Overview
Severity: MEDIUM | Affected: EU-based AI Developers | Category: policy
The European Parliament has passed the 'AI Resilience Act' (AIRA), a landmark piece of legislation aimed at bolstering the security and transparency of artificial intelligence systems operating within the EU. The act mandates that developers of 'high-risk' AI systems, including those used in critical infrastructure, finance, and healthcare, must conduct regular, independent adversarial testing and red teaming exercises. A key provision of AIRA is the requirement for a comprehensive 'Data and Model Bill of Materials' (DM-BOM), which must detail training data provenance, model architecture, and third-party components. Non-compliance can result in fines of up to 5% of a company's global annual turnover. The new regulation is expected to set a global precedent for AI security accountability and will come into force in 18 months.