Overview
Severity: HIGH | Affected: EU-based Organizations | Category: policy
The European Union's AI Act has officially entered its first enforcement phase, with the AI Office issuing new binding directives for companies deploying 'high-risk' AI systems. Effective immediately, organizations in sectors like critical infrastructure, law enforcement, and medical devices must adhere to stringent new third-party auditing and continuous monitoring requirements. The policy mandates that these systems undergo rigorous conformity assessments before being placed on the market, focusing on data governance, robustness, transparency, and cybersecurity. A key provision requires the creation and maintenance of detailed risk management systems and technical documentation, which must be made available to national supervisory authorities upon request. Non-compliance carries severe penalties, with fines of up to €35 million or 7% of global annual turnover. The move signals a major shift from voluntary ethical guidelines to legally enforceable regulations, setting a new global standard for AI safety and accountability in critical applications.