Main Menu

More

Main Menu Button
Login

The EU AI Act: An Overview

The EU AI Act: An Overview

The EU AI Act defines an Artificial Intelligence (AI) system as a machine-based system designed to operate with varying levels of autonomy. Its ability to both exhibit adaptiveness after deployment, as well as infer from the inputs it receives, means it has the potential to influence physical and virtual environments. Considering this, the EU have introduced a law that intends to foster trustworthy AI in Europe, prioritising growth and security simultaneously.   


What is the EU AI Act?

The EU AI Act is a flagship law introduced to regulate how AI systems should be designed and implemented, within the EU. With the growing focus on AI’s implications on information and cyber security, the Act proposes taking a risk-based approach when considering both. By classifying AI applications on a spectrum from no risk to banned entirely, it allows for tighter controls and improved protection of sensitive data that was otherwise left exposed. 

Here are the Risk-Based Classifications: 

  • Unacceptable→ AI application will be banned due to their potential to cause harm e.g., social scoring systems and manipulative technologies 
  • High→ Includes tools that evaluate creditworthiness or critical infrastructure. These AI applications will require rigorous assessment before market entry and businesses must determine whether their existing/planned AI applications fall under this. 
  • Limited→ Such as image processing systems and chatbots, these AI applications will still carry obligations e.g., disclosing that a user interacted with an AI system. 
  • Minimal→ Applications, such as spam filters, are not subjected to further regulatory requirements. 

Businesses utilising applications considered ‘high risk’ must meet a range of requirements also laid out in the Act, such as a risk management system and technical documentation, to be compliant and avoid penalties. Whilst systems labelled as a ‘limited risk’ are evaluated under these same requirements, they face reduced scrutiny in comparison. 


EU AI Act Timeline

After a three year long legislative process, the act officially entered into force on 1st August 2024. As of the 2nd of February 2025, all providers and deployers of AI systems must ensure, to the fullest of their ability, a sufficient level of AI literacy among staff dealing with its operation and use. Prohibitions on unacceptable risk were also entered into force. Up until August of 2026, new regulations will be routinely introduced every 6-12 months. These range from the introduction of fines in August 2025 to the obligations (registration in EU database and quality management systems) for high-risk AI systems coming into effect in August 2026. 


What are the consequences of non-compliance?

A lack of compliance with the EU AI Act imposes significant fines, either a predetermined amount or calculated as a percentage of the offending company’s annual turnover- whichever is higher.  

Here’s the breakdown: 

  • Non-compliance with prohibitions→ €35M or 7% of turnover 
  • Supplying incorrect, incomplete or misleading information→ €7.5M or 1.5% of turnover 
  • Non-compliance with other obligations→ €15M or 3% of turnover 

How will this affect companies outside the EU?

Much like the global reach of the General Data Protection Regulation (GDPR), the AI Act applies so long as the AI system is either on the EU market, or its outputs have effects within the EU. However, even if there is a non-European company with no intentions of going to the EU market, it may still be necessary for them to comply with the EU AI Act in order to reduce the legal risks associated with selling AI-based products/services. 

Overall, the EU AI Act marks a significant step towards regulating artificial intelligence in a way that balances innovation with ethics. And whilst its aims to ensure AI’s responsible development and deployment across Europe could present some challenge to businesses, it sets a much needed global standard for safe and accountable AI use. 

Next Generation Compliance

Powered by AI

Privacy | Cookies

Lexverify Ltd
Registered in England and Wales: 13092081
© 2024 Lexverify Ltd. All Rights Reserved.

Book a demo

Fill in a few details

    First name*
    Last name*
    Company name*
    Work email*
    No. of employees
    How did you find us?
    By submitting this form, you agree to be contacted in relation to our products and services, and receive occasional updates via email. You can unsubscribe at any time. Your personal data will be processed in line with our Privacy Policy.

    Download file…

    Please submit your details, so we know how popular our downloads are, thank you!

      First name*
      Last name*
      Email Address*