How to Use This Bible
This document is the single source of truth for AI compliance in Brazil. Every factual claim traces to a primary legal source — Brazilian federal legislation, regulatory resolutions, or official guidance from competent authorities. Where PL 2338/2023 is discussed, it is clearly marked as pending legislation that has not been enacted into law.
Chapters 1-2 establish the regulatory landscape. Chapters 3-4 detail compliance obligations and data governance. Chapters 5-6 cover sector-specific rules and enforcement. Chapters 7-8 address cross-border considerations and provide a practical compliance checklist. Three appendices supply legal references, official resources, and a glossary.
Want to monitor your AI compliance automatically? Try AIOS — your AI compliance OS. https://mmoww.net/ai/app/
Quick Decision Matrix
Use this matrix to determine your AI compliance obligations.
| Your Situation | Risk Level | Priority Action | Go To |
|---|---|---|---|
| Deploying AI that affects employment decisions | High | Impact assessment required | Chapter 3 |
| Using AI for customer-facing services | Medium-High | Transparency obligations apply | Chapter 4 |
| Internal AI tools (analytics, automation) | Medium | Document and monitor | Chapter 5 |
| AI in regulated sector (finance, health) | High | Sector-specific rules apply | Chapter 3 |
| Procuring AI from third-party vendor | Medium | Vendor due diligence needed | Chapter 5 |
| Just exploring AI for the first time | Low | Start with governance framework | Chapter 2 |
5-second answer: If your AI system makes decisions that affect people, you have compliance obligations. Start with Chapter 2 for the regulatory framework, then Chapter 3 for your specific obligations.