Atlan AI
Back to Insights

✻ Regulation · Jul 19, 2023

How to Prepare for the EU's AI Act: 3 Actionable Steps for Strategic Organisations

By Rocío Bachmaier, CEO & Founder · 5 min read

The European Union's AI Act represents a transformative regulatory framework designed to promote responsible artificial intelligence practices. The legislation carries significance beyond EU borders, aiming to establish international standards for AI governance.

Non-compliance carries substantial penalties: fines of up to 30 million euros or 6% of annual revenue, whichever is higher. Proactive preparation enables organisations to safeguard operations, avoid penalties, and build stakeholder trust through responsible AI implementation.

Unpacking the Compliance Categories

The AI Act classifies systems into four risk tiers:

1. Unacceptable Risk

Strictly prohibited systems, including those involving social scoring or biometric identification that jeopardise fundamental rights.

2. High Risk

Requires multiple safeguards including human oversight, transparency about data and algorithms, comprehensive risk management, data quality assurance, and continuous monitoring with incident reporting.

3. Limited and Minimal Risk

Fewer requirements, but organisations must maintain transparency obligations, informing users they interact with AI systems and disclosing specific capabilities like emotion recognition.

Three Actionable Steps

Step 1: Build an AI Systems Inventory

  • Catalogue all AI systems in use or planned
  • Conduct regular risk assessments
  • Classify systems using the EU framework

Step 2: Implement Risk Mitigation Measures

For high-risk systems: establish human oversight, implement transparency measures, develop risk management protocols, and apply cybersecurity protections.

For limited/minimal-risk systems: disclose AI interaction, explain functionalities and limitations, and specify employed techniques.

Step 3: Develop an AI Governance Framework

  • Create dedicated oversight teams with legal, data, and technology expertise
  • Implement monitoring mechanisms
  • Conduct regular audits and performance assessments

Conclusion

Compliance with the AI Act is an opportunity rather than merely a burden. Proactive compliance positions organisations as industry leaders in responsible AI development and practice.