The EU AI Act 2024

3-minute read

The European Union’s Artificial Intelligence Act, Regulation (EU) 2024/1689 (“EU AI Act”) was published in the EU official journal on July 12th, 2024. This Act is the first comprehensive, horizontal, legally binding framework for regulating systems across the EU.

The Act became legally mandatory on August 1st, 2024, and its enforcement will proceed two years after, on August 1st, 2026.

What is the EU AI Act?

The EU AI Act is the outcome of continuous deliberation among European governments. It aims to establish a harmonious legal framework which oversees the development, sale, purposing, and use of AI systems within the European Union.

The new law spans 180 Recitals and 113 Articles and offers a risk-based approach to regulating and regimenting AI systems.

The Act defines an AI system as “a machine-based system designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments”.

Some may consider this a broad definition, but it ensures the Act covers all grounds, from simple algorithms to more complex and multifaceted systems.

Important Points

Whether you’ve considered AI integration or are already engaged in it, you must be aware of several provisions at all levels.

1. Risk-Based Classification

The EU AI Act categorises AI systems into four risk levels: minimal, limited, high, and unacceptable.

High-risk AI systems, which have the potential to impact fundamental rights or safety, are subject to various stringent requirements, namely human oversight, transparency, and data governance. Certain systems, especially those involved in malicious or manipulative behaviour, may be prohibited entirely.

2. Transparency and Accountability

The Act mandates transparency for AI systems that interact with humans, like chatbots or automated decision-making tools. Users must know they are engaging with an AI system, and businesses deploying AI must ensure that their systems include accountability mechanisms.

3. Data Integrity

High-risk AI systems must comply with data governance and integrity requirements. Companies must ensure that training, validation, and testing datasets are relevant, representative, and bias-free.

4. Compliance

If you are non-compliant, you can expect hefty financial penalties, such as a maximum fine of 35 million Euros. Or, if 7% of your annual turnover exceeds that figure, you will pay that instead.

Moving Forward

We’re now past the enforcement date set by the Act. If you haven’t already, you should start future-proofing your business by working on your compliance efforts and establishing frameworks to ensure you achieve it. The penalties for non-compliance are high, and adhering to the Act’s conditions is crucial.

ISO/IEC 42001 helps you fast-track compliance with the EU AI Act. It’s a world-recognised standard that enables you to implement the measures necessary to deploy and regulate AI systems.

As well as ensuring compliance, the standard offers a vast range of benefits:

• Staying ahead of the curve by minimising risks and being prepared
• Better reputation within your industry through your demonstrable commitment to best practices
• Optimising your resources, leading to substantial savings and enhancing profitability
• Easier access to global markets – in this case, one example would be those within the EU
• The standard encourages continued improvement and growth by mandating your AI usage

It’s a newly released standard that offers an all-encompassing solution to your AI woes, maximising your return and ensuring your systems run as intended. If you’re interested in scaling and future-proofing your AI efforts, get in contact with us for a free quote.