A corporate lawyer in Athens starts her day scanning the latest wave of laws and amendments in the Government Gazette, checking which articles have changed since yesterday. Only after that can she turn to contracts, deals, and risk memos. It’s a slow, manual process that can sometimes take hours, but for many legal and compliance teams across Europe, this is the norm.
Between 2019 and 2024, the European Union adopted 13,942 legal acts, compared with 3,725 pieces of federal legislation and 2,202 resolutions in the United States over a similar period. Long-term analysis of EUR-Lex data shows that the EU now signs off on roughly 80 directives, 1,200 regulations, and 700 decisions per year. It is no surprise that a 2025 BusinessEurope mapping exercise found more than 60% of companies see regulation as an obstacle to investment, while 55% of SMEs name regulatory and administrative burdens as their biggest challenge.
Follow THE FUTURE on LinkedIn, Facebook, Instagram, X and Telegram
The cost adds up quickly, not just in P&L but also in legal inboxes. An analysis for the European Parliament estimated that businesses in the EU-28 spent on average 1.9% of their annual turnover on tax compliance alone in 2019, more than double the share in 2014. That does not take into consideration the effort required to track and apply sector regimes such as the AI Act, DORA, or CSRD on top of national law. General counsel interviewed in recent “GC Powerlist” and in-house trend reports now talk openly about a “regulatory tsunami.” Staying on top of evolving rules has become one of the top challenges for legal and compliance leaders.
This is what Michalis Rikakis was witnessing as he began working with law firms and in-house teams. On paper, the law was public and searchable. He found lawyers who were organised and meticulous, yet still stitching together PDFs, newsletters, and personal notes just to answer a basic question: which rules apply to us today. That gap led him first to develop Dikaio.ai, a platform that automates legal updates and interpretation in the Greek market, and now he is about to launch Legitima.ai, which extends the approach into continuous compliance monitoring across EU frameworks.
In this interview with The Future Media, Rikakis explains why compliance in Europe has become a data problem as much as a legal one, how his products aim to give legal and risk teams a map of their obligations, and what it will take for companies to stay ahead as Brussels continues to legislate at this pace.
When did you first see that staying current with laws and rulings was a real problem for businesses?
I came into legal tech and compliance through a mix of frustration and fascination. As someone who has worked for years building digital products and scaling platforms, I kept seeing how much time lawyers, businesses, and even regulators spent navigating fragmented laws and compliance frameworks, especially in Greece and across the EU. Legal information was technically public but practically unusable.
In Greece, new laws and amendments are published almost daily in the Government Gazette, often modifying previous ones without clear references. A lawyer might spend hours just verifying whether an article is still valid. And when you add circulars, court rulings, and EU directives that cascade into national law, the volume becomes impossible to track manually.
I saw brilliant professionals relying on fragmented tools like PDFs, newsletters, personal notes, and realized this wasn’t a human problem; it was a data problem. The law was technically public, but practically inaccessible in real time.
That’s when I knew technology, and specifically AI, could bridge that gap. That realization became the foundation for dikaio.ai, which automates legal updates and interpretation, and now we are about to launch Legitima.ai, which extends that idea into continuous compliance monitoring across EU frameworks like the AI Act, DORA, and CSRD.
What happened that led you to start building Legitima?
Legitima really started as the natural next step after building dikaio.ai. With dikaio, we solved one of the hardest problems in Greek legal tech, keeping legislation continuously updated and searchable with AI. As we onboarded thousands of lawyers and later companies, something interesting happened: our users started asking not just “what does the law say?”, but “what should I be doing about it?”
That’s when we realized the real market gap wasn’t only access to the law, but operational compliance. That is helping organizations implement obligations from evolving EU frameworks like the AI Act, CSRD, DORA, and NIS2. Every business was suddenly facing new regulations with real penalties, and there was no unified way to understand, monitor, or prove compliance across them.
So, Legitima was born to solve exactly that. To take the infrastructure we built for legislative codification and turn it into a compliance intelligence layer: a system that automatically identifies obligations, assigns tasks, tracks evidence, and keeps companies aligned with EU law as it evolves.
In short, dikaio.ai made the law understandable; Legitima.ai makes it actionable.
What is the main mission of Legitima, and what problem does it solve for a company?
Legitima’s mission is to make regulatory compliance intelligent, continuous, and effortless, transforming it from a reactive burden into a proactive system of trust.
Today, every company faces an avalanche of EU regulations — AI Act, CSRD, DORA, NIS2, GDPR, ESG — each with complex and overlapping obligations. Most organizations still manage compliance manually through consultants, spreadsheets, and static reports that are instantly outdated. It’s slow, expensive, and human error-prone.
Legitima solves that by acting as a compliance co-pilot. It continuously maps obligations from EU and national law, translates them into concrete tasks and evidence requirements, and helps teams monitor progress, generate reports, and stay audit-ready at all times.
Our mission is to turn compliance from paperwork into process, to give companies a living, intelligent system that always knows what must be done, who’s responsible, and whether they’re compliant.
Who is the core team today, and what does each person bring to the table?
Legitima is built by the same core team behind dikaio.ai, combining deep expertise in product, AI, and law.
I lead the company as CEO and Head of Product & Strategy. I have a background in product leadership at Google and Workable, where I helped launch products like Google Meet. My focus is on translating complex legal and compliance frameworks into usable, intelligent products that scale.
Alongside me is Menelaos Petousis(CTO) with a strong engineering and design support background. He specializes in data processing, NLP, and UX for professional tools, ensuring that even the most complex compliance flows feel intuitive.
Also, Vasiliki Sfika (COO) heads our Legal Research and Compliance team, which is composed of practicing lawyers and domain experts across EU regulations who define the knowledge models and ensure regulatory accuracy.
Iordanis Sarafidis, our Chief Commercial Officer, with leadership experience in large corporations and Big 4 consulting firms, experiencing daily the regulation challenges that they face, leads our commercial team, helping customers benefit the most from the platform.
Together, we bridge the gap between regulatory depth and product execution, which is exactly what makes Legitima and Dikaio.ai unique in this space.
How do you monitor official legal sources and turn new updates into concrete actions for customers in production use?
That’s one of the core strengths of Legitima, and it builds directly on the infrastructure we developed for Dikaio.ai.
We monitor official legal sources in real time, such as the EU Official Journal, and other national gazettes and regulatory websites across member states. Our system automatically detects, parses, and codifies new publications, identifying amendments, repeals, or additions to existing acts.
From there, our AI engine and legal ontology analyze the text to understand what has changed, not just syntactically but semantically:
- Is it creating a new obligation?
- Does it affect a compliance requirement in an existing framework?
- Does it trigger a new reporting duty or documentation need for a company?
These changes are then linked to specific compliance modules (e.g., AI Act, CSRD, DORA, NIS2) inside Legitima, and the system automatically updates the relevant tasks, obligations, and evidence checklists for each customer.
In production use, customers will see these updates reflected as:
- New or modified tasks (“Perform risk re-assessment under updated Annex IV”)
- Updated deadlines or thresholds
- Notifications or briefings prepared by our compliance experts
This means that instead of reading and interpreting every new regulation, a company’s compliance dashboard simply adapts. The AI does the monitoring and mapping; the user focuses on execution and proof.
You launched Dikaio.ai in Greece in March 2025 and reached over 10.000 registered lawyers, 700 businesses, and 250,000 legal answers delivered. What did this pilot show you about demand, accuracy, and day-to-day workflows?
The pilot with Dikaio.ai gave us invaluable validation. In less than a year, we reached over 10,000 lawyers & professionals, 700 businesses, and delivered more than 250,000 legal answers, in a country with 45.000 total registered lawyers.
That showed us two things immediately: first, there’s massive demand for accessible, AI-assisted legal intelligence; and second, professionals are ready to trust and integrate AI into their daily workflows when accuracy and context are guaranteed.
We learned that lawyers and legal teams don’t just want quick answers. They want traceability and reliability. Every result in Dikaio.ai links back to the official source in the Government Gazette or EU law, which was key for trust. That design principle — transparency and verifiable references — became the foundation of Legitima.ai’s compliance engine.
We also saw how companies began using Dikaio not only for research, but for practical compliance: drafting internal policies, verifying legal obligations, and monitoring regulatory changes. That natural evolution from “search” to “action” is what led us to build Legitima, an enterprise-grade platform that operationalizes those same insights.
So, in short, the pilot proved three things:
- The demand for accessible, structured legal intelligence is huge.
- Accuracy and explainability drive adoption.
- Users are ready to evolve from Q&A to continuous compliance if you give them the right tools.
How do you handle data privacy and confidentiality for companies that use your assistant?
Data privacy and confidentiality are absolutely core to how we design both Dikaio.ai and Legitima.ai, not just as a feature, but as a foundational principle.
First, we follow a privacy-by-design and privacy-by-default architecture. Every interaction with the assistant, whether a legal query, a document upload, or a compliance task, is processed securely within isolated environments. No data is ever used for model retraining or shared outside the user’s workspace.
For corporate clients, Legitima offers dedicated organization accounts, where all documents, compliance records, and evidence stay encrypted at rest and in transit. Access controls, user roles, and audit logs ensure that only authorized personnel can view or modify sensitive material.
Naturally, we’re fully GDPR-compliant and aligned with EU data residency requirements, hosting within the EU.
Finally, we see compliance not just as something we help others achieve, but as something we practice ourselves. Legitima maintains internal compliance documentation, risk registers, and evidence trails, exactly as our customers do.
Why did you enter Startup World Cup Greece this year, and what did the experience change for you?
We entered Startup World Cup Greece because we wanted to test Legitima on a bigger stage, not just as a product, but as a vision. Greece has incredible talent in law, AI, and regulation, yet few startups try to bridge those worlds at a European level. We wanted to show that a company born here can build a compliance infrastructure for the entire EU.
The experience itself was transformative. It pushed us to sharpen our story, clarify our value beyond Greece, and connect with mentors and investors who think globally. Pitching among so many brilliant founders reminded us that innovation in regulation and compliance is not just about rules. It’s about trust, impact, and usability.
What changed for me personally was the realization that the vision we started with — to make law and compliance live, transparent, and human — truly resonates far beyond our borders. It gave us confidence to accelerate our international roadmap and pursue partnerships that can help Legitima scale across the EU.
What does success look like for Legitima over the next two years?
Over the next years, success for Legitima means becoming the trusted compliance infrastructure for European companies.
On a product level, that means having fully operational compliance modules for the AI Act, DSA, DORA, CSRD, NIS2, ESG, etc, all integrated into one intelligent platform that continuously maps obligations, assigns tasks, and tracks evidence for our customers.
On a business level, we aim to grow from early adopters in Greece to a few hundred enterprise and business clients across Europe, working with banks, tech companies, and consultancies that need a living compliance layer. By that point, we’ll be managing thousands of active compliance projects and serving as the backbone for how organizations prove conformity under EU law.
And on a mission level, success means changing how compliance feels — from something reactive and painful to something intelligent, transparent, and empowering. If, by 2027, a company in any EU country can say “we’re compliant because Legitima keeps us aligned,” then we’ll know we’ve succeeded.
