EU AI Act
The European Union's regulatory framework for AI systems — categorizes AI by risk level (prohibited, high-risk, limited risk, minimal risk) and imposes obligations based on category. Phased into force 2024–2027.
The EU AI Act is the world's first comprehensive AI regulation. Key categories: Prohibited (social scoring, real-time biometric ID in public spaces, manipulative AI), High-risk (hiring, education, lending, healthcare, law enforcement), Limited-risk (chatbots, deepfakes — requires transparency), and Minimal-risk (most other applications).
High-risk AI systems face significant obligations: conformity assessments, documentation, human oversight, accuracy and robustness testing, data governance, audit logging. Non-compliance fines reach €35M or 7% of global revenue.
For agent builders, the EU AI Act matters if you (a) deploy in the EU, (b) sell to EU enterprises, or (c) operate in high-risk verticals globally (since EU customers will demand compliance). Phased enforcement gives most companies until 2026–2027 to comply.
Frequently asked
Does the EU AI Act apply to my company outside the EU?+
If your AI is used in the EU (including by EU customers), yes — even if you have no physical EU presence. Similar to GDPR's extraterritorial reach.
When does the EU AI Act fully apply?+
Phased: prohibited AI banned February 2025; obligations for general-purpose AI models from August 2025; full high-risk obligations from August 2026; remaining provisions by 2027.