Overview
Severity: MEDIUM | Affected: EU AI Industry | Category: policy
The European Parliament has officially passed the 'AI Verifiable, Explainable, and Robust Intelligence Framework (VERIFY) Act', a landmark regulation that extends the EU AI Act's provisions. The new law mandates that all AI systems classified as 'high-risk' must undergo regular, independent third-party audits for security, privacy, and bias. These audits will include mandatory adversarial testing, model robustness assessments, and data privacy compliance checks under GDPR. The VERIFY Act establishes a certification framework for AI auditors and requires companies to publicly disclose audit summaries. It also introduces a 72-hour mandatory breach notification requirement for any security incidents involving high-risk AI systems that compromise personal data or system integrity. The regulation is seen as a major step toward creating a standardized and enforceable accountability structure for the AI industry operating within the European Union, though some industry groups have raised concerns about the compliance burden and potential for innovation slowdown.