Overview
Severity: MEDIUM | Affected: European Union | Category: policy
The European Union has begun active enforcement of its landmark AI Act, with the European AI Board issuing its first set of non-compliance fines. A major European financial services firm was fined €15 million for failing to meet the rigorous transparency and risk management requirements for its AI-powered credit scoring system, which is classified as 'high-risk' under the Act. The board found the firm's documentation on data governance and model testing to be inadequate, and it had not conducted a mandatory fundamental rights impact assessment. This first enforcement action sends a strong signal to companies operating in the EU that regulators are serious about compliance. Legal experts predict a wave of similar actions as the grace period for other provisions of the Act expires, forcing organizations to prioritize robust AI governance, risk, and compliance (GRC) frameworks.