EU Data Act Addendum
This EU Data Act Addendum (this “Addendum”) supplements the terms and conditions of use agreement (the “Agreement”) between the Customer and Arva AI Inc. (“Arva AI”). This Addendum confirms the non-applicability of Regulation (EU) 2023/2854 (the “EU Data Act”) to Arva AI’s Services and sets out the basis for that determination.
Confirmation
1. Arva AI confirms that the EU Data Act’s Chapter VI switching and portability obligations do not apply to its Services as at the date of this Addendum.
ARVA AI IS NOT A DATA PROCESSING SERVICE
2.1 Service Description. Arva AI provides AI-powered financial crime compliance solutions to the Customer, including Screening AI, KYB/KYC AI, Transaction Monitoring AI, and Ongoing Monitoring (the “Services”). The Customer accesses the Services through Arva AI’s platform for the purpose of enabling the Customer to assess compliance decisions, risk assessments, and due diligence reports.
2.2 Article 2(8) of the EU Data Act defines “data processing service” as a digital service enabling “ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources”. All elements of this definition must be satisfied cumulatively.
2.3 The European Commission has established that a SaaS provider falls outside scope where customers contract for a purpose-specific outcome and the underlying computing is merely incidental to the Service’s main functionality.
2.4 A financial institution or business subscribes to Arva AI Services for compliance support (which may include automated alert resolution, risk assessments and due diligence) and not for access to configurable computing resources. The AI processing underpinning Arva AI’s Services is the delivery mechanism for those compliance outcomes and is not itself the product.
2.5 Three critical elements of the Article 2(8) definition are absent:
(a) Configurable computing resources. Arva AI’s customers configure compliance workflows, risk thresholds, and standard operating procedures. The Customer does not provision, configure, or manage computing infrastructure. This constitutes business-logic configuration and not computing-resource configuration within the meaning of the definition.
(b) Customer-controlled scalability and elasticity. Arva AI scales its infrastructure internally to meet demand. Customers have no visibility into, and exercise no control over, the allocation or release of computing resources.
(c) Minimal provider interaction. Arva AI’s onboarding involves system integration, SoP configuration, and model tuning — a degree of provider involvement inconsistent with the self-service, minimal-interaction model contemplated by the definition.
EU Data Act Addendum
This EU Data Act Addendum (this “Addendum”) supplements the terms and conditions of use agreement (the “Agreement”) between the Customer and Arva AI Inc. (“Arva AI”). This Addendum confirms the non-applicability of Regulation (EU) 2023/2854 (the “EU Data Act”) to Arva AI’s Services and sets out the basis for that determination.
Confirmation
1. Arva AI confirms that the EU Data Act’s Chapter VI switching and portability obligations do not apply to its Services as at the date of this Addendum.
ARVA AI IS NOT A DATA PROCESSING SERVICE
2.1 Service Description. Arva AI provides AI-powered financial crime compliance solutions to the Customer, including Screening AI, KYB/KYC AI, Transaction Monitoring AI, and Ongoing Monitoring (the “Services”). The Customer accesses the Services through Arva AI’s platform for the purpose of enabling the Customer to assess compliance decisions, risk assessments, and due diligence reports.
2.2 Article 2(8) of the EU Data Act defines “data processing service” as a digital service enabling “ubiquitous and on-demand network access to a shared pool of configurable, scalable and elastic computing resources”. All elements of this definition must be satisfied cumulatively.
2.3 The European Commission has established that a SaaS provider falls outside scope where customers contract for a purpose-specific outcome and the underlying computing is merely incidental to the Service’s main functionality.
2.4 A financial institution or business subscribes to Arva AI Services for compliance support (which may include automated alert resolution, risk assessments and due diligence) and not for access to configurable computing resources. The AI processing underpinning Arva AI’s Services is the delivery mechanism for those compliance outcomes and is not itself the product.
2.5 Three critical elements of the Article 2(8) definition are absent:
(a) Configurable computing resources. Arva AI’s customers configure compliance workflows, risk thresholds, and standard operating procedures. The Customer does not provision, configure, or manage computing infrastructure. This constitutes business-logic configuration and not computing-resource configuration within the meaning of the definition.
(b) Customer-controlled scalability and elasticity. Arva AI scales its infrastructure internally to meet demand. Customers have no visibility into, and exercise no control over, the allocation or release of computing resources.
(c) Minimal provider interaction. Arva AI’s onboarding involves system integration, SoP configuration, and model tuning — a degree of provider involvement inconsistent with the self-service, minimal-interaction model contemplated by the definition.
Arva AI is a platform to build, deploy, & monitor your AI workforce, automating 92% of all financial crime reviews
Product
Arva AI is a platform to build, deploy, & monitor your AI workforce, automating 92% of all financial crime reviews
Product
Arva AI is a platform to build, deploy, & monitor your AI workforce, automating 92% of all financial crime reviews
Product