Overview
Severity: MEDIUM | Affected: EU AI Developers & Deployers | Category: policy
The European Union has officially passed the AI Model Security and Accountability Act (AMSAA), creating a comprehensive regulatory framework for AI security. The legislation mandates stringent security protocols for developers of 'high-risk' and 'foundational' AI systems operating within the EU. Key requirements include mandatory third-party security audits, continuous red-teaming, and the implementation of secure development lifecycles (SDLC) for AI. A significant provision is the requirement for a 'Model Bill of Materials' (MBOM), which obligates developers to maintain a detailed inventory of all data sources, dependencies, and components used in their models. Non-compliance can result in substantial fines of up to 6% of a company's global annual turnover. The act aims to establish a global benchmark for AI security and ensure that systems deployed in critical sectors are safe, secure, and resilient against attacks.