EU AI Act Compliance Checklist

The EU AI Act in Brief

The EU AI Act (Regulation (EU) 2024/1689) is the world's first comprehensive AI law. Penalties up to EUR 35 million or 7% of global annual turnover.

Timeline: What When

Date	What Applies
Feb 2025	Prohibitions (Art. 5), AI Literacy (Art. 4)
Aug 2025	GPAI Models (Transparency, Copyright)
Aug 2026	High-Risk Systems (Main Deadline)
Aug 2027	High-risk in regulated products

7 Steps to Compliance

1. Create AI System Inventory

Identify all AI systems in the company
Document: name, provider, version, purpose
Assign responsible persons (AI Owner)
Categorize input/output data

2. Conduct Risk Classification

Risk Level	Examples	Obligations
Prohibited	Social Scoring, Emotion Recognition	FORBIDDEN
High-Risk	HR Systems, Credit Decisions	Full Compliance
Limited Risk	Chatbots, Deepfakes	Transparency
Minimal	Spam Filters, Recommendations	No extra obligations

3. Check Prohibitions (Article 5)

These practices have been forbidden since 2 February 2025:

Manipulative AI that leads people to harmful decisions
Social Scoring - classification by social behavior
Automated risk assessment by authorities
Untargeted collection of facial images from the internet
Emotion recognition in the workplace
Biometric categorization (exceptions: security)

4. Fulfill Transparency Requirements

For chatbots and AI-generated content:

Disclosure: Let users know they are talking to AI
Labeling: Mark AI-generated images/audio/text as such
Copyright compliance: Documentation of training data
Update terms of service

5. Ensure AI Literacy (Art. 4)

Train employees on AI systems
Document training records
Establish basic understanding in the company