← Back to glossary

AI Act (EU AI Act)

Definition

Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence, in force since 1 August 2024, with staggered application through 2027. Classifies AI systems by risk (prohibited, high-risk, limited, minimal) and contains separate obligations for general-purpose AI models.

Noise — Signal

The AI Act is often reduced in the market to "we have to keep an AI inventory". In reality it bites at three very different levels: prohibitions of certain practices (since February 2025), obligations for high-risk systems (conformity assessment, logging, human oversight, transparency duties) and separate requirements for GPAI model providers and users. Which level affects a company doesn't depend on the AI tool it uses, but on the application context.

The right question

Not: "Are we AI Act compliant?" But: "In which role — provider, deployer, importer, distributor — do we appear for which system, into which risk class does the use case fall, and which obligations take effect from which date?"

Related terms

Foundation Model

A large, generally pre-trained AI model that serves as the basis for a variety of downstream applications.

Model Card

A structured document describing the training data, intended use, limitations, bias patterns and licence of an AI model.

DORA (Digital Operational Resilience Act)

EU Regulation 2022/2554 on the digital operational resilience of financial entities, applicable since 17 January 2025.

Model Governance

Processes, roles and documentation that steer the lifecycle of an AI model in a company.

← Back to glossary