Our Take
This is the real deal — not a proposal anymore. Companies deploying AI in Europe have months, not years, to comply. The €35M fine ceiling makes this the most consequential AI regulation globally. Start your compliance audit now.
Enforcement Timeline
As of April 2026, the EU AI Act's core provisions are now enforceable. Companies operating in the EU must comply with new requirements for AI system classification, transparency, and risk management.
Key Requirements
The Act categorizes AI systems into four risk levels:
- Unacceptable Risk: Banned outright (social scoring, real-time biometric surveillance)
- High Risk: Strict requirements for documentation, testing, and human oversight
- Limited Risk: Transparency obligations (chatbots must disclose they're AI)
- Minimal Risk: No additional requirements
Penalties
Non-compliance can result in fines up to €35 million or 7% of global annual turnover, whichever is higher. The European AI Office has already issued guidance documents and is conducting preliminary audits.
Company Response
Major tech companies including Google, Microsoft, and Meta have established dedicated EU AI compliance teams. Smaller companies are struggling with the complexity of the requirements, leading to a boom in AI compliance consulting services.