The AI Act: The World's First Regulation on Artificial Intelligence
Discover the impact of the AI Act on the development and regulation of AI in Europe. This article covers the adoption of the legislation, the specific measures it contains for AI providers, and the regulatory transition measures. An essential guide to understanding the current and future challenges of AI in the EU.
The Foundations and Evolution of Artificial Intelligence
The foundations of artificial intelligence were laid several decades ago, notably with Alan Turing’s machine. The advent of big data, increased computing power, and the shift toward inductive approaches (machine learning and deep learning) have paved the way for a new phase in the development of artificial intelligence.

AI has a wide range of applications and is becoming increasingly important to the economy and society. Although the vast majority of AI-related technologies in Europe currently pose minimal or no risk to individuals, their rapid evolution calls for the implementation of new regulations.
The AI Regulation in the EU
The AI Act and the Controversies Surrounding It
In April 2021, the European Commission became the first body in the world to propose legislation aimed at regulating artificial intelligence.
The introduction of binding rules, particularly regarding foundation models, did not receive unanimous support. During the third quarter of 2023, several European Union countries, including France, opposed any regulations for providers of foundation models, preferring mandatory self-regulatory measures.
In their view, the initial proposal for the AI Act would prevent European companies from developing certain innovations capable of competing in the market with American tech giants.
When was the AI Act passed?
In December 2023, a provisional political agreement was reached. To ensure a legal framework conducive to responsible innovation, this compromise proposed categorizing and regulating AI systems based on the risk they pose to users.
However, it was not until Friday, February 2, that France finally ratified the AI Act. The agreement was thus unanimously approved by all European countries.
Risks and Preventive Measures Under the AI Act
This regulation faces a wide range of challenges; it must take into account the benefits of AI, as well as the new risks and negative externalities it may create.
The aim is to ensure that AI systems used in the EU:
- are safe, transparent, traceable, non-discriminatory, and environmentally friendly;
- respect fundamental rights and the values of the Union.
In particular, the proposal included requirements (regarding testing, monitoring, risk management, etc.) aimed at reducing the risk of algorithmic discrimination.
The documentary *Coded Bias* highlights the fact that algorithms, like humans, can be biased. For example, it shows that Amazon used AI in its hiring process to streamline HR work by pre-screening certain candidates. After some time, it was found that the AI selected almost no women.
Why such discrimination? AI isn’t sexist; it’s just that its reliance on machine learning causes it to replicate certain social patterns. It turns out that when the algorithm was being trained, very few women held leadership positions at Amazon.
Thus, the AI Act aims to clarify the obligations regarding the development, deployment, and use of AI in order to mitigate associated risks, while creating a legal framework conducive to investment and the establishment of an innovative market.
Just as AI systems are evolving rapidly, the rules established by the AI Act are designed to continually adapt to technological changes.
What are the European regulations on artificial intelligence?
Risk categories and associated regulations
This text links specific regulatory measures to an AI system based on the risk it poses to users. Four categories have been established:

Thus, artificial intelligence applications can be classified into different categories:
- Applications that pose an unacceptable risk will be banned. Examples of such applications include cognitive-behavioral manipulation and social scoring, among others.
- High-risk applications—those that pose a threat to security, livelihoods, or fundamental rights—will be assessed before they are brought to market and throughout their lifecycle. These applications may include areas such as transportation, education, healthcare, employment, and public services. For example, remote biometric identification, exam grading, and verification of the authenticity of travel documents.
- Applications with limited risk will be required to comply with transparency requirements so that users can make informed decisions following AI intervention. Examples of such applications include chatbots and recommendation systems.
- Applications with minimal or no risk will not be subject to any specific regulations. For example, video games and spam filters.
The establishment of “regulatory sandboxes” will enable both users and providers of high-risk AI systems to comply with the new rules, while also allowing EU member states to refine or approve the measures in the AI Act for the final adoption of the world’s first set of rules on artificial intelligence.
To meet regulatory requirements, a set of specific obligations has been developed to mitigate the risks posed by high-risk AI systems.
Suppliers' obligations under the IA Act
Before their products can be placed on the market, AI providers will have to demonstrate:
- appropriate risk assessment and mitigation systems;
- the high quality of the datasets feeding into the system in order to minimize risks and discriminatory outcomes;
- recording activities to ensure the traceability of results;
- detailed documentation providing all the necessary information about the system and its purpose to enable the authorities to assess its compliance;
- providing clear and adequate information to the user;
- appropriate human monitoring measures to minimize risks;
- a high level of reliability, safety, and accuracy.
As part of an iterative process, high-risk AI systems will continue to be evaluated in accordance with the aforementioned procedures throughout their lifecycle.
Furthermore, to ensure that the specific objectives set by the European Commission are met, a monitoring and evaluation mechanism has been established, which will allow for the application of the penalties provided for in the AI Act, if necessary.
In particular, once an AI system is on the market:
- National authorities will ensure that the new rules are properly implemented within their jurisdictions.
- The European Commission will ensure coordination at the European level through the establishment of the European AI Office in February 2024.
- The European Commission will establish a system for registering high-risk autonomous AI applications in a public database. This will allow anyone to verify whether a specific high-risk AI system complies with the requirements of the AI Act.
Consequently, AI providers will be required to provide relevant information about their systems so that the competent authorities can assess their compliance. Furthermore, in the event of an uncontrolled violation of fundamental rights obligations by the AI, providers will be required to notify the competent authorities as soon as possible.
Sanctions and Complementarity with EU Law
Failure to comply with the requirements of the AI Act will result in penalties:
- For any violations involving prohibited AI applications: up to €35 million or 7% of the company’s global annual revenue.
- For providing incorrect information to the authorities: up to 7.5 million euros or 1.5% of the company’s global annual revenue.
- For all other breaches of obligation: 15 million euros or 3% of the company’s global annual revenue.
The AI Act complements existing EU law on non-discrimination, data protection, and consumer protection through a set of harmonized rules.
These rules will have a twofold benefit: they will enable suppliers to easily market their AI-related products and services across EU borders, and they will allow
Conclusion and Outlook on AI Legislation in Europe
Entry into force of the regulation and adoption by the European Parliament
The law took effect 20 days after its publication in the Official Gazette, that is, at the end of February 2024. It should be noted that it will become fully enforceable two years later; however, certain prohibitions will take effect after six months, while the provisions regarding general-purpose AI will be enforced after one year.
How can we successfully navigate the regulatory transition to the AI Act?
To facilitate the transition to the new regulatory framework, the Commission has launched the AI Pact. This initiative promotes the rapid implementation of the measures set forth in the AI Act by enabling participating companies to comply with its requirements ahead of schedule.
Specifically, companies must submit a statement of commitment outlining the actions they have taken or plan to take to meet the specific requirements of the upcoming AI law.
In return, the Commission will publish these commitments to provide visibility, enhance credibility, and build trust in the technologies developed by the companies participating in the pact.
Thank you very much for reading. If you’d like to learn more or see us explore new topics, please feel free to contact.
