Contact Us
Back to all insights

Understanding the EU AI Act: Key Compliance Insights

A puzzle piece to symbolize the integration of AI literacy in society

Understanding the EU AI Act: Key Insights and Compliance Obligations

As the European Union (EU) prepares to implement the Artificial Intelligence Act (AI Act), businesses must navigate a new regulatory landscape that sets forth strict compliance requirements. This act is poised to reshape how AI systems are deployed within the EU, introducing obligations for AI literacy and outlining prohibited practices.

The AI Act at a Glance

The EU AI Act aims to create a harmonized framework for AI systems, categorizing them based on their associated risk levels. Here are some of the key features:

  • A broad scope: The act covers providers, deployers, manufacturers, importers, and distributors of AI systems, including those operating outside the EU market.
  • A definition for AI systems: The act specifies what constitutes an AI system.
  • A phased enforcement schedule: Certain obligations will come into effect immediately upon the act’s implementation.
  • Severe penalties for noncompliance: Penalties may exceed those under the General Data Protection Regulation (GDPR).

What is an AI System Under the EU AI Act?

The AI Act does not apply to all AI systems; it specifically targets those that qualify as an “AI system” according to Article 3(1) of the act. An AI system is defined as:

AI system means a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments.”

To assist stakeholders in determining whether their systems qualify, the European Commission (EC) has issued guidelines, which acknowledge the challenges posed by the evolving nature of AI technology. These guidelines, however, are nonbinding, and definitive interpretations will be determined by the Court of Justice of the European Union (CJEU).

Immediate Compliance Obligations as of February 2, 2025

AI Literacy (Article 4)

Concept

Article 4 mandates that providers and deployers of AI systems ensure their staff and users possess a sufficient level of AI literacy. The act does not specify how this literacy should be achieved. To facilitate compliance, the EU AI Office has established a living repository of practices among AI system providers and deployers. This repository shares examples of AI literacy initiatives that can help organizations build their strategies.

Preparing for Compliance

Organizations should:

  • Evaluate current practices: Assess the AI literacy levels within your organization.
  • Leverage the repository of AI practices: Utilize the repository to find relevant practices.
  • Engage in the AI Pact: Consider involvement in the AI Pact initiative.
  • Regularly update practices: Stay informed about evolving AI literacy standards.

Prohibited AI Practices (Article 5)

Concept

Article 5 prohibits the marketing, use, or deployment of AI systems that pose an “unacceptable risk.” Specific prohibitions include:

  • Harmful AI-based manipulation and deception
  • Social scoring
  • Emotion recognition in workplaces
  • Real-time remote biometric identification for law enforcement in public spaces

These prohibitions will take effect six months after the AI Act comes into force, starting February 2, 2025.

Guidelines for Compliance

The EC has recently adopted guidelines to clarify the practices prohibited under Article 5, aiming for uniform application across member states. These guidelines are also nonbinding, and final interpretations will rest with the CJEU.

Legal Privilege and Compliance Documentation

The EU AI Act grants regulators broad access to AI risk assessments and compliance documentation. However, legal privilege can protect certain internal communications from disclosure. Organizations should consult legal counsel to ensure that their compliance strategies remain protected where applicable.

Next Steps for Businesses

For businesses operating globally, the guidance issued by the EC is vital for effectively managing compliance with the EU AI Act. Recommended practices include:

  • Assessing AI systems: Determine if your AI systems fall under the EU AI Act’s scope.
  • Identifying your role: Clarify whether your company is a provider, deployer, or both.
  • Reviewing risks: Mitigate risks associated with AI deployments.
  • Ensuring compliance: Train staff to meet AI literacy obligations.
  • Consulting legal counsel: Maintain legal privilege for compliance strategies.
  • Monitoring regulatory updates: Stay informed about forthcoming guidelines.

With the phased implementation of the EU AI Act, now is the time for businesses to align their AI strategies with regulatory expectations. Proactive compliance will help mitigate risks and avoid significant penalties in the future.

More Insights

Un livre ouvert symbolisant la réglementation et la législation.

Understanding the EU AI Act: Key Highlights and Implications

February 28, 2025 AI,AI Regulation,European Union AI Governance,Regulatory Compliance
The EU's Artificial Intelligence Act categorizes AI systems based on their risk levels, prohibiting high-risk systems and imposing strict regulations on those deemed high-risk. The legislation aims to...
Read More
A broken chain

Tech Giants Clash with EU Over AI Transparency: Creatives Demand Fair Compensation

February 28, 2025 AI,AI Regulation,Regulatory Compliance,Transparency in AI
The European Union's AI Act, the world's first law regulating artificial intelligence, requires AI companies to notify rightsholders when their works are used for training algorithms. As tech giants...
Read More
A robot with a question mark

The Dangers of AI-Washing in Nutrition

February 28, 2025 AI,AI Ethics,Artificial Intelligence Governance,Transparency in AI
AI-washing is a deceptive marketing tactic where companies exaggerate the role of AI in promoting their products or services, potentially misleading consumers. As AI becomes more integrated into the...
Read More
A magnifying glass

Understanding the Implications of the AI Act for Businesses

February 28, 2025 AI,AI Ethics,AI Regulation,Regulatory Compliance
The AI Act, published by the EU, establishes the world's first comprehensive legal framework governing artificial intelligence, requiring businesses to identify and categorize their AI systems for...
Read More
A transparent shield

Establishing AI Guardrails for Compliance and Trust

February 28, 2025 AI,AI Ethics,AI Governance,AI Governance Best Practices
As the EU's AI Act comes into full force in 2026, businesses globally will face challenges due to the lack of standardisation in AI regulation, creating compliance uncertainty. Implementing AI...
Read More
A canvas with an AI-generated portrait

Arkansas Protects Citizens with New AI Likeness Law

February 28, 2025 AI,AI Governance,AI Regulation,Data Protection
Arkansas has enacted HB1071, a law aimed at protecting individuals from unauthorized AI-generated likenesses for commercial use, requiring explicit consent for such replication. This legislation...
Read More
A magnifying glass illustrating the scrutiny and examination of AI policies.

Tech Giants Resist Key Changes to EU AI Regulations

February 28, 2025 AI,AI Regulation,European Union AI Governance,Regulatory Compliance
The EU AI Act is regarded as the most comprehensive set of regulations for artificial intelligence, yet it lacks specific implementation details. Currently, tech giants are pushing back against the...
Read More
A set of gears illustrating the complex machinery of AI regulation.

Connecticut’s Crucial AI Regulation Debate

February 28, 2025 AI,AI Governance,AI Regulation,Regulatory Compliance
The ongoing public hearing in Hartford focuses on the need for regulation of artificial intelligence (AI) systems in Connecticut, emphasizing the potential risks of unchecked technology. Supporters...
Read More
A community circle

Promoting Inclusive AI Through Evidence-Based Action

February 28, 2025 AI,AI Ethics,Vulnerable Groups Protection
The essay discusses the need for inclusive AI practices and the importance of reviewing evidence from diverse public voices to ensure that marginalized groups are represented in AI decision-making. It...
Read More

Ready to become AI compliant?

Take the first steps in your transformation towards international AI compliance.

Book a Discovery Call See Frameworks

Explore

Research & Market Studies
EU AI Act Key Date and milestone illustration
Implementation Timeline of the AI Act
Back to all insights Table of Contents Summary   August 1, 2024: EU AI Act...
Latest News on AI Compliance
Un livre ouvert symbolisant la réglementation et la législation.
Understanding the EU AI Act: Key Highlights
The EU's Artificial Intelligence Act categorizes AI systems based on their risk levels, prohibiting high-risk...
A broken chain
Tech Giants Clash with EU Over AI
The European Union's AI Act, the world's first law regulating artificial intelligence, requires AI companies...
A robot with a question mark
The Dangers of AI-Washing in Nutrition
AI-washing is a deceptive marketing tactic where companies exaggerate the role of AI in promoting...
A magnifying glass
Understanding the Implications of the AI Act
The AI Act, published by the EU, establishes the world's first comprehensive legal framework governing...

© 2023 AI Sigil

Medium Envelope