EU AI Act 2026: What It Means for Companies Inside and Outside the EU
The EU AI Act has been in force since August 2026. This guide explains the four risk classes, which AI applications are high-risk, the obligations for providers and deployers, the penalties, and a 90-day compliance plan — including the extraterritorial reach that catches US and UK companies.
The four risk classes at a glance
If you read the EU AI Act only once, this table is the one to remember. The risk class determines almost every downstream obligation — documentation, conformity assessment, penalties, transparency. Misclassification is the single most common compliance gap in practice across both EU and non-EU companies.
| Risk class | Examples | Obligations | Penalties |
|---|---|---|---|
| Unacceptable (Art. 5) | Social scoring, manipulative subliminal AI, real-time biometric ID in public spaces | Prohibited since February 2, 2025 | Up to 35M EUR or 7 percent of global turnover |
| High (Art. 6 + Annex III) | HR applicant scoring, credit scoring, education assessment, critical infrastructure, law enforcement | Risk management, technical documentation, CE conformity, human oversight | Up to 15M EUR or 3 percent of global turnover |
| Limited (Art. 50) | Chatbots, emotion recognition, AI-generated content (text, image, video) | Transparency duty — inform users | Up to 7.5M EUR or 1 percent of global turnover |
| Minimal | Spam filters, AI in video games, recommendation algorithms without sensitive impact | No specific obligations — best practices recommended | — |
This table is a simplified entry point. The precise classification per use case is laid out in the H2 sections below.
Does the EU AI Act apply to my US or UK company?
Yes, in most cases. The Act applies extraterritorially under Art. 2 — to any provider, deployer or importer whose AI system is placed on the EU market, put into service in the EU, or whose output is used in the EU. This is the single most underestimated point for non-EU companies in 2026.
The practical effect for a US SaaS founder selling to European customers: if your product runs an LLM, classifies CVs, scores credit risk, generates marketing copy or recommends products for users in the EU, you are in scope. Whether your servers sit in Virginia or Frankfurt is irrelevant — the test is where the output is used. The same logic applies to UK consultancies embedding AI in EU client workflows, Canadian fintechs offering credit decisions to EU residents, or Indian outsourcing providers running automated screening for EU employers.
Three concrete consequences follow. First, you need an EU representative under Art. 22 if you are a non-EU provider of a high-risk system — a designated person or legal entity inside the EU that supervisors can address. Second, your documentation must be in an EU official language for products placed on a member state’s market. Third, supervisory authorities can issue takedown orders under Art. 79: a US-developed high-risk system without conformity can be banned from the EU market, regardless of where the provider is headquartered.
The good news: the largest US providers — OpenAI, Anthropic, Google, Microsoft, Meta — have already registered their foundation models and documented their compliance with GPAI obligations. As a deployer building on top of those APIs, your job is to ensure the application layer (your specific use case) meets the risk-class obligations. You do not have to re-document the foundation model itself.
What is the EU AI Act in one sentence?
The EU AI Act (Regulation (EU) 2024/1689) is the world’s first comprehensive AI regulation; it classifies AI systems by risk, prohibits certain applications outright, and obliges the rest to tiered documentation, transparency and oversight duties. It has been in force since August 1, 2024, with the core operational obligations binding since August 2, 2026.
The regulation was published in the Official Journal of the EU on July 12, 2024 and applies as directly binding EU law in all member states — unlike a directive, no national transposition is required. The addressees are providers (who develop and place AI systems on the market), deployers (who use them), importers and distributors. Geographically the Act extends beyond the EU: under Art. 2 it captures non-EU providers whose output is used in the EU — the extraterritorial reach already discussed above.
Three concepts carry the law. The risk-based model (four classes with escalating obligations), the horizontal scope (all sectors, all AI types) and the separation of general-purpose from application layer (GPAI under Art. 51–55, concrete applications under Art. 6 plus Annex III). If you are planning compliance, treat the two layers separately: foundation-model providers (OpenAI, Anthropic, Mistral) discharge GPAI obligations; deployers (your company) discharge deployer obligations for the specific application.
What are the four risk classes?
The Act distinguishes four risk classes, defined in Art. 5–7 and Annex III. The class attaches not to the tool itself but to the use context — the same LLM can be minimal, limited or high-risk depending on deployment.
1. Unacceptable risk (Art. 5 — prohibited). Eight practices are banned outright: manipulative subliminal techniques, exploitation of vulnerable groups, social scoring by public authorities, predictive policing based on profiling alone, biometric categorization by sensitive attributes (religion, ethnicity, sexual orientation), untargeted scraping of facial images from the internet or CCTV, emotion recognition in the workplace and education settings, and real-time biometric identification in public spaces (with narrow law enforcement exceptions). These prohibitions have applied since February 2, 2025.
2. High risk (Art. 6 + Annex III). Two paths lead into this class. Art. 6(1): AI systems built as a safety component into regulated products (medical devices, toys, elevators). Art. 6(2) plus Annex III: specific application areas — biometrics, critical infrastructure, education, employment (recruiting and performance management), essential services (credit, insurance, public benefits), law enforcement, migration, justice. These attract the strictest obligations: risk management, training data governance, logging, transparency, human oversight, conformity assessment, CE marking and entry into the EU database.
3. Limited risk (Art. 50 — transparency duty). AI systems that interact with humans (chatbots), recognize emotions, or generate synthetic content. Obligation: users must know it is AI. Deepfakes (people, places, events) additionally require visible labeling. GPAI providers must mark synthetic outputs machine-readable — typically via C2PA watermarking or provenance metadata.
4. Minimal risk. Everything not falling into the first three classes. Spam filters, AI in video games, inventory optimization, simple recommendation algorithms. No specific AI Act obligations — but GDPR, anti-discrimination law and sectoral rules still apply.
Which AI applications are high-risk?
Annex III lists eight high-risk categories. For most international companies, four are particularly relevant: employment (recruiting plus people management), essential services (credit and insurance), education, and critical infrastructure.
In the employment context (Annex III No. 4), every AI system that prepares or makes personnel decisions is high-risk: candidate sourcing, CV scoring, automated interview evaluation, promotion recommendations, performance reviews, termination recommendations. HR tools with embedded AI (e.g. Workday Talent, SAP SuccessFactors with AI modules) also fall in scope as soon as they perform scoring or selection. Practical consequence: applicants have a right under Art. 26(11) to be informed that a high-risk AI is being used. US companies running automated hiring for EU candidates are squarely in scope.
In essential services (Annex III No. 5), the classification mainly hits credit (scoring, loan decisions) and insurance (risk assessment, premium calculation), plus access to public benefits. This is also the area with the heaviest overlap with GDPR Art. 22 (automated individual decision-making) — both rule sets apply in parallel.
Education (Annex III No. 3): admission decisions, exam scoring, learning path control, behavior monitoring during exams. Adaptive learning platforms without grade-relevant impact usually fall outside; automatic grading tools for exams fall inside.
Critical infrastructure (Annex III No. 2): transport and traffic management systems, water, gas, electricity, heating networks, digital infrastructure, critical industrial facilities. Rarely directly relevant for a SaaS startup — more so for utilities, logistics, telco providers.
The remaining Annex III categories (biometric identification, law enforcement, migration and asylum, justice and democratic processes) are uncommon in mainstream business contexts but central in regulated sectors.
What obligations apply to providers and deployers?
Which obligations hit you depends on your role (deployer vs. provider) and the highest risk class among your applications. Three obligation bundles touch almost every company: AI literacy (Art. 4), transparency for limited-risk applications (Art. 50) and documentation.
For the typical limited-risk constellation (marketing chatbot, customer service assistant, content generator) the obligations are manageable. First: labeling — users must know they are talking to AI. A single sentence in the chat header is enough: “I am an AI assistant. For binding questions a team member will take over.” Second: AI literacy under Art. 4 — training for every employee operating the tool. Third: internal documentation of the deployment (purpose, data flow, accountable owner).
For high-risk applications the burden grows substantially. As a deployer (Art. 26) you must operate the system in line with the provider’s instructions, monitor inputs, retain logs for at least six months (Art. 19), inform affected individuals (Art. 26(11)), carry out a GDPR DPIA (Art. 26(9)) and report serious incidents (Art. 73). As a provider (you build the AI system yourself or have it built and put it on the market) you add risk management (Art. 9), training data governance (Art. 10), technical documentation (Art. 11), logging functions (Art. 12), transparency information (Art. 13), human oversight arrangements (Art. 14), conformity assessment (Art. 43) and CE marking.
The SME reliefs are real but limited: lower fine bands (Art. 99(6)), access to regulatory sandboxes (Art. 57 — free testing environments under supervision), a simplified form of technical documentation (Art. 11(1)) and priority consultation. There is no blanket exemption from documentation or oversight duties.
How high are the penalties — and when do they trigger?
The fine bands under Art. 99 are tiered in three steps — and materially higher than GDPR. Prohibited practices: up to 35M EUR or 7 percent of global annual turnover. High-risk violations: up to 15M EUR or 3 percent. False information to authorities: up to 7.5M EUR or 1 percent.
The higher of the two values applies in each band. SMEs pay the lower — a meaningful relief for small companies that would otherwise face existential exposure from the percentage figure. GPAI providers have their own band under Art. 101: up to 3 percent of global annual turnover or 15M EUR.
Three factors shape the concrete amount within the band: severity and duration of the breach, intent vs. negligence, and cooperation with the authority. Proactive disclosure and mitigation regularly lead to materially lower fines than active concealment. The first major fining decisions from large EU market surveillance authorities are expected to surface in 2026 and 2027; reliable statistics do not yet exist.
A point that gets overlooked: penalties are not the only lever. Under Art. 79, a supervisory authority can pull an AI system from the market, issue distribution bans, or require remediation. For a company with a single critical product, that operational and reputational consequence can outweigh the fine itself. Practical orientation, not legal advice — for fine-tier scenarios specific to your case, engage qualified counsel.
How does the EU AI Act differ from GDPR?
GDPR regulates the processing of personal data. The EU AI Act regulates the placing on the market and use of AI systems — irrespective of whether personal data is processed. Both apply in parallel and must be assessed separately.
Four differences matter in practice. First, the trigger: GDPR engages as soon as personal data is involved. The AI Act engages as soon as an AI system is deployed — even if it works exclusively with anonymous data. An AI system for image classification of industrial machinery falls under the AI Act (if high-risk) but not under GDPR.
Second, the penalty ceilings: GDPR up to 20M EUR or 4 percent annual turnover. AI Act up to 35M EUR or 7 percent for prohibited practices. A violation hitting both regimes simultaneously risks cumulative sanctions (Art. 99(9) explicitly preserves sanctions from other legal acts).
Third, the protected interest: GDPR protects informational self-determination. The AI Act protects fundamental rights, safety and health — a broader objective. An AI system that automates business decisions (credit scoring, say) implicates both protected interests at once.
Fourth, the supervisory architecture: GDPR is enforced by data protection authorities (the DPAs at member state level, the EDPB at EU level). The AI Act in Germany falls primarily under the Bundesnetzagentur as central market surveillance, with sectoral support from BfDI (privacy interface), BaFin (financial AI), BAuA (workplace safety). A GDPR-only compliance posture is not enough for the AI Act — both compliance paths must run in parallel.
What is the AI literacy mandate (Art. 4)?
Art. 4 obliges all providers and deployers of AI systems to ensure their staff and persons operating AI on their behalf have a sufficient level of AI literacy — regardless of risk class. This is by far the most common compliance gap in 2026.
The duty is intentionally outcome-based. “Sufficient level” is not defined by a certificate; it must be interpreted context-specifically. An employee using ChatGPT only for email drafts needs less depth than one operating an HR tool with an embedded AI scoring module. The relevant content fields are three: how the system works (capabilities and limits), risks (hallucinations, bias, privacy, prompt injection) and boundaries (where can you trust the output, where not).
Authorities expect three evidence elements in practice. First, a training record: who was trained when on what content? A 60 to 90 minute mandatory annual training with multiple-choice verification is realistic and sufficient for most SME constellations. Second, a tool list with owners: which AI systems are in use, who has access, who is accountable for correct deployment? Third, an escalation path: where does an employee turn when an output looks wrong or an incident is suspected?
Important: AI literacy is not a one-off measure. Models, providers and risks shift monthly. Quarterly refresh of training materials is the minimum standard; an annual refresher for all AI-touching staff is the floor. Treating Art. 4 as a small training requirement materially understates the audit risk — it is one of the items inspectors will ask about first.
General-Purpose AI (GPAI) — the second regulatory layer
GPAI refers to foundation models trained for broad, multi-purpose use rather than a specific task — GPT-5, Claude 4, Gemini 2.5, Llama, Mistral Large. The AI Act regulates them in Art. 51–55 as a distinct category, in parallel to the risk-class regulation of applications.
Three obligation tiers exist. Base GPAI (all foundation models) must provide technical documentation (Art. 53), publish a training data summary (Art. 53(1)(c)) and document copyright compliance (honoring TDM opt-outs). Open-source GPAI is partially exempt but must still deliver the training data summary and copyright documentation. GPAI with systemic risk (above 10^25 FLOPs training compute or designated by the AI Office under Art. 51) attracts extra duties: model evaluation, adversarial testing, risk mitigation, cybersecurity protections and incident reporting.
For most companies as deployers, the practical implication is straightforward: you are not a GPAI provider, you use GPAI. OpenAI, Anthropic, Google and Meta discharge the provider obligations themselves. Your job as deployer: ensure your concrete deployment classifies the application risk correctly and meets the Art. 26 duties. The practical test: ask your GPAI provider for their current conformity status — credible providers maintain a public compliance hub with a stand date.
90-day compliance roadmap for a 20-person company
Three phases, four to five weeks each, with clear outputs. This roadmap is calibrated for a 20-person company with a typical SaaS-tool landscape, no in-house high-risk system, and one or two deployer obligations as the main workload.
Phase 1 — inventory and classification (weeks 1–4). List every AI tool in the company, including embedded AI inside SaaS (e.g. CRM with AI modules, Workday Talent, HubSpot AI features). Ask vendors actively about AI features and foundation model provenance. Per tool: purpose, user group, data type, risk class. Output: an AI register in Excel or Notion. Effort: 2–3 person-days spread over 4 weeks.
Phase 2 — derive obligations and draft documentation (weeks 5–8). Per tool and risk class: which obligations under AI Act plus GDPR? For limited-risk chatbots: implement the transparency notice, review the DPA, label the UI. For embedded high-risk AI (HR software with scoring): request the vendor’s declaration of conformity, document your own deployer obligations, inform affected individuals. Output: per-tool compliance documentation plus a central master document as an AI Compliance Handbook. Effort: 5–8 person-days.
Phase 3 — AI literacy and governance (weeks 9–13). Develop the training concept — 60 to 90 minutes mandatory training across three modules: how generative AI works, everyday risks (hallucinations, privacy, prompt injection), the company’s escalation path. Train all AI-touching employees, document attendance in writing. Schedule a quarterly review on the calendar — new tools, classification updates, model swaps. Output: documented AI governance with a named accountable owner (often a dual role with the DPO or executive directly). Effort: 3–5 person-days plus ongoing.
Total effort: 10–16 person-days over 90 days. External consulting accelerates Phase 2 substantially — typical SME packages run 5,000 to 15,000 EUR. A 20-person company can execute the roadmap entirely in-house if someone with compliance affinity (often the DPO, sometimes the CFO) takes coordination.
EU vs US vs UK vs China — how AI regulation compares globally
The EU has one horizontal, risk-based regulation with hard fines. The US relies on sectoral oversight (FDA, EEOC, SEC, FTC) and voluntary commitments — Biden’s Executive Order 14110 was partially rolled back under the second Trump administration in 2025. The UK pursues a pro-innovation, sector-by-sector regulator approach. China has its own, considerably stricter rules with different priorities.
Four structural differences shape the picture.
Scope and level. The EU regulates AI as a standalone category. The US regulates AI applications within existing rule sets (medical AI via FDA, employment AI via EEOC and Title VII, financial AI via SEC and state AGs). The UK explicitly avoided a single AI law in its 2023 white paper and asks each sector regulator (CMA, Ofcom, FCA, ICO, MHRA) to apply principles within its own domain. China centralizes via the Cyberspace Administration of China (CAC) with the Algorithmic Recommendation Provisions, Deep Synthesis Provisions and Generative AI Measures — each demanding pre-deployment registration and content controls.
Binding force. EU rules are directly binding law with fine leverage. US voluntary commitments (the 2023 Voluntary AI Commitments by major labs) are not justiciable — they create reputational, not compliance, pressure. The UK approach is non-statutory guidance from regulators; primary legislation is signaled but not enacted as of 2026. China’s rules are binding with significant administrative sanctions, but enforcement priorities follow national security and content policy first.
Extraterritorial reach. EU law applies extraterritorially under Art. 2 AI Act — non-EU companies serving EU users are in scope. US law is predominantly territorial, with the exception of compute export controls. UK guidance applies to UK-facing services. China’s rules apply to services made available in mainland China — overseas providers either localize or geofence.
Strategic posture for non-EU companies. Practically: treat the EU AI Act as the global minimum standard. Compliance with the EU Act covers most US sectoral expectations (with the partial exception of FDA medical-device requirements, which are stricter in their own domain) and aligns with UK regulator principles. The reverse does not hold: US or UK compliance is not enough for the EU. Companies with operations across all four jurisdictions face three to five parallel compliance regimes — there is no global harmonized framework in 2026, and the Council of Europe Framework Convention from 2024 is a useful but limited step.
Practical orientation, not legal advice. Cross-jurisdictional AI compliance involves overlapping privacy, anti-discrimination, sector-specific and AI-specific rules. For deployments touching multiple jurisdictions, engage qualified counsel in each.
Related topics
To see the AI Act in the wider risk context, the AI Risks pillar gives the complete overview of the ten most relevant AI risk fields — the AI Act sits as one of them. Bias and Fairness goes deeper into the methodology behind one of the main triggers for high-risk classification: discriminatory selection algorithms in HR, credit and education. AI in Everyday Life shows the concrete deployment examples against which the risk classification gets tested in SME practice — from the marketing chatbot to applicant pre-screening.
In the Public Sector and Legal industry hub you find the vertical context for AI Act compliance in regulated and public-sector deployments. For sectors where high-risk classification hits hardest, HR and Recruiting and Finance lay out the industry-specific obligations and oversight regimes.
For deployments that combine the AI Act with cross-jurisdictional privacy compliance, a DPIA on the most sensitive AI use cases is the typical starting point — GDPR and the AI Act overlap in many documentation requirements and can be addressed in a single project setup. The same applies to US sectoral overlap (HIPAA for medical AI, GLBA for financial, FCRA for credit decisions): one inventory, one risk register, multiple compliance layers.
Further reading
Frequently asked questions
When did the EU AI Act take effect?
The EU AI Act (Regulation 2024/1689) entered into force on August 1, 2024. The Art. 5 prohibitions (social scoring, manipulative subliminal AI) have applied since February 2, 2025; the general-purpose AI obligations since August 2, 2025. The bulk of the obligations — in particular high-risk requirements under Annex III — became binding on August 2, 2026. Embedded high-risk AI in regulated products under Art. 6(1) has an extended deadline until August 2, 2027.
Does the EU AI Act apply to US companies?
Yes, in most cases. Under Art. 2, the AI Act has extraterritorial reach: it applies to providers, deployers and importers whose AI system is placed on the EU market, put into service in the EU, or whose output is used in the EU. A US SaaS company selling to European customers, a UK consultancy embedding an LLM in EU client workflows, or a non-EU provider whose API is called from the EU — all fall under the Act. There is no de minimis carve-out for small US or UK companies.
Does the AI Act apply to my 5-person startup?
Yes. The Act does not distinguish by company size but by risk class and role (provider, deployer, importer). SMEs get reliefs — lower fine bands, access to regulatory sandboxes under Art. 57, simplified technical documentation — but no blanket exemption. Even a 5-person HR tool that performs applicant scoring is high-risk and needs a conformity assessment under Art. 43. The EU SME definition: under 250 employees and up to 50M EUR annual turnover.
Is using ChatGPT at work covered by the EU AI Act?
Usually yes, but most of the time as limited risk (transparency only) or minimal risk. Pure writing, research and translation assistance typically falls under minimal risk and needs no specific documentation. The moment ChatGPT is embedded into a high-risk workflow — for example automated applicant pre-screening, credit decisions or employee performance evaluation — the high-risk obligations kick in, regardless of the fact that OpenAI is only the GPAI provider. Art. 4 AI literacy applies in all cases: every user needs demonstrable basic competence.
What happens if I violate the AI Act?
Three tiered fine bands under Art. 99: prohibited practices (Art. 5) up to 35M EUR or 7 percent of global annual turnover, whichever is higher. High-risk obligation violations or GPAI rules up to 15M EUR or 3 percent. Incorrect information to supervisory authorities up to 7.5M EUR or 1 percent. SMEs pay the lower of the two values. Beyond fines, authorities can pull a system off the market under Art. 79 — often the harder commercial blow.
Is AI-driven hiring even allowed under the EU AI Act?
Yes, but classified as high-risk under Annex III No. 4. That means: risk management system (Art. 9), training data governance (Art. 10), technical documentation (Art. 11), logging (Art. 12), transparency for applicants (Art. 13), human oversight (Art. 14) and conformity assessment with CE marking (Art. 43). National anti-discrimination law (AGG in Germany, Title VII / EEOC in the US, the Equality Act 2010 in the UK) applies in parallel — discriminatory selection algorithms remain civilly actionable regardless of AI Act compliance.
What does General-Purpose AI mean in the law?
General-Purpose AI (GPAI) refers to foundation models trained for broad, multi-purpose use — GPT-5, Claude 4, Gemini 2.5, Llama, Mistral Large. The Act regulates them in Art. 51–55 as a separate category with tiered obligations. Base GPAI providers need technical documentation, a training data summary and copyright compliance. GPAI with systemic risk (above 10^25 FLOPs training compute, Art. 51) gets additional duties: model evaluation, adversarial testing, risk mitigation, cybersecurity. Open-source GPAI is partially exempt, except when classified as systemic risk.
Who enforces the AI Act in the EU?
Each member state designates one or more market surveillance authorities under Art. 70. In Germany (as of May 2026), the Bundesnetzagentur (BNetzA) is the central national authority, with sectoral support from BfDI (privacy interface), BaFin (financial AI) and BAuA (workplace). At the EU level, the AI Office in Brussels coordinates GPAI supervision. Citizens can lodge complaints under Art. 85 — a supervisory authority must examine and respond. Cross-border cases involve the AI Board for coordination.
Do I need to label AI-generated content?
Yes, in two cases. Under Art. 50(2), GPAI providers must mark synthetic outputs (text, image, audio, video) as machine-readable AI-generated — usually via C2PA watermarking or provenance metadata. Under Art. 50(4), deepfakes (people, places, events) must be visibly labeled as artificially generated, with narrow exceptions for satire and law enforcement. Chatbots fall under Art. 50(1): users must know they are interacting with an AI, not a human.
How does the EU AI Act compare to US AI regulation?
The EU has one horizontal, risk-based law with hard fines. The US relies on sectoral regulation (FDA for medical AI, EEOC for employment, SEC for financial disclosure) and voluntary commitments. Biden's Executive Order 14110 from October 2023 was partially rolled back in 2025 under the second Trump administration. The UK takes a pro-innovation, sector-by-sector regulator approach without a single AI law. China has stricter, provider-centric rules with different priorities (national security, content control). Global companies face three to five parallel compliance regimes.