Does the EU AI Act apply to businesses outside the EU?

Yes. The Act applies to any provider that places an AI system on the EU market or puts it into service in the EU, regardless of where that provider is established. It also applies to deployers located in the EU. If your AI system's output is used in the EU, the Act almost certainly covers you.

What is the difference between a provider and a deployer under the EU AI Act?

A provider develops an AI system and places it on the market or puts it into service. A deployer uses an AI system under its own authority in a professional context. Most businesses using tools like ChatGPT, Microsoft Copilot, or third-party recruitment AI are deployers. Providers carry heavier obligations — technical documentation, conformity assessments, registration — but deployers of high-risk AI have real obligations too.

Which AI uses are already banned since February 2025?

The prohibited practices that applied from 2 February 2025 include: AI that manipulates people through subliminal techniques or exploiting vulnerabilities; social scoring systems used by public authorities; real-time remote biometric identification in public spaces (with narrow law enforcement exceptions); biometric categorisation inferring sensitive attributes like race, religion, or political opinion; scraping facial images from the internet or CCTV to build recognition databases; emotion recognition in workplaces or educational institutions; and AI that predicts criminal behaviour based on profiling.

What are the fines under the EU AI Act?

Violations involving prohibited AI systems can result in fines of up to €35 million or 7% of global annual turnover, whichever is higher. Non-compliance with obligations for high-risk AI systems carries fines of up to €15 million or 3% of global annual turnover. Providing incorrect or misleading information to authorities can result in fines of up to €7.5 million or 1% of global annual turnover. For SMEs and start-ups, the fine is capped at whichever figure is lower.

EU AI Act: What Your Business Needs to Do Before the August 2026 Deadline

Q: Is using ChatGPT or Microsoft Copilot regulated under the AI Act?

These tools are General Purpose AI (GPAI) models. Their providers — OpenAI, Microsoft, Google — must comply with GPAI obligations including technical documentation and copyright compliance. As a deployer, you inherit their compliance through their terms and model cards. However, if you use a GPAI model in a way that creates a high-risk AI application — for example, building an AI-powered CV screening tool — you become responsible for the high-risk obligations.

Key takeaways

High-risk AI obligations apply from 2 August 2026 — two months away
Most businesses using third-party AI tools are deployers, not providers, but deployers of high-risk AI still have real legal obligations
Eight Annex III categories define high-risk AI — employment and recruitment AI is in scope for most regulated businesses
Several AI practices have been banned since February 2025, including emotion recognition in workplaces and AI-powered social scoring
Using ChatGPT, Copilot, or Gemini makes you a GPAI deployer — you inherit their compliance but carry responsibility for how you deploy them
Fines reach €35 million or 7% of global turnover for the most serious violations

What the EU AI Act is

The EU AI Act (Regulation EU 2024/1689) is the world's first comprehensive legal framework for artificial intelligence. It was published on 12 July 2024 and entered into force on 1 August 2024. Unlike sector-specific rules that govern AI in particular industries, the Act applies horizontally across all sectors and all AI use cases, using a risk-based approach to determine what obligations apply.

The Act creates obligations for two main types of actors. Providers develop AI systems and place them on the EU market — think software vendors, SaaS companies, and AI tool developers. Deployers use AI systems in a professional context under their own authority. Most businesses — including SMEs using off-the-shelf AI tools for HR, customer service, or operations — are deployers, not providers. Providers carry heavier obligations. Deployers of high-risk AI have lighter but still substantive ones.

Scope

The Act applies to providers placing AI on the EU market regardless of where they are based, and to deployers located in the EU. If you use AI in your operations in the Netherlands, the UK (where post-Brexit equivalence is being watched), or any EU member state, and the AI output affects people in the EU, this law applies to you.

The four risk tiers

The Act classifies AI systems into four tiers. The tier determines your obligations — from nothing at all for most everyday AI to a full ban for the most dangerous applications.

Unacceptable risk — Banned In force since 2 February 2025

These AI practices are prohibited outright. No business justification can authorise them.

Social scoring by public authorities Subliminal manipulation Emotion recognition in workplaces Real-time biometric ID in public spaces Facial recognition database scraping Criminal behaviour prediction by profiling

High risk Obligations apply from 2 August 2026

AI systems listed in Annex III. Both providers and deployers have obligations. Covers eight categories including employment AI, credit scoring, education systems, and critical infrastructure.

CV screening and recruitment AI Employee performance monitoring Credit and insurance scoring Student assessment AI Biometric identification systems

Limited risk Transparency obligations only

AI systems that interact with people must disclose that they are AI. Chatbots must tell users they are talking to a machine. AI-generated content must be labelled as such.

Customer service chatbots AI-generated text and images Deepfake content

Minimal risk No specific obligations

The vast majority of AI applications — spam filters, recommendation engines, AI in productivity tools, most automation — fall here. Providers can voluntarily adopt codes of conduct.

Spam filters AI-powered search Inventory forecasting Grammar correction

Prohibited AI: what has been banned since February 2025

The prohibitions in Chapter II of the Act became enforceable on 2 February 2025. If your organisation uses any of the following, you are already in violation.

Subliminal manipulation: AI that influences people through techniques operating below conscious perception to distort their behaviour or decisions in ways that cause harm.
Exploiting vulnerabilities: AI that exploits specific groups' vulnerabilities — age, disability, social or economic situation — to distort their behaviour harmfully.
Social scoring: AI used by public authorities to evaluate or classify individuals based on their social behaviour or personal characteristics, leading to detrimental or unfavourable treatment.
Criminal behaviour prediction by profiling: AI that assesses the risk of a person committing a crime based solely on profiling or personality traits, rather than on objective verifiable facts.
Untargeted biometric scraping: AI systems that create or expand facial recognition databases by scraping images from the internet or CCTV footage without a specific purpose.
Emotion recognition in workplaces and education: AI that infers the emotions of workers or students. This is a direct and immediate concern for employers using mood or engagement monitoring tools.
Biometric categorisation by sensitive attributes: AI that categorises people based on biometric data into groups defined by race, political opinion, religion, sexual orientation, or other sensitive characteristics.
Real-time remote biometric identification in public spaces: AI used for live biometric identification of people in publicly accessible spaces, subject to narrow and strictly supervised law enforcement exceptions.

Check now

Employee engagement monitoring platforms, productivity tracking tools that record facial expressions or emotional state, and any HR technology that scores or categorises workers based on biometric signals may already constitute prohibited AI. Review any such tools before any enforcement action forces the issue.

High-risk AI: the eight Annex III categories

Annex III lists the categories of AI system that are classified as high-risk. The obligations for providers and deployers in these categories apply from 2 August 2026. Most organisations will encounter risk in the employment and financial services categories.

Biometric systems

AI used for remote biometric identification or categorisation of natural persons, and AI used for emotion recognition. Affects security systems, access control, and attendance monitoring using facial or biometric data.

Critical infrastructure

AI used as a safety component in management and operation of digital infrastructure, road, rail, water, gas, heating, and electricity. Relevant for utilities, logistics, and managed infrastructure providers.

Education and vocational training

AI that determines access to or assigns people to educational institutions, evaluates learning outcomes, assesses students in exams, or monitors for prohibited behaviour. Relevant for training providers, HR learning platforms, and assessment tools.

Employment and workers management

AI used for recruitment (CV screening, job ad targeting, interview analysis), promotion decisions, task allocation, performance monitoring, and contract termination. This is the category most relevant to regulated businesses using third-party HR technology.

Essential private and public services

AI used in credit scoring, insurance risk assessment, creditworthiness evaluation, and emergency services dispatching. Critical for financial services firms and insurers.

Law enforcement

AI used to assess the risk of a person becoming a victim of crime, polygraphs and similar tools, and profiling in the context of criminal offences. Primarily applies to law enforcement agencies.

Migration, asylum, and border control

AI used to assess risks for visa applications, asylum claims, and border crossing. Primarily applies to public authorities, but third-party service providers may be affected.

Administration of justice and democratic processes

AI that assists in researching and interpreting facts and the law, or influencing elections. Primarily relevant to legal services and public administration.

What deployers of high-risk AI must do

If your organisation uses a high-risk AI system, your obligations as a deployer are distinct from those of the provider. The provider is responsible for the system's design, documentation, and conformity assessment. You are responsible for how it is used.

Use it as intended: You must use the system in accordance with the provider's instructions for use. Modifications or use cases outside the intended scope shift liability towards you.
Implement human oversight: You must designate a person with the necessary competence, authority, and resources to implement human oversight of the system's operation. Fully automated high-risk decisions without meaningful human review are not permitted.
Monitor for unexpected behaviour: You must monitor the operation of the system and report serious incidents or malfunctions to the provider and, where required, to the relevant market surveillance authority.
Keep logs: Where the AI system generates logs automatically, you must retain those logs for the period required by applicable law.
Inform affected workers: Where the AI system affects employees — for example, performance monitoring or task allocation — you must inform the workers and their representatives of the system's use before it is deployed.
Conduct a Fundamental Rights Impact Assessment (FRIA): Deployers that are public bodies, or that deploy high-risk AI for credit scoring, insurance, or certain other services, must conduct and document an FRIA before deployment.

2 Aug
2026

high-risk AI obligations apply — Annex III systems

€35M

or 7% global turnover — maximum fine for prohibited AI

€15M

or 3% global turnover — maximum fine for high-risk non-compliance

General Purpose AI models: what deployers need to know

General Purpose AI (GPAI) models — the large foundation models that underlie ChatGPT, Microsoft Copilot, Google Gemini, and similar tools — are subject to a separate track in the Act. GPAI obligations on providers became enforceable from 2 August 2025.

For most businesses, the key point is this: when you use a GPAI model through an API, a subscription product, or a platform like Microsoft 365 Copilot, you are a deployer of that GPAI system. The provider — OpenAI, Microsoft, Google — carries the primary GPAI compliance obligations, including maintaining technical documentation, publishing summaries of training data, and complying with EU copyright law. You inherit their compliance through their terms and transparency documentation.

However, the situation changes if you build on top of a GPAI model. If you fine-tune a foundation model, add it to a product you place on the market, or use a GPAI model to power an application that falls into a high-risk Annex III category — such as a GPAI-powered CV screening tool — you take on obligations as a provider of that downstream application. The underlying GPAI provider's compliance does not cover the high-risk application you have built on top of it.

Using ChatGPT or Copilot responsibly is not the same as being compliant. If the use case you have built with those tools is high-risk, the obligations follow the use case, not the tool.

GPAI models with systemic risk

GPAI models trained using more than 10²⁵ floating point operations (roughly equivalent to the most capable frontier models available today) are designated as having systemic risk. Their providers face additional requirements: adversarial testing, incident reporting to the European AI Office, cybersecurity measures, and energy efficiency reporting. As a deployer of these models, your obligations are unchanged, but you should confirm that your GPAI provider has registered with the EU AI Office and published the required transparency documentation.

The implementation timeline

1 Aug 2024

Act enters into force

Regulation (EU) 2024/1689 published and in force. Transition periods begin.

2 Feb 2025

Prohibited AI applies

Chapter I (definitions) and Chapter II (prohibited practices) become enforceable. The eight categories of banned AI are now illegal.

2 Aug 2025

GPAI model obligations apply

Providers of General Purpose AI models must comply with documentation, transparency, and copyright requirements. Systemic-risk GPAI providers face additional adversarial testing and incident reporting obligations.

2 Aug 2026

High-risk AI obligations apply — approaching

Annex III high-risk AI systems must comply with all provider and deployer obligations. This covers employment AI, credit scoring, education systems, biometric identification, and the other six Annex III categories.

2 Aug 2027

Annex I product AI applies

High-risk AI embedded as a safety component in regulated products (medical devices, machinery, vehicles, toys) must comply. Relevant for manufacturers and importers of regulated products.

What most businesses need to do now

With the August 2026 deadline approaching, the most useful starting point is a structured inventory of your AI use. You cannot assess your obligations without first knowing what AI systems you use and in what context.

Step 1: Inventory your AI use

List every AI system in use across your organisation — not just the ones IT has procured, but tools used by individual teams and individuals. Include productivity AI (Copilot, ChatGPT), HR platforms with AI features, customer-facing chatbots, fraud detection tools, and any analytics platforms that make or inform decisions about people. Shadow AI is a real risk here: many organisations discover through this process that employees are using AI tools their IT function has not reviewed.

Step 2: Classify each system by risk tier

For each system identified, determine which tier applies. The key question for most SMEs: does the AI system make or materially assist decisions about people in the context of employment, education, credit, or essential services? If yes, it is likely high-risk. If it is a chatbot that users know they are talking to, it is limited risk. If it is a recommendation engine or internal productivity tool, it is likely minimal risk.

Step 3: Check your HR and recruitment AI

Employment and workers management is the Annex III category most relevant to the broadest range of organisations. If you use any tool that automates or assists in screening CVs, ranking candidates, scheduling interviews, monitoring employee productivity, or making task allocation decisions, review whether that tool's provider has documentation confirming their approach to the AI Act. Ask your HR technology vendors directly: are your systems classified as high-risk under the EU AI Act, and what is your compliance roadmap?

Step 4: Review your prohibited AI exposure

Go through the prohibited AI categories and check whether any current tool might be in scope. Emotion recognition and workplace monitoring are the two most likely exposures for private sector organisations. Any platform that analyses facial expressions, voice tone, or physical behaviour to infer employee engagement or emotional state should be reviewed immediately.

Step 5: Update your AI policies and inform your workforce

The Act requires deployers of high-risk AI to inform workers when AI systems are used in employment decisions. Beyond the legal requirement, staff awareness of which AI tools are in use and how they operate is sound governance. Update your acceptable use policy to address generative AI, document which tools are approved and for what purposes, and ensure the person responsible for AI oversight has both the authority and the time to exercise it.

Our audits and compliance team works with organisations to structure their AI Act readiness assessments, from inventory to gap analysis to remediation. Our AI advisory practice supports businesses deploying AI responsibly across regulated sectors including financial services, healthcare, and hospitality.

The fine structure

The Act establishes a three-tier penalty structure. National market surveillance authorities are responsible for enforcement within each member state, with the European AI Office overseeing GPAI providers directly.

Prohibited AI violations: Up to €35 million or 7% of total worldwide annual turnover, whichever is higher.
Non-compliance with high-risk AI obligations: Up to €15 million or 3% of total worldwide annual turnover, whichever is higher.
Providing incorrect, incomplete, or misleading information to authorities: Up to €7.5 million or 1% of total worldwide annual turnover, whichever is higher.

For SMEs and start-ups, fines are capped at whichever figure is lower — the absolute cap or the percentage of turnover. This provides some protection relative to the treatment of large corporations, but the absolute figures remain significant at any scale. The European AI Office has indicated that enforcement will initially focus on the most serious violations and on repeat or negligent non-compliance rather than on first-time technical breaches by organisations making genuine efforts to comply.