Definition
EU AI Act
The EU AI Act (Regulation 2024/1689) is the European Union's comprehensive law on artificial intelligence, in force since August 2024, with most provisions becoming enforceable in phased waves through August 2027.
The Act classifies AI systems into risk tiers: unacceptable (banned), high (heavy obligations), limited (transparency obligations) and minimal. For most enterprises, the practical bite is Article 53 — transparency obligations for general-purpose AI models — and the requirement to maintain a public-facing summary of the training data sources. For organisations deploying AI internally, NIS2 and DORA cross-reference EU AI Act requirements on incident reporting and supply-chain risk.
Why it matters
- ✓Penalties scale up to €35M or 7 % of global annual turnover for unacceptable-risk violations.
- ✓Even non-providers (organisations that USE AI) have logging, transparency and human-oversight obligations under Articles 26-29.
- ✓Cross-border enforcement is centralised through national competent authorities (CNIL in France, BfDI in Germany).
Common questions
When does the EU AI Act apply to my company?
Banned-practice provisions: February 2025. General-purpose AI obligations: August 2025. High-risk system obligations: August 2026. Full enforcement on most other articles: August 2027.