
"status": "PASS",
"description": "Human Oversight",
"finding_count": 0,
"details": {
"approval_gates_found": 3,
"high_risk_actions_protected": true,
"interrupt_points_configured": true
}
}
}
}Remediation Steps
- Identify high-risk actions in your agent workflow
- Add approval gates before each high-risk action
- Configure interrupt points in graph compilation
- Test the approval flow to ensure it works
- Run Inkog to verify compliance
# Verify human oversight is configured
inkog . --policy governance
# Check Article 14 specifically
inkog . --policy eu-ai-actRelated
Last updated on