EU AI Act

The AI regulation is coming. We get your organisation ready for it.

The EU AI Act sets requirements for every business that uses AI, from the literacy obligation to risk classification. No panic and no paperwork factory: we translate the regulation into concrete agreements, policy and training that fit your organisation.

What is the EU AI Act?

The EU AI Act is the European law that regulates the development and use of artificial intelligence. It classifies AI systems by risk and obliges organisations to ensure AI literacy, transparency and human oversight, among other things. The obligations take effect in phases between 2025 and 2027.

  • In force since 1 August 2024
  • AI literacy obligation since 2 February 2025
  • High-risk obligations largely from 2 August 2026
  • Applies to every organisation using AI in the EU

What does the AI Act mean for you?

The AI regulation is the world's first broad AI law and does not only apply to tech companies. Do you use ChatGPT, Copilot or Gemini in your organisation? Then you are a 'deployer' within the meaning of the law and you have obligations — starting with the AI literacy obligation that has applied since February 2025.

Many organisations respond in one of two ways: ban everything or do nothing. Both are risky. Banning drives employees towards shadow AI (private accounts outside any oversight), and doing nothing means missing obligations that already apply today.

Gaide takes the third route: making AI possible, responsibly. We inventory what is running, classify the risks, set up practical policy and train your people. That way you comply with the law and get more out of AI — because clear guardrails give employees the confidence to actually use it.

We are not a legal consultancy that writes a memo and leaves. As forward deployed engineers we know the systems from the inside and stay involved until policy, tooling and training genuinely work.

The timeline of the AI regulation

1 August 2024

Entry into force

The AI regulation is officially in force. Obligations are phased in step by step.

2 February 2025

Prohibited practices + AI literacy

Unacceptable AI applications (such as social scoring) are banned. Every organisation using AI must ensure sufficient AI literacy among employees (Article 4).

2 August 2025

Rules for general-purpose AI models

Obligations for providers of general-purpose AI models (such as the makers of GPT, Gemini and Claude) take effect.

2 August 2026

High-risk obligations

The majority of obligations for high-risk AI systems apply, including requirements for risk management, data quality, documentation and human oversight.

What you get from us

AI Act quick scan

A complete inventory of the AI applications in your organisation, including shadow AI, with the risk category under the regulation for each application.

Risk classification with reasoning

A documented file per AI application: category, reasoning and the corresponding obligations. Directly usable towards regulators, clients and tenders.

Practical AI usage policy

Not a legal reference work but workable agreements: which tools, which data, which controls. Aligned with how your people really work.

AI literacy programme

Training per target group, from board to shop floor, demonstrating compliance with Article 4 of the AI Act. Including proof of participation.

How do we approach it?

From inventory to demonstrable compliance, without the paperwork factory.

  1. AI inventory

    1 week

    We map out which AI applications are running in your organisation, including the tools employees use on their own initiative (shadow AI).

  2. Risk classification

    1-2 weeks

    For each application we determine the risk category under the AI Act: unacceptable, high, limited or minimal risk. So you know exactly which obligations apply to you.

  3. Policy & measures

    1-2 weeks

    We draw up a practical AI usage policy and set up the governance: who may use which tools, with which data, and how you safeguard human oversight.

  4. AI literacy programme

    1-2 sessions per group

    We train your employees so you demonstrably comply with the literacy obligation of Article 4. Practical and tailored to the tools your teams actually use.

  5. Assurance & follow-up

    ongoing

    AI Act compliance is not a one-off exercise. We set up a lightweight process to assess new AI applications before they go into use.

What do we help you with, concretely?

For the board

Know where you stand

A compact AI Act scan gives your management team a clear picture within two weeks: which AI do we use, which risk category does it fall into, and what must we have in place before the next deadline?

For legal & compliance

Risk classification and documentation

We classify every AI application under the regulation and record the reasoning. That gives you a file you can use towards regulators and clients to demonstrate you are in control.

For HR & team leads

Organising AI literacy

The literacy obligation has applied since February 2025 to everyone working with AI. We deliver training per target group, from boardroom to shop floor, with proof of participation.

The AI Act also affects your choice of tools: where does your data live, and what does the vendor do with it? Compare the options in our overview of AI tools for business, or read how we structurally set up AI governance and AI training.

Want to know how AI-mature your organisation is first?

The AI Readiness Scan shows where you stand, from data quality to policy and buy-in. A good starting point before you tackle the AI Act.

Take the AI Readiness Scan

Frequently asked questions about the EU AI Act

Does the EU AI Act also apply to my SME?

Yes. The AI Act applies to every organisation that uses or provides AI systems in the EU, regardless of size. The heaviest obligations apply to high-risk systems, but the AI literacy obligation (Article 4) has applied since 2 February 2025 to every organisation working with AI — including if you only use ChatGPT or Copilot.

What happens if I don't comply with the AI Act?

Regulators can impose fines of up to 7% of global annual turnover for prohibited AI practices and up to 3% for other infringements. More important for most organisations: clients and buyers increasingly ask for demonstrable AI Act compliance in tenders.

What should I already have in place?

Since 2 February 2025: no prohibited AI practices, and AI literacy for employees who work with AI. On top of that, now is the time to inventory and classify your AI applications, so you are ready for the high-risk obligations that apply from 2 August 2026.

What is a high-risk AI system?

AI systems with a significant impact on people, such as AI for recruitment and selection, credit scoring, educational assessment or critical infrastructure. Strict requirements apply to these systems for risk management, data quality, transparency and human oversight. Most office applications (summarising text, drafting emails) fall into the minimal or limited risk category.

Isn't an AI Act project mainly a job for lawyers?

No. The regulation touches technology, policy and people. Gaide combines practical legal knowledge of the AI Act with technical knowledge of the systems themselves. We don't write a thick report — we set up working agreements, tooling and training.

Want to know where your organisation stands with the AI Act?

Book a no-obligation call. In 30 minutes we'll tell you which obligations already apply to you and what a logical first step looks like.