AI Governance & EU AI Act

AI Generated Image

Driving compliance with the EU AI Act while turning regulatory challenges into opportunities for innovation and growth

AI Generated Video
OVERVIEW OF THE EU AI ACT
The EU AI Act is the first comprehensive regulation and legal framework regulating the development and use of AI within the EU to protect end users.​
The rapid advancement of AI technologies has raised significant concerns about risks such as biases, ethical dilemmas, and threats to safety and privacy.
Recognizing the need for robust regulation, the EU AI Act establishes a comprehensive legal framework that categorizes AI systems by risk levels — from unacceptable to low — and sets clear requirements for high-risk applications, ensuring safety, transparency and alignment with fundamental human rights, while promoting innovation.

AI COMPLIANCE IS NO LONGER OPTIONAL: BY EARLY 2025, THE EU AI ACT REQUIRES ORGANIZATIONS USING OR DEVELOPING AI TO COMPLY WITH A FIRST SET OF OBLIGATIONS

HOW WE CAN HELP
​
With the EU AI Act set to enforce its first obligations by the beginning of 2025, collaborate with MULTIPLAI to navigate the EU AI Act with our unique offerings. We distill the act to its essentials, ensuring compliance and leveraging our thorough understanding to turn obligations into opportunities for AI-driven innovation and scaling.
THE SCOPE
The Act applies to all organizations along the AI value chain, who are established or located in the EU or where the output of an AI system is used in the EU.
PROVIDER
​
Develop an AI system under its own name and trademark
DEPLOYER
​
Use an AI system under their authority
DISTRIBUTOR
​
Make an AI system available across the EU market
IMPORTER
Place an AI system on the EU market
AUTHORIZED REPRESENTATIVE
Act on behalf of a provider outs
THE FOCUS
The EU AI Act follows a risk-based approach, where AI systems are regulated according to their potential impact onindividuals & society. The higher the risk, the stricter the regulatory requirements. The risk-based approach divides AI systems into four categories, making proper classification of each system crucial as obligations vary by category:
HOVER OVER THE FIVE RISK CATEGORIES TO LEARN MORE:

AI Generated Image
AI SYSTEMS THAT POSE AN UNACCEPTABLE RISK AND CAN CAUSE SIGNIFICANT HARM
Manipulation of human behaviour, exploitation of vulnerabilities & social scoring etc.
​
| SHUTDOWN & REPORTING |
AI SYSTEMS THAT INTERACT WITH HUMAN END USERS AND POSE RISK OF IMPERSONATION & DECEPTION
Customer-facing chatbots, emotion-recognition systems, biometric categorization deep fakes
​
| TRANSPARENCY REQUIREMENTS |
AI SYSTEMS THAT POSE ONLY A MINIMAL RISK TO INDIVIDUALS
ELarge language models, foundational​ AI models used across various applications
​
| TRANSPARENCY REQUIREMENTS & GPA OBLIGATIONS |
GPAI MODELS PERFORM A VARIETY OF TASKS & ARE WIDELY DISTRIBUTED, MAKING THEM HIGHLY VERSATILE
Large language models, foundational​ AI models used across various applications
​
| TRANSPARENCY REQUIREMENTS & GPA OBLIGATIONS |
AI SYSTEMS THAT AFFECT SAFETY OR FUNDAMENTAL HUMAN RIGHTS
AI systems used in safety-critical product components (Annex I, A) or falling into specific high-risk areas (Annex III)
​
| CONFORMITY ASSESSMENT & MITIGATION MEASURES |
RISK CLASSIFICATION OF THE EU AI ACT REGULATION
"The EU AI Act offers more than regulation; it is a strategic enabler for scaling AI through holistic governance and cross-functional collaboration."
Zita Bohn, AI Governance & EU AI Act Lead
IN-SCOPE VS. OUT OF SCOPE
While the EU AI Act applies to all AI systems within the EU, only those in highly regulated categories are subject to the most stringent requirements. Determining whether an AI system operates in a high-risk area or serves as a critical safety component is essential, as these systems must comply with the high-risk obligations. Consequently, certain industries may face greater exposure than others.
01
HIGH RISK AI SYSTEMS
AI systems that impact safety or fundamental human rights are considered high-risk and are central to the EU AI Act, facing stringent regulations.
02
IN SCOPE - PRODUCT SAFETY COMPONENTS
AI systems fulfilling a safety function for a product or system listed below are also classified high-risk and face the same obligations as other high risk AI systems if subject to third-party conformity assessments under a different EU regulation.
03
INDUSTRY EXPOSURE
Industries using AI in high-risk areas or in safety-critical product components are highly exposed to the EU AI Act and must meet strict safety & compliance regulations.
04
OUT OF SCOPE
AI systems that impact safety or fundamental human rights are considered high-risk and are central to the EU AI Act, facing stringent regulations.
CLICK THROUGH THE SLIDES BELOW FOR MORE:
THE IMPACT
FINANCIAL IMPACT
Non-compliance with the EU AI Act can lead to significant financial penalties and reputational harm, impacting a firm's credibility and market position. Notable financial penalties include:
15 m €
or 3% of global turnover for violation of any obligations associated with the outlined roles

7,5 m €
or 1% of global turnover for the supply of incorrect information
35 m €
or 7% of global turnover for use of prohibited AI systems
AI Generated Image
ORGANIZATIONAL IMPACT

The Act is expected to reshape how we think about and manage AI (analog to GDPR), with significant financial and organizational impact for organizations
ADMINISTRATIVE BURDEN & AI GOVERNANCE
Revise AI strategy, policies, governance frameworks, and resource allocation to ensure full compliance with the EU AI Act and facilitate effective collaboration with relevant authorities.
BAN ON PROHIBITED AI & COMPLIANCE OBLIGATIONS
Identify, catalogue, and classify all AI systems by Feb 25 to ensure that all prohibited systems are shut down and adhere to all obligations mandated by the EU AI Act for the respective risk category.
AI LITERACY (Art. 4)
Providers and deployers must ensure staff and those involved with AI systems have adequate AI literacy, including an understanding of their roles and the ethical implications.
TIMELINE
The EU AI Act entered into force in August 2024 and is now being rolled out in stages. This starts with a transition period allowing businesses time to comply before first enforcement begins in 2025.
AUGUST 2024
Publication of the EU AI Act and entry into force
FEBRUARY 2025
General provisions (incl. AI Literacy) & ban on AI systems with prohibited risk
Ch. I
Ch. II
AUGUST 2025
Obligations for provisions of new GPAI models & provisions on notifying authorities
Ch. III.4
Ch. V
Ch. VII
Ch. XII
Art. 78
AUGUST 2026
| Full scope of regulation applies |
Majority of obligations for AI systems & roles
AUGUST 2027
Obligations for existing GPAI models (before Q3 25) & high-risk systems under Annex I
Art. 6(1)
BEYOND COMPLIANCE

1
REGULATORY REQUIREMENTS
Conformity assessments and documentation requirements primarily relevant from a compliance perspective
2
PORTFOLIO MANAGEMENT & SYNERGIES
Leverage synergies through complete transparency across all use cases, eliminating siloed operations and redundant efforts for maximum efficiency
3
TRUST & ADOPTION
Foster a culture of responsible innovation by enhancing AI quality, safety, and trustworthiness to ensure widespread AI acceptance and adoption
4
TIME-TO-MARKET & SCALING
Standardize and redesign AI use case lifecycle in line with EU AI Act to enable successful scaling beyond the pilot phase and accelerate time-to-market
HOW TO GET STARTED
Ensure the right people start preparing for the upcoming regulatory requirements and design your solution for the long-term.
FORM
Multidisciplinary taskforce to cover full range of expertise
DEFINE
Enterprise-wide governance framework, standards & processes based on maturity
IDENTIFY
AI across the entire organization and setup single source of truth
ASSESS
Risk classes of all use cases and start implementing risk mitigation measures
MONITOR
Continous monitoring & oversight to ensure compliance & innovation
OUR SERVICES TO NAVIGATE YOU THROUGH THE EU AI ACT
With extensive expertise in Data and AI Strategy & Governance, we distil the act to its essentials, ensuring compliance and leveraging our thorough understanding to turn obligations into opportunities for AI-driven innovation and scaling. Our EU AI Act governance framework provides a systematic path to compliance. Guided by the core requirements of the EU AI Act, we establish an enterprise-wide governance for effective identification, risk assessment & monitoring of AI systems to fulfill regulatory requirements.
ADVISORY ON THE EU AI ACT
AWARENESS & NEXT STEPS
Strategic workshops and assessments help evaluate your organization's AI governance maturity and exposure to the EU AI Act. Tailored roadmaps are co-created to ensure alignment with regulatory requirements, addressing gaps in readiness and compliance priorities. Stakeholder engagement and integration into the broader Data & AI strategy are essential for long-term impact.

1
2
3
4
5
ADDITIONAL SERVICES FOR COMPANIES OUTSIDE THE EU
AUTHORIZED REPRESENTATIVE - VERIFICATION & REPRESENTATION
For providers outside the EU, appointing an Authorized Representative (AR) within the EU is mandatory before entering the Union market. We can act as intermediaries, ensuring compliance with EU AI Act requirements. We manage tasks on behalf of the provider, including handling conformity and technical documentation, regulatory declarations, and facilitating cooperation with authorities to ensure seamless alignment with EU regulations.
MEET THE TEAM

ZITA BOHN
AI Governance & EU AI Act Lead​

REBECCA BURNS
Data & AI Strategy Lead​

SAM RAMSAY
EU AI Act Assessment Expert