EU AI Act Guide

EU AI Act Compliance

The EU AI Act (Regulation 2024/1689) is the world's first comprehensive legal framework for artificial intelligence, establishing risk-based obligations for AI systems developed or deployed in the European Union. It applies to providers, deployers, importers, and distributors of AI systems used in the EU market — regardless of where those organisations are based.

What is the EU AI Act?

The EU AI Act (Regulation (EU) 2024/1689) is a landmark regulation that entered into force on 1 August 2024. It creates a unified legal framework across all 27 EU member states governing the development, deployment, and use of artificial intelligence systems. The Act categorises AI systems into four risk tiers — unacceptable, high, limited, and minimal risk — and imposes obligations proportionate to the level of risk each system poses to health, safety, or fundamental rights.

The regulation applies to any organisation that places an AI system on the EU market or puts it into service in the EU, irrespective of where the organisation is established. This means UK companies, US tech firms, and global enterprises deploying AI to EU users are all subject to its requirements.

Non-compliance carries significant financial penalties: up to €35 million or 7% of global annual turnover for the most serious violations (prohibited AI), up to €15 million or 3% for high-risk violations, and up to €7.5 million or 1.5% for providing incorrect information to authorities.

EU AI Act Risk Tiers

The EU AI Act classifies AI systems into four risk categories. Your compliance obligations depend entirely on which tier your AI system falls into.

Unacceptable Risk

AI systems that pose an unacceptable threat to people's safety, livelihoods, and rights are prohibited outright under the EU AI Act.

Examples

Social scoring by governments
Real-time biometric surveillance in public spaces
Subliminal manipulation that causes harm
Exploitation of vulnerabilities of specific groups

Your Obligation

Prohibited — these systems cannot be placed on the EU market.

High Risk

High-risk AI systems are permitted but subject to strict obligations including conformity assessments, transparency requirements, and ongoing monitoring.

Examples

AI in critical infrastructure (energy, water, transport)
AI used in education and vocational training
AI in employment and HR decisions
AI in essential private and public services (credit scoring)
AI used by law enforcement
AI in administration of justice

Your Obligation

Strict compliance required — conformity assessment, technical documentation, human oversight, and registration in the EU database.

Limited Risk

Limited-risk AI systems are subject to transparency obligations. Users must be informed they are interacting with an AI.

Examples

Chatbots and virtual assistants
AI-generated content (deepfakes)
Emotion recognition systems
Biometric categorisation systems

Your Obligation

Transparency required — users must be notified they are interacting with AI.

Minimal Risk

Minimal-risk AI systems — the vast majority of AI applications — are freely permitted with no specific obligations under the EU AI Act.

Examples

AI-enabled video games
Spam filters
AI-powered search suggestions
Basic recommendation engines

Your Obligation

No mandatory obligations — voluntary codes of conduct encouraged.

Compliance Timeline

Key dates for EU AI Act compliance. The most critical deadline for most businesses is August 2026.

February 2025

Act enters into force (20 days after publication)

August 2025

Prohibited practices (Article 5) apply — ban on unacceptable risk AI

August 2025

GPAI model obligations apply (general-purpose AI)

August 2026

High-risk AI obligations fully apply — the main compliance deadline

Primary compliance deadline — act now

August 2027

High-risk AI systems already on market before August 2026 must comply

How GeraCompliance Automates EU AI Act Compliance

Manual compliance takes months and costs tens of thousands in legal fees. GeraCompliance automates every step.

Automated Risk Classification

Input your AI system details and GeraCompliance automatically classifies it into the correct EU AI Act risk tier using our proprietary classification engine.

Technical Documentation Generator

High-risk AI systems require detailed technical documentation. GeraCompliance generates it automatically from your system specifications.

Conformity Assessment Workflow

Step-by-step guided conformity assessment for high-risk systems. Know exactly what you need to do and when.

Regulatory Update Alerts

The EU AI Act is still being implemented with delegated acts. GeraCompliance alerts you to every change that affects your systems.

EU AI Act Registry Filing

High-risk AI systems must be registered in the EU database. GeraCompliance prepares and submits your registry filing automatically.

Ongoing Compliance Monitoring

Compliance is not a one-time event. Continuous monitoring ensures your systems remain compliant as regulations evolve.

Assess Your AI System Today

The August 2026 deadline is approaching. Get your risk classification and compliance roadmap in minutes, not months.

Assess Your AI System View Pricing