What is the EU AI Act?
The EU AI Act (Regulation (EU) 2024/1689) is the European Union's law on artificial intelligence — the first comprehensive AI regulation in the world. It classifies AI uses, not technologies, into four risk tiers: prohibited practices are banned outright, high-risk uses carry heavy documentation and oversight duties, transparency-tier uses require disclosure, and minimal-risk uses stay free. It applies directly in every member state, without national transposition.
Its obligations phase in over years: the prohibitions and a staff AI-literacy duty have applied since February 2025, transparency rules for chatbots and synthetic content start in August 2026, and high-risk obligations follow from December 2027 after the 2026 "Digital Omnibus" delay. Fines reach €35M or 7% of worldwide turnover, with lighter caps for SMEs.
Who has to comply with the EU AI Act?
Practically every business that touches AI in the EU — but obligations follow the use, not the company size. Most SMEs count as deployers (they use AI systems others built) and carry the lighter duties: disclosure toward users, trained staff, and human oversight where a use is high-risk. Providers — those building or selling AI under their own name — carry the heavier conformity work. Enforcement is national; in Greece the data-protection authority (ΑΠΔΠΧ) takes the central role. Our EU AI Act compliance guide for SMEs walks through the full timeline, and the AI governance service covers the operational side: inventory, classification, policy, and audit trails.