An authoritative A-Z glossary for boards, regulators and operators. Written by Moweb partners, used in client engagements, kept current as the field evolves.
Regulation 2024/1689 of the European Union, establishing risk-based obligations for AI systems placed on the EU market. Defines prohibited, high-risk, limited-risk and minimal-risk categories.Definition
An AI system that can take multi-step actions toward an objective, typically by invoking tools, calling APIs and reasoning over intermediate results. Operates over a defined permission and observation scope.Definition
A pattern where an AI agent orchestrates a multi-step business process, often with checkpoints for human review at consequential steps. The default Moweb deployment pattern for agentic systems is human-in-the-loop.Definition
A standard published by the UK Cabinet Office requiring central-government bodies to publish a structured record of any algorithmic tool used in decision-making.Definition
The set of artefacts - model documentation, evaluation results, control catalogues, runbooks - that constitute the evidence for a regulatory or internal audit of an AI system. Moweb ships an audit pack with every production deployment.Definition
Annex III of the EU AI Act lists the use cases classified as high-risk AI systems, covering domains such as biometrics, critical infrastructure, education, employment, essential services, law enforcement, migration and the administration of justice.Definition
Annex IV of the EU AI Act sets out the technical documentation that providers of high-risk AI systems must compile and keep up to date, covering system description, design choices, data governance, risk management and post-market monitoring.Definition
AI literacy is the obligation under Article 4 of the EU AI Act for providers and deployers to ensure a sufficient level of skill, knowledge and understanding of AI among staff and others operating or affected by their AI systems.Definition
Article 50 of the EU AI Act sets transparency obligations for certain AI systems, requiring that people are informed when they are interacting with an AI system, when content is artificially generated or manipulated, and when emotion recognition or biometric categorisation is used.Definition
Systematic testing of an AI system for disparate impact across protected attributes, within the constraints of applicable privacy law. A standard component of every Moweb evaluation harness.Definition
Coalition for Content Provenance and Authenticity. An open technical standard for attaching tamper-evident provenance metadata to media files.Definition
Australian Prudential Regulation Authority standard on operational risk management. In our reading, the cleanest operational-risk frame currently published for AI workloads.Definition
Under the EU AI Act, the formal evaluation required for high-risk AI systems before placing on market. Typically a combination of internal assessment and notified-body involvement.Definition
A generation pattern where the model output is restricted to a structured schema, list of options or grammar - rather than free-form text. Used to make output reliably consumable by downstream systems.Definition
A structured inventory of the controls applied to an AI system, mapping each control to a regulatory or internal requirement and to its evidence.Definition
An AI assistant that proposes, drafts or recommends - while a human retains the action and the accountability. Distinguished from an agent by the absence of unsupervised tool use.Definition
A context window is the maximum number of tokens a large language model can attend to in a single forward pass, comprising the prompt, any retrieved content, prior conversation turns and the model's own generated output.Definition
A conformity declaration affixed to a product to indicate that it meets the applicable European Union harmonisation legislation, including, for high-risk AI systems, the requirements of Regulation (EU) 2024/1689.Definition
A prompting technique in which a large language model is encouraged to produce intermediate reasoning steps before its final answer, typically improving performance on multi-step arithmetic, logical, and commonsense tasks.Definition
A formal, versioned specification of the schema, quality, ownership and SLA of a data product. The architectural compensation for the failure modes generative AI introduces in downstream consumers.Definition
Data Protection Impact Assessment. Required under GDPR (and equivalents) for processing likely to result in high risk to data subjects. Moweb engagements that touch personal data include DPIA support as standard.Definition
Under Regulation (EU) 2024/1689, a natural or legal person using an AI system under its authority in the course of a professional activity, distinct from the provider that placed the system on the market.Definition
A mathematical definition of privacy under which the output of an analysis changes only marginally when any single individual's record is added to or removed from the input dataset, quantified by a privacy budget epsilon.Definition
A versioned, reproducible suite of tests run against an AI system on every change. Covers accuracy, hallucination, bias, PII leakage and task-specific criteria. The single highest-leverage investment for production AI.Definition
Effective challenge is the principle in supervisory guidance SR 11-7 that model risk management must include critical analysis by objective, informed parties who can identify model limitations, question assumptions and produce appropriate changes.Definition
An embedding is a dense numerical vector representation of a piece of content, such as a word, sentence, image or document, learned so that semantically similar items map to nearby points in a continuous vector space.Definition
Explainability is the property of an AI system that allows its behaviour and outputs to be understood by humans, including the factors that drove a particular decision and the limits of the model's competence.Definition
Adjusting a foundation model's weights on a domain-specific dataset. Moweb deploys fine-tuning sparingly - usually only when retrieval cannot achieve the required accuracy or style.Definition
Federated learning is a machine learning approach in which a model is trained across multiple decentralised devices or servers holding local data samples, exchanging model updates rather than the raw data itself.Definition
AI that produces novel content - text, code, image, video, audio - in response to a prompt or context. The dominant category of enterprise AI deployment in 2026.Definition
Constraints applied at the input, output, or system level to prevent unsafe, off-policy or off-brand AI behaviour. Includes content filters, retrieval guardrails and structured-output schemas.Definition
General-purpose AI refers to AI models, including large generative models, that display significant generality and are capable of competently performing a wide range of distinct tasks, regardless of the way the model is placed on the market.Definition
A confident but unfounded AI output. The primary failure mode of generative systems in production. Moweb's evaluation harnesses include explicit hallucination regression tests.Definition
A deployment pattern where a human reviews, edits or accepts AI output before consequential action. The default Moweb pattern for any system with legal, clinical or financial consequence.Definition
An effective challenge of a model carried out by qualified personnel who are organisationally separate from the model developers and users, covering conceptual soundness, ongoing monitoring, and outcomes analysis.Definition
A structured representation of entities and the relationships between them, typically expressed as a labelled directed graph and used to integrate heterogeneous data and to support reasoning, search, and retrieval.Definition
A large language model is a neural network, typically based on the transformer architecture, trained on a very large corpus of text to predict the next token in a sequence and able to generate, summarise, classify and reason over natural language.Definition
A structured document describing a model's intended use, limitations, training data, evaluation results and known risks. A core audit-pack artefact.Definition
The risk of adverse outcomes from decisions based on flawed AI models. Governed in banking by SR 11-7 (US) and SS1/23 (UK), and increasingly cited in AI Act compliance.Definition
MLOps is a set of practices that combines machine learning, software engineering and operations to deploy, monitor and maintain machine learning models in production reliably and at scale.Definition
Model drift is the degradation of a machine learning model's predictive performance over time as the statistical properties of the input data or the relationship between inputs and the target variable change relative to the training distribution.Definition
A model inventory is a comprehensive, maintained record of all models in use across an organisation, capturing ownership, purpose, inputs, methodology, validation status, risk tier and lifecycle stage.Definition
An assessment of the potential impact of a model's errors on the institution, expressed as a tier that drives the depth of development standards, documentation, validation, and ongoing monitoring applied to the model.Definition
The discipline of identifying, measuring, monitoring, and controlling the risk that a model produces adverse outcomes through incorrect or misused output, set out for US banks in supervisory guidance SR 11-7.Definition
AI Risk Management Framework published by the US National Institute of Standards and Technology. Defines Govern, Map, Measure, Manage functions. The default US-side AI governance reference.Definition
A notified body is an independent organisation designated by an EU member state to assess the conformity of certain products, including specified high-risk AI systems, with the applicable requirements of EU law before they are placed on the market.Definition
The continuous monitoring of an AI system's inputs, outputs, decisions and metrics in production. Distinct from evaluation: evaluation is offline, observability is live.Definition
Under the EU AI Act, the obligation to continuously monitor high-risk AI systems in production for emerging risks and to feed findings into ongoing improvement.Definition
An attack where adversarial content in a model's input (e.g. a document, web page or user message) causes the model to deviate from its intended behaviour. A standard red-team scenario.Definition
The practice of structuring text inputs to a generative model so that its outputs more reliably meet a desired specification, including format, tone, factual grounding, and refusal behaviour.Definition
Under Regulation (EU) 2024/1689, a natural or legal person that develops an AI system or general-purpose AI model, or has one developed, and places it on the Union market or puts it into service under its own name or trademark.Definition
A pattern where a model is supplied with relevant retrieved context at generation time, rather than relying solely on its training data. The dominant production pattern for enterprise generative AI.Definition
An adversarial review of an AI system before launch, probing for prompt injection, jailbreak, social engineering, data exfiltration and other failure modes. Every Moweb consequential system gets one.Definition
Reinforcement Learning from Human Feedback. A training technique for aligning foundation models with human preferences. Largely the responsibility of model providers, not enterprise consumers.Definition
A contractual commitment to a level of availability, latency, accuracy or other measurable behaviour. Every production AI system Moweb ships has an explicit SLA.Definition
US Federal Reserve guidance on model risk management. The dominant US banking reference, often combined with OCC 2011-12. Cited in Moweb's financial-services engagements.Definition
UK Prudential Regulation Authority Supervisory Statement on model risk management. The UK counterpart to SR 11-7, with broader scope including AI.Definition
Under GDPR, a third party engaged by a processor to assist in personal-data processing. Moweb maintains an up-to-date sub-processor list under the GDPR DPA.Definition
Data that is artificially generated rather than obtained from direct measurement of real-world events, designed to preserve selected statistical properties of a source dataset while removing direct identifiers and reducing re-identification risk.Definition
A higher-priority instruction supplied to a large language model by the application developer, separate from end-user input, that sets persona, scope, tone, refusal rules, and output format for the session.Definition
Under the UK Senior Managers and Certification Regime, a role within a regulated firm that requires regulatory pre-approval because the role-holder carries individual accountability for areas of the firm's affairs that could cause significant harm to the firm or its customers.Definition
A unit of text used by language models for input, generation and pricing. Roughly 0.75 words in English. Token economics shape AI procurement decisions.Definition
A plain-language description of an algorithmic system, published by the operator. Required by the UK Algorithmic Transparency Standard and recommended by several jurisdictions.Definition
An organisational model of accountability in which operational management owns risk, risk and compliance functions provide oversight, and internal audit provides independent assurance to the governing body.Definition
A specialised database for storing and querying high-dimensional embeddings, used as the retrieval layer in RAG systems. Pinecone, Weaviate, Qdrant and pgvector are common choices.Definition
The embedding of a signal into digital content so that its origin, integrity, or authorised use can later be verified, with the signal designed to survive routine processing while remaining imperceptible to ordinary consumers of the content.Definition