EU AI Act

As of:

The EU AI Act (Regulation (EU) 2024/1689) is the world’s first comprehensive law regulating artificial intelligence. It applies directly in all EU member states and follows a risk-based approach: the higher the risk an AI system poses to health, safety or fundamental rights, the stricter the obligations.

The regulation distinguishes four levels: prohibited practices (such as social scoring by public authorities), high-risk systems (for example in critical infrastructure, recruitment or law enforcement) with extensive requirements for risk management, data quality, documentation and human oversight, transparency obligations for certain systems (such as labelling AI interactions and generated content), and minimal risk without specific requirements. Providers of general-purpose AI models — such as large LLMs — face obligations of their own, including technical documentation and copyright-related duties.

On the timeline (as of July 2026): the regulation entered into force in August 2024, with obligations phased in — the bans have applied since February 2025, the GPAI obligations since August 2025, the bulk of the high-risk obligations apply from August 2026, and those for high-risk AI in regulated products from August 2027. A common misconception: the AI Act does not ban AI — most applications fall into the lowest category. Anyone providing or operating high-risk systems, however, should not underestimate the compliance effort.

Latest articles on this term