DOI: 10.36347/sjet.2021.v09i11.007

Pages: 268-279

As artificial intelligence (AI) systems become increasingly integrated into high-impact domains, the imperative to ensure legal compliance throughout their development and deployment lifecycle has never been greater. Regulatory frameworks such as the General Data Protection Regulation (GDPR) and the forthcoming EU Artificial Intelligence Act (AI Act) impose detailed obligations related to privacy, transparency, and accountability. However, translating these legal requirements into actionable engineering practices remains a challenge, especially within the fast-paced and automated workflows of AI DevOps. This paper addresses this gap by proposing a set of compliance-aware models for embedding regulatory logic into Continuous Integration and Continuous Deployment (CI/CD) pipelines. Through a design science methodology, the study introduces four technical diagrams: a compliance diagram, an embedded pipeline architecture, a GDPR lifecycle mapping model, an AI Act risk-based gatekeeping system, and a DevSecOps workflow with legal checkpoints. Each diagram operationalizes specific aspects of GDPR and AI Act mandates, transforming them into automation-ready, modular components compatible with modern DevOps tools. The models are evaluated through a critical engagement with recent literature, drawing from 15 authoritative sources. Sector, specific adaptability, tooling implications, and organizational challenges are also addressed. The result is a practical framework that enables developers, compliance officers, and AI engineers to design and deploy systems that are both legally accountable and agile. This research advances the discourse on responsible AI development by reframing compliance as a core design principle within the software delivery lifecycle. It offers both conceptual clarity and practical guidance for organizations seeking to develop AI systems that are lawful by default.