The EU’s forthcoming AI Act imposes requirements on companies designing and/or using AI in the European Union, and backs it up with stiff penalties. Companies need to analyze where they might fail to be compliant and then operationalize or implement the requisite steps to close the gaps in a way that reflects internal alignment. For most companies, that won’t be easy. The article lays out what boards, C-suites, and managers need to do to make this process work and ensure their companies will be compliant when regulation comes into force.
Earlier this month, member states of the European Union unanimously voted in favor of the AI Act, paving the way for its official passage in March or April of this year. Put simply, the Act is akin to Europe’s General Data Protection Regulation (GDPR), passed in 2016, but for artificial intelligence. The regulation imposes requirements on companies designing and/or using AI in the European Union, and backs it up with stiff penalties. Most violations of the act will cost companies €15 million or 3% of annual global turnover, but can go as high as €35 million or 7% of annual global turnover for violations related to AI systems that the act prohibits (e.g., using AI-enabled manipulative techniques, or using biometric data to infer private information).