Phased in starting August 1, 2024, the EU AI Act is a global standard aimed at ensuring AI systems are safe, transparent, traceable, and non-discriminatory. The Act adopts a "risk-based" approach, focusing not on the technology itself, but on the potential risks created by its specific applications.
Risk-Based Classification Pyramid
Unacceptable Risk (Prohibited)
Systems that manipulate human behavior, conduct social scoring, or utilize real-time biometric facial recognition in public spaces are strictly prohibited.
High Risk
Systems used in healthcare, education, employment, and critical infrastructure. These require strict data governance, risk mitigation, and mandatory conformity assessments.
Limited Risk
Technologies such as chatbots and deepfakes. These are subject to specific transparency obligations so users are aware they are interacting with an AI.
Minimal Risk
Systems like spam filters or AI-supported video games. These are largely exempt from the Act and can be freely developed and used.
Compliance and Enforcement Timeline
The Act provides a phased transition period for companies to achieve compliance:
Extraterritorial Impact and Penalties
The EU AI Act does not solely apply to companies established within EU borders. It encompasses any global company that places an AI system on the EU market or whose AI system's outputs are used within the EU. Companies falling within this scope that violate the rules may face administrative fines of up to €35 million or 7% of their total worldwide annual turnover, depending on the severity of the infringement.
Is Your Company Within the Scope of the EU AI Act?
Do not let legal barriers halt your global expansion. Plan your risk assessments, gap analyses, and formal legal attestations for your AI projects today.
Request a Legal & Ethical Compliance ReviewOriginal documents
Read the primary sources referenced in this article:
↓ Regulation (EU) 2024/1689 — the EU AI Act (EUR-Lex)