Quick guide to the EU AI Act 2024 – Transcript
In this video series, I’ve been making the case that we should manage AI like an asset. Doing so not only helps us control costs and mitigate risks, but crucially enables us to harness innovation and overcome barriers that might otherwise prevent us from tapping into AI’s full potential. In the previous video, we discussed various categories of risk associated with AI, including the emerging regulatory risks. Today, I’d like to offer a concrete example: the newly published EU AI Act 2024, set to take effect in 2026.
The EU AI Act will require organisations to assess and classify the AI in their environment according to its level of risk. Some uses are strictly prohibited—such as feeding a live camera feed of random faces on a high street directly into an algorithm for real-time analysis. Other applications are deemed high risk, for instance where there’s a threat to life or a serious invasion of privacy. From there, the scale descends down to lower-risk scenarios. Enterprises will have two years—until around August/September 2026—to identify their AI usage, assess its risk, and put appropriate controls in place.
If this sounds familiar, it’s likely because the EU AI Act bears strong similarities to GDPR, Europe’s data privacy legislation. Let’s look at three key parallels:
It’s an Act, Not a Directive:
Like GDPR, the AI Act is legislation with genuine enforcement powers. This isn’t a suggestion or a nice-to-have guideline. Regulators will have legal authority to ensure compliance, and that sets a serious tone.
Significant Financial Penalties:
Under GDPR, severe data privacy violations can lead to fines of up to 3% of an organisation’s annual turnover. The EU AI Act goes further, threatening fines of up to 7% of turnover for serious breaches. Think about the financial impact—7% can easily wipe out profits for multiple years if you operate in slim-margin industries like retail or construction.
Global Reach:
GDPR’s scope has always been broader than just the EU—if you do business in Europe, you must comply. The AI Act applies the same principle. Even if your headquarters are in the US, India, or Australia, if you trade in Europe, you’ll need to follow the EU AI Act. It effectively becomes global regulation for any multinational enterprise wanting to do business with the EU market.
EU AI Act 2024 – Summary
In essence, the EU AI Act 2024 signals a definitive shift towards regulated AI usage. Organisations must understand precisely what AI they’re using, identify its risk classification, and prepare to operate under the watchful eye of a regulatory framework that has real teeth. For many enterprises, this will feel very much like the early days of GDPR—challenging, but ultimately pushing companies towards more responsible, well-governed, and transparent practices.
In the next video, we’ll discuss how to build a robust governance framework for managing AI as an asset. Armed with that guidance, you’ll be better prepared to meet these regulatory requirements and ensure your AI investments deliver on their promise while respecting critical legal and ethical boundaries.
View the video on Youtube here: https://youtu.be/IFSQEZXeix8