The EU AI Act is the world’s first comprehensive AI regulation. It classifies AI systems by risk tier and imposes requirements proportional to risk level. High-risk systems (including hiring AI, credit scoring, law enforcement, and critical infrastructure) require conformity assessments, documentation, human oversight, and ongoing monitoring. Non-compliance carries fines up to €35M or 7% of global turnover.
Risk Tiers
01Unacceptable risk — banned outright (social scoring, real-time biometric surveillance in public spaces)
02High risk — conformity assessment, documentation, human oversight, ongoing monitoring required
03Limited risk — transparency obligations (users must be informed they are interacting with AI)
04Minimal risk — no specific requirements, voluntary codes of conduct encouraged
High-Risk Requirements
- • Risk management system throughout the AI lifecycle
- • Data governance and management documentation
- • Technical documentation before market placement
- • Record-keeping and automatic logging
- • Transparency and provision of information to users
- • Human oversight measures
- • Accuracy, robustness, and cybersecurity requirements