Introduction
The European Union has adopted the Artificial Intelligence Act (AI Act), which came into force on August 1, 2024. It is the world’s first comprehensive AI regulation law, covering any AI system used on the European market — regardless of where the company is based. When AI began helping doctors diagnose, banks assess credit scores, recruiters select candidates, and even police predict crimes, it became clear the technology carries enormous potential — but also significant risks: bias, manipulation, privacy violations, and mass surveillance.
1. What Does the AI Act Aim to Achieve?
- Protect human rights from discriminatory use of AI.
- Build trust in technology through transparency.
- Create a unified competitive market for innovation in Europe.
2. Who Is Covered by the Regulation?
The regulation applies to developers, deployers, importers, distributors, and general-purpose AI model (GPAI) developers.
Risk Classification System
The AI Act classifies AI systems into four risk levels:
- Minimal Risk: Anti-spam tools, games (no requirements).
- Limited Risk: Chatbots (requirement to inform users).
- High Risk: Credit scoring, recruitment, medical applications (strict requirements: documentation, audits, human oversight).
- Prohibited: Social scoring, manipulative AI, mass biometric surveillance (complete ban).
Requirements for High-Risk AI
Companies must implement risk management systems, technical documentation, transparency measures, outcome traceability, and human oversight.
Prohibited Practices
Prohibited systems include those that exploit vulnerable groups, social scoring tools, and mass biometric surveillance. Such systems must be removed from the EU market by February 2025.
Implementation Timeline
- August 2024: Law enters into force.
- February 2025: Removal of prohibited systems.
- August 2025: GPAI requirements apply.
- August 2026: Full implementation for high-risk AI.
- August 2027: Final deadlines (including healthcare sector).
Penalties
- Up to €35 million or 7% of global turnover — for use of prohibited AI.
- Up to €15 million or 3% — for violations related to high-risk systems.
- Up to €7.5 million or 1% — for providing false information to regulators.
Recommendations for Business
- Audit all AI solutions and determine their risk category.
- Establish documentation, control processes, and incident reporting systems.
- Train staff and designate responsible persons.
Conclusion
Compliance with the AI Act is mandatory, but for businesses it also represents a strategic opportunity to gain competitive advantage, increase consumer and investor trust, and demonstrate the ethical use of technology.
