How to Comply with the EU AI Act
If you build or use AI systems, you need to understand your obligations under the EU AI Act. These vary depending on the risk category of your AI solution.
The EU AI Act is already in force, but obligations apply in phases. Use this page as a practical guide, then run a scan for your exact AI system and role.
- 1 Aug 2024: AI Act entered into force.
- 2 Feb 2025: prohibited AI practices and AI literacy rules started applying.
- 2 Aug 2025: general-purpose AI model obligations started applying.
- 2 Aug 2026: the general application date for most remaining rules.
- 2 Aug 2027: some high-risk AI rules for regulated products apply later.
If you build or use AI systems, you need to understand your obligations under the EU AI Act. These vary depending on the risk category of your AI solution.
The EU AI Act uses a risk-based approach, meaning the stricter the requirements, the higher the potential risk to people's rights and safety. Understanding your AI system's risk category is the first step toward compliance.
Prohibited AI Systems
e.g., real-time biometric surveillance
These AI systems are completely banned and cannot be developed, deployed, or used in the EU.
High-Risk Systems
e.g., recruitment, credit scoring, healthcare AI
Subject to the strictest requirements including conformity assessment and registration.
Limited Risk
e.g., chatbots
Transparency obligations - users must be informed they're interacting with AI.
Minimal Risk
e.g., AI in video games
No specific obligations, but general principles still apply.
Documentation and Transparency
Comprehensive technical documentation and clear information to users about AI system capabilities and limitations.
Safety Testing and Monitoring
Ongoing monitoring, testing, and risk management throughout the AI system's lifecycle.
Registration of High-Risk Systems
High-risk AI systems must be registered in the EU database before being placed on the market.
Training and Accountability
Ensure teams are properly trained and establish clear accountability structures for AI system decisions.
Assess the risk category of your AI system
Determine whether your AI system falls into prohibited, high-risk, limited risk, or minimal risk categories based on its intended use and potential impact.
Implement internal procedures
Establish governance structures, risk management processes, and compliance procedures tailored to your AI system's risk level.
Regularly monitor legal updates
Stay informed about regulatory changes, guidance documents, and best practices to ensure ongoing compliance.
How do you comply with the EU AI Act?
Use structured procedures, checklists, and professional guidance. Start by assessing your AI system's risk category, then implement appropriate governance and technical measures based on the specific requirements for that category.
Which EU AI Act requirements apply in 2026?
Strictest for high-risk systems, which must undergo conformity assessment, be registered in the EU database, and meet comprehensive technical and organizational requirements. Lower-risk systems have lighter obligations focused on transparency and user information.
Get instant analysis of your AI system's compliance requirements.