AI is no longer hype. It is now hugely interwoven into our day-to-day business. Companies are using AI for recruitment, customer service, risk assessment and internal decision-making. But with this wide use comes a hefty responsibility. The European AI Act goes into full effect from 1 August 2026, but the implementation period has started since 2 August 2024. And that Act fundamentally changes the AI playing field.
What does that mean for your business? Which systems fall under supervision? And more importantly, how do you ensure that you remain strategically and legally future-proof?
What is the AI Act?
The AI Act is the first comprehensive European legislative framework for artificial intelligence. The Act regulates the entire AI ecosystem: from development to application, with one clear goal in mind: the rollout of human-centred, reliable and secure AI - without hampering innovation.
Who does this apply to?
- Providers of AI systems (developers, suppliers)
- Users of AI (companies deploying AI in their processes)
Do you use AI for job screening, staff monitoring or automated customer interaction? Then you fall under the scope of this law, with corresponding obligations.
What is already in force since 2 February 2025?
1. Prohibition of unacceptable AI practices
From 2 February 2025, the AI Act bans a number of AI systems that violate fundamental European values. These include:
- Manipulative AI: systems that use subliminal or deceptive techniques to influence behaviour.
- Abuse of vulnerabilities: AI that responds to age, disability or socio-emotional state to guide behaviour.
- Social scoring: AI that judges people based on social or personal behaviour.
- Massive scraping of face images from the internet or CCTV without permission.
Use or development of such systems is prohibited. An offence? You pay for that with up to €35 million in fines, with proportionality for SMEs and start-ups.
2. Mandatory AI literacy
Organisations should be able to demonstrate that employees working with AI, be sufficiently AI literate. Meaning:
- Understanding how AI works;
- possess the ability to use AI systems critically and responsibly;
- Understanding the ethical and legal risks posed by AI.
AI literacy is customised: the level depends on the role of the employee, the AI used and the context in which that AI works.
How do you comply with this?
The law leaves room for interpretation. This is challenging, but at the same time an opportunity to proactively shape what 'sufficient' means within your context. Some strategic steps:
- Training & education: invest in practical and role-based AI training.
- Responsible AI use policy: lay down in AI policies what the ground rules are within your organisation.
- Continuous process: AI evolves quickly, so does your approach. This requires monitoring, updates and feedback loops.
The AI Office (a central body within the European Commission) will provide further guidance on exactly what AI literacy entails. Until then, better to start too early than too late.
AI policy: indispensable for structural compliance
A clear AI policy is not an obligation, but it is crucial for governance and risk mitigation.
How to draft such a policy?
- Define which AI systems may be used and by whom.
- Lay down guidelines around application, monitoring and evaluation.
- Describe how AI literacy is maintained.
- Demonstrate how transparency and human control are ensured.
Such a policy is the foundation for responsible AI deployment within your organisation.
How do you specifically prepare your business?
Want to stay compliant and avoid fines? Then now is the time to thoroughly analyse your AI use. The AI Act is not a paper tiger: it imposes concrete obligations, with deadlines approaching. Here are the strategic steps you can take today:
Step 1 - Create an AI inventory
Map where AI is deployed and in which risk category those applications fall.
Step 2 - Check for prohibited practices
Are you using AI that falls under the ban? Disable those systems.
Step 3 - Measure and increase AI literacy
Who is working with AI in your company? What do they know? Determine the current level and set up appropriate training actions.
Step 4 - Develop an AI policy
Establish clear internal ground rules around AI use, control, accountability and ethics.
Step 5 - Work with experts
The AI Act is legally and technically complex. Get guidance from both legal and AI specialists.
Step 6 - Keep track of regulations
The law is being phased in. New obligations and interpretations follow one another. Make sure you know when what takes effect.
No choice but strategic leverage
The AI Act is much more than a regulatory framework. It marks the beginning of a new era in which companies distinguish themselves not only on innovation but also on responsibility.
Those who deploy AI correctly reap the benefits: stronger processes, greater customer and employee trust, as well as legal peace of mind. Those who switch on too late risk substantial penalties and reputational damage.
As an employer, do you want to be prepared for the AI Act? Our experts are ready to connect you with the right knowledge, training or partners. Contact us for more info.
