Overview
Severity: MEDIUM | Affected: European Union | Category: policy
The European Commission has officially published the final implementing acts for the landmark EU AI Act, setting a concrete timeline for enforcement. A key provision in the finalized text mandates that all AI systems classified as 'high-risk' must undergo a mandatory third-party conformity assessment and security audit before being introduced to the EU market. This includes AI used in critical infrastructure, medical devices, law enforcement, and employment management. The audits will assess systems for robustness, data governance, transparency, and cybersecurity resilience against adversarial attacks. Companies failing to comply face fines of up to 7% of their global annual turnover. The move establishes a new regulatory precedent for AI security assurance and is expected to create a significant new market for specialized AI auditing firms, fundamentally changing the compliance landscape for AI developers operating within the European Union.