EU AI Act
The EU AI Act (Regulation (EU) 2024/1689) is the European Union's comprehensive law governing artificial intelligence. It classifies AI systems by risk - unacceptable, high, limited, and minimal - and imposes obligations on providers and deployers accordingly, with staggered enforcement running from 2025 through 2027.
Who it applies to
The Act applies to providers that place AI systems on the EU market and to deployers that use AI systems within the EU - including organisations established outside the EU whose AI output is used in the Union. Most SMBs are deployers of AI tools, and some are providers of AI features in their own products.
Key enforcement dates
- 2 February 2025 - prohibited practices (Article 5) and AI-literacy obligations (Article 4) apply.
- 2 August 2025 - governance rules and obligations for general-purpose AI (GPAI) models apply.
- 2 August 2026 - the bulk of the Act, including most high-risk system obligations, applies.
- 2 August 2027 - obligations for high-risk AI embedded in regulated products apply.
How ComplyAgent helps
ComplyAgent inventories the AI your team uses, classifies each system under the Act with citations to Annex III and Article 5, and generates the required documentation (Annex IV, Articles 9, 14, 47) - then maps the same classification onto NIST AI RMF and ISO/IEC 42001.
Last reviewed June 2026 by the ComplyAgent team.
See also our EU AI Act compliance guide, ISO/IEC 42001 and NIST AI RMF, or browse the full glossary.