AI Sigil Logo
Contact Us
Back to all insights
A puzzle piece to symbolize the integration of AI literacy in society

Sections

Understanding the EU AI Act: Key Compliance Insights

Understanding the EU AI Act: Key Insights and Compliance Obligations

As the European Union (EU) prepares to implement the Artificial Intelligence Act (AI Act), businesses must navigate a new regulatory landscape that sets forth strict compliance requirements. This act is poised to reshape how AI systems are deployed within the EU, introducing obligations for AI literacy and outlining prohibited practices.

The AI Act at a Glance

The EU AI Act aims to create a harmonized framework for AI systems, categorizing them based on their associated risk levels. Here are some of the key features:

  • A broad scope: The act covers providers, deployers, manufacturers, importers, and distributors of AI systems, including those operating outside the EU market.
  • A definition for AI systems: The act specifies what constitutes an AI system.
  • A phased enforcement schedule: Certain obligations will come into effect immediately upon the act’s implementation.
  • Severe penalties for noncompliance: Penalties may exceed those under the General Data Protection Regulation (GDPR).

What is an AI System Under the EU AI Act?

The AI Act does not apply to all AI systems; it specifically targets those that qualify as an “AI system” according to Article 3(1) of the act. An AI system is defined as:

AI system means a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments.”

To assist stakeholders in determining whether their systems qualify, the European Commission (EC) has issued guidelines, which acknowledge the challenges posed by the evolving nature of AI technology. These guidelines, however, are nonbinding, and definitive interpretations will be determined by the Court of Justice of the European Union (CJEU).

Immediate Compliance Obligations as of February 2, 2025

AI Literacy (Article 4)

Concept

Article 4 mandates that providers and deployers of AI systems ensure their staff and users possess a sufficient level of AI literacy. The act does not specify how this literacy should be achieved. To facilitate compliance, the EU AI Office has established a living repository of practices among AI system providers and deployers. This repository shares examples of AI literacy initiatives that can help organizations build their strategies.

Preparing for Compliance

Organizations should:

  • Evaluate current practices: Assess the AI literacy levels within your organization.
  • Leverage the repository of AI practices: Utilize the repository to find relevant practices.
  • Engage in the AI Pact: Consider involvement in the AI Pact initiative.
  • Regularly update practices: Stay informed about evolving AI literacy standards.

Prohibited AI Practices (Article 5)

Concept

Article 5 prohibits the marketing, use, or deployment of AI systems that pose an “unacceptable risk.” Specific prohibitions include:

  • Harmful AI-based manipulation and deception
  • Social scoring
  • Emotion recognition in workplaces
  • Real-time remote biometric identification for law enforcement in public spaces

These prohibitions will take effect six months after the AI Act comes into force, starting February 2, 2025.

Guidelines for Compliance

The EC has recently adopted guidelines to clarify the practices prohibited under Article 5, aiming for uniform application across member states. These guidelines are also nonbinding, and final interpretations will rest with the CJEU.

Legal Privilege and Compliance Documentation

The EU AI Act grants regulators broad access to AI risk assessments and compliance documentation. However, legal privilege can protect certain internal communications from disclosure. Organizations should consult legal counsel to ensure that their compliance strategies remain protected where applicable.

Next Steps for Businesses

For businesses operating globally, the guidance issued by the EC is vital for effectively managing compliance with the EU AI Act. Recommended practices include:

  • Assessing AI systems: Determine if your AI systems fall under the EU AI Act’s scope.
  • Identifying your role: Clarify whether your company is a provider, deployer, or both.
  • Reviewing risks: Mitigate risks associated with AI deployments.
  • Ensuring compliance: Train staff to meet AI literacy obligations.
  • Consulting legal counsel: Maintain legal privilege for compliance strategies.
  • Monitoring regulatory updates: Stay informed about forthcoming guidelines.

With the phased implementation of the EU AI Act, now is the time for businesses to align their AI strategies with regulatory expectations. Proactive compliance will help mitigate risks and avoid significant penalties in the future.

More Insights

A robot with a safety helmet.

AI Regulations: Comparing the EU’s AI Act with Australia’s Approach

September 24, 2025 AI,AI Regulation,European Union AI Governance,Regulatory Frameworks
Global companies need to navigate the differing AI regulations in the European Union and Australia, with the EU's AI Act setting stringent requirements based on risk levels, while Australia adopts a...
Read More
A blueprint of a university campus integrating AI technology.

Quebec’s New AI Guidelines for Higher Education

September 24, 2025 AI,AI Governance,AI Regulation Awareness,Artificial Intelligence Governance
Quebec has released its AI policy for universities and Cégeps, outlining guidelines for the responsible use of generative AI in higher education. The policy aims to address ethical considerations and...
Read More
A magnifying glass focusing on a document labeled "AI Guidelines."

AI Literacy: The Compliance Imperative for Businesses

September 24, 2025 AI,AI Literacy,AI Regulation Awareness,Compliance Requirements
As AI adoption accelerates, regulatory expectations are rising, particularly with the EU's AI Act, which mandates that all staff must be AI literate. This article emphasizes the importance of...
Read More
A network server illustrating the infrastructure behind AI and its regulation.

Germany’s Approach to Implementing the AI Act

September 24, 2025 AI,AI Regulation,European Union AI Governance,Regulatory Frameworks
Germany is moving forward with the implementation of the EU AI Act, designating the Federal Network Agency (BNetzA) as the central authority for monitoring compliance and promoting innovation. The...
Read More
A lock with a digital fingerprint scanner

Global Call for AI Safety Standards by 2026

September 23, 2025 AI,AI Regulation,Artificial Intelligence Governance,Global Collaboration
World leaders and AI pioneers are calling on the United Nations to implement binding global safeguards for artificial intelligence by 2026. This initiative aims to address the growing concerns...
Read More
A smart home device

Governance in the Era of AI and Zero Trust

September 23, 2025 AI,AI Ethics,AI Governance,EU AI Compliance
In 2025, AI has transitioned from mere buzz to practical application across various industries, highlighting the urgent need for a robust governance framework aligned with the zero trust economy...
Read More
A blueprint to illustrate the planning and framework needed for AI governance.

AI Governance Shift: From Regulation to Technical Secretariat

September 23, 2025 AI,AI Governance,AI Regulation,Regulatory Framework
The upcoming governance framework on artificial intelligence in India may introduce a "technical secretariat" to coordinate AI policies across government departments, moving away from the previous...
Read More
A lock shaped like a computer chip to illustrate the concept of securing AI systems.

AI Safety as a Catalyst for Innovation in Global Majority Nations

September 23, 2025 AI,AI Safety Regulations,AI Security,Global AI Policy
The commentary discusses the tension between regulating AI for safety and promoting innovation, emphasizing that investments in AI safety and security can foster sustainable development in Global...
Read More
A magnifying glass illustrating the importance of scrutiny and transparency in AI governance.

ASEAN’s AI Governance: Charting a Distinct Path

September 23, 2025 AI,AI Governance,Global AI Policy
ASEAN's approach to AI governance is characterized by a consensus-driven, voluntary, and principles-based framework that allows member states to navigate their unique challenges and capacities...
Read More