AI Sigil Logo
Contact Us
Back to all insights
A broken chain

Sections

Understanding Compliance for Risky AI Systems in the Workplace

Risky AI Systems: An Overview

The emergence of Artificial Intelligence (AI) has brought about significant advancements, but it also poses substantial risks. Understanding these risks is crucial for businesses and employers who utilize AI systems. This article delves into the implications of the EU AI Act, a groundbreaking piece of legislation that regulates AI based on its risk levels.

The EU AI Act: A World First

On February 2, 2025, the EU AI Act came into effect, marking the first legislative effort globally to regulate AI systems. The Act categorizes AI uses into various risk levels—from minimal risk to unacceptable risk. This classification aims to enhance safety, transparency, and sustainability while preventing discriminatory practices in AI applications.

Organizations need to be proactive in ensuring compliance to avoid potential fines and reputational damage.

Scope of the Act: Who Needs to Comply?

The Act applies not only to AI suppliers within the EU but also to providers and users located outside the EU if their AI outputs are utilized within the EU. For instance, using an AI recruitment tool in the UK for hiring within the EU falls under the Act’s jurisdiction.

Risk Categories Defined

AI uses are classified into different risk categories:

  • Minimal Risk: Most AI systems currently available in the EU market.
  • Limited Risk: Subject to light-touch obligations.
  • High Risk: Stricter regulations are imposed.
  • Unacceptable Risk: Banned outright due to significant threats to users and society.

The maximum penalty for non-compliance can reach €35 million or up to 7% of a firm’s total annual turnover.

High Risk AI Systems

High-risk AI systems include applications that affect fundamental rights, such as:

  • Biometric data categorization (e.g., AI in CCTV).
  • Education and training tools (e.g., detecting erratic student behavior).
  • Employment-related AI (e.g., HR decision-making and recruitment).
  • Justice administration (e.g., AI in alternative dispute resolution).

These systems must demonstrate a significant risk of harm to health, safety, or fundamental rights to qualify as high risk.

Unacceptable Risk AI Systems

As of February 2, 2025, certain AI systems have been categorized as unacceptable risk and are thus prohibited. Examples include:

  • Systems that socially score individuals.
  • Emotion recognition technologies in workplaces and schools.
  • Biometric categorization systems that infer sensitive attributes.

Action Steps for Employers

Employers must take immediate steps if their business falls within the Act’s scope:

  • Audits: Evaluate current AI systems for compliance with risk categories.
  • Policies: Establish governance policies to guide responsible AI usage.
  • Training: Educate employees about AI risks and responsibilities.
  • Supplier Compliance: Ensure third-party AI providers adhere to the Act.

Proactive compliance with the Act will help maintain a culture focused on people, mitigate substantial fines, and protect the organization’s reputation.

More Insights

A globe with a digital lock

US Rejects UN’s Call for Global AI Governance Framework

November 23, 2025 AI,Artificial Intelligence Governance,Global Collaboration,International Policy
U.S. officials rejected the establishment of a global AI governance framework at the United Nations General Assembly, despite broad support from many nations, including China. Michael Kratsios of the...
Read More
A digital lock

Agentic AI: Managing the Risks of Autonomous Systems

November 23, 2025 AI,AI Governance,Artificial Intelligence Governance,Regulatory Compliance
As companies increasingly adopt agentic AI systems for autonomous decision-making, they face the emerging challenge of agentic AI sprawl, which can lead to security vulnerabilities and operational...
Read More
A puppet

AI as a New Opinion Gatekeeper: Addressing Hidden Biases

November 23, 2025 AI,AI Ethics,AI Governance,AI Regulation Awareness
As large language models (LLMs) become increasingly integrated into sectors like healthcare and finance, a new study highlights the potential for subtle biases in AI systems to distort public...
Read More
A blueprint to illustrate the structured approach to creating regulatory frameworks.

AI Accountability: A New Era of Regulation and Compliance

November 23, 2025 AI,AI Accountability,AI Regulation,Regulatory Compliance
The burgeoning world of Artificial Intelligence (AI) is at a critical juncture as regulatory actions signal a new era of accountability and ethical deployment. Recent events highlight the shift...
Read More
A blueprint

Choosing Effective AI Governance Tools for Safer Adoption

November 23, 2025 AI,AI Governance,AI Regulation Awareness,Regulatory Compliance
As generative AI continues to evolve, so do the associated risks, making AI governance tools essential for managing these challenges. This initiative, in collaboration with Tokio Marine Group, aims to...
Read More
A network globe illustrating global consensus and collaboration on AI governance.

UN Initiatives for Trustworthy AI Governance

November 23, 2025 AI,AI Governance,AI Regulation,Global AI Policy
The United Nations is working to influence global policy on artificial intelligence by establishing an expert panel to develop standards for "safe, secure and trustworthy" AI. This initiative aims to...
Read More
A compass

Data-Driven Governance: Shaping AI Regulation in Singapore

November 23, 2025 AI,AI Ethics,AI Governance,Technology Policy
The conversation between Thomas Roehm from SAS and Frankie Phua from United Overseas Bank at the SAS Innovate On Tour in Singapore explores how data-driven regulation can effectively govern rapidly...
Read More
A roadmap

Preparing SMEs for EU AI Compliance Challenges

November 23, 2025 AI,AI Governance,AI Regulation Awareness,EU Compliance
Small and medium-sized enterprises (SMEs) must navigate the complexities of the EU AI Act, which categorizes many AI applications as "high-risk" and imposes strict compliance requirements. To adapt...
Read More
A digital lock – representing security and control over AI systems.

Draft Guidance on Reporting Serious Incidents Under the EU AI Act

November 23, 2025 AI,AI Regulation,EU Compliance,Regulatory Frameworks
On September 26, 2025, the European Commission published draft guidance on serious incident reporting requirements for high-risk AI systems under the EU AI Act. Organizations developing or deploying...
Read More