EU AI Act: Your path to legally compliant AI innovation
What is the EU AI Act and why is it crucial for businesses?
The EU AI Act is the world's first comprehensive set of rules for regulating artificial intelligence and has been in force since August 2024. The law takes a risk-based approach: the higher the risks of an AI system, the stricter the regulation.
The regulation defines AI systems as "machine-based systems designed for operation with varying degrees of autonomy and which, after initial operation, can be capable of adaptation." This definition is deliberately broad and covers virtually all modern AI applications in companies.
Schedule for gradual introduction:
- August 2024: Entry into force
- February 2025: Regulations on AI competence and prohibited AI practices
- August 2025: Regulations, authorities, and sanctions framework
- August 2026: Complete AI Regulation (except high-risk AI)
- August 2027: Regulations for high-risk AI systems
Opportunities of the EU AI Act for your company: trust, legal certainty, and standards
Gain trust through early compliance
Companies that proactively implement EU AI Act-compliant systems position themselves as trustworthy partners and can tap into new business opportunities.
Legal certainty for AI innovations
Clear framework conditions enable targeted use of technology and create planning security for investments in AI technologies.
Global standard-setter status
Similar to the GDPR, the EU AI Act is becoming a global standard. Early implementation provides competitive advantages in international business.
What companies need to consider now
Companies face complex requirements that have far-reaching implications for their AI strategy.
Correct classification and role assignment
The EU AI Act makes a strict distinction between suppliers (who develop or market AI systems) and operators (who use AI systems). This role assignment is crucial because it determines which obligations you must fulfill.
Building AI competence as a mandatory requirement
From February 2025, all companies must establish "AI competence" – defined as "the skills, knowledge, and understanding required for the competent and legally compliant use of AI." This includes technical knowledge, experience, targeted training, and consideration of the specific context in which AI is used.
Comprehensive documentation and transparency requirements
High-risk AI systems are subject to extensive requirements: risk management systems, technical documentation, automatic recording obligations, human supervision, and CE marking. These requirements necessitate a fundamental overhaul of existing development and operating processes.
Accso and Notos Xperts as your partners for the EU AI Act
In-depth technical and legal expertise
Our interdisciplinary team combines software development, AI engineering, and compliance consulting. We understand both the technical implementation details and the legal intricacies of the regulation.
Practical implementation
Instead of theoretical advice, we provide concrete, implementable solutions: from software development to process optimization to training concepts.
Long-term partnership
The EU AI Act is an ongoing process. We support you not only with initial compliance, but also with future adjustments and updates to your AI systems.
Start your compliance journey with Accso & Notos Xperts now
The EU AI Act is more than just regulation—it's your chance to establish yourself as a trusted AI innovator. With Accso and Notos Xperts, you can turn compliance requirements into sustainable competitive advantages.
Let us work together to make your AI applications legally compliant.
Frequently asked questions
When do the various provisions of the EU AI Act take effect?Gradual implementation
Implementation will be gradual: AI expertise and prohibitions will apply from February 2025, and high-risk AI requirements from August 2027. Early preparation is crucial, as the certification procedures are complex and time-consuming.
What fines are imposed for non-compliance?Heavy penalties expected
Violations can be punished with fines of up to €35 million or 7% of global annual turnover. Violations of prohibitions and providing false information to authorities will be punished particularly harshly.
Does the EU AI Act also apply to smaller companies?Requirements for all organizations
Yes, the EU AI Act applies to all companies that offer or use AI systems in the EU, regardless of their size or location. The AI competence requirement also applies to all organizations.
How do provider and operator obligations differ?Development and marketing vs. utilization
Providers (those who develop/market AI) bear primary responsibility for compliance measures, CE marking, and technical documentation. Operators (those who use AI) must primarily ensure intended use and, in the case of high-risk systems, ensure human supervision.
What will happen to existing AI systems?Retrofitting according to risk classification
Existing systems must be upgraded according to their risk classification. We develop cost-efficient migration paths that protect your investments and minimize downtime.
Which AI practices are prohibited under the EU AI Act?Prohibited acts
Certain AI applications are prohibited per se and result in severe penalties. These include: subliminal influence, exploitation of vulnerabilities, social rating systems, untargeted collection of facial images, and real-time remote biometric identification in public spaces. We systematically check your systems for these prohibited activities.
Furthermore, the use of emotion recognition AI in the workplace is strictly prohibited (with exceptions for medical and security reasons). Biometric categorization to derive race, political views, or religious beliefs is completely prohibited.
How do I deal with AI in human resources and recruiting?Applications in high-risk areas
AI systems used in employee selection, evaluation, and management are considered high-risk applications. This applies to targeted job advertisements, application filtering, performance evaluation, and task assignment. Such systems require comprehensive compliance measures and continuous monitoring.
