Skip to content
Start Free →
EU AI ACT

AI compliance is no longer optional.

EU AI Act · High-Risk Systems

The EU AI Act is the world's first comprehensive AI regulation. High-risk AI systems — those affecting employment, credit, healthcare, education, and critical infrastructure — face mandatory conformity assessments, transparency requirements, and human oversight obligations. The August 2026 compliance deadline is live.

Run an EU AI Act diagnostic Talk to us →
Aug 2026 Compliance deadline
4 Risk tiers
High-risk Primary focus
ISO 42001 Aligned standard
FOUR RISK TIERS

Unacceptable risk (Prohibited)

Social scoring, real-time biometric surveillance, subliminal manipulation. These systems are banned outright under the EU AI Act.

High risk

AI in hiring, credit, healthcare, education, and critical infrastructure. Mandatory conformity assessments, human oversight, and technical documentation required.

Limited risk

Chatbots, deepfakes, and emotion recognition. Transparency obligations: users must be informed they are interacting with AI.

Minimal risk

AI spam filters, AI-enabled video games. No mandatory obligations, but voluntary codes of conduct encouraged.

HIGH-RISK REQUIREMENTS

Risk management system

Continuous identification, analysis, and mitigation of risks throughout the AI system lifecycle.

Data governance

Quality criteria for training, validation, and testing datasets. Bias detection and correction protocols.

Technical documentation

System cards, architecture descriptions, and training methodology documentation before market placement.

Human oversight

Measures enabling human operators to understand, monitor, correct, and override AI system outputs.

Accuracy & robustness

Performance benchmarks and resilience against errors, faults, and adversarial inputs.

Transparency

Logs, audit trails, and reporting obligations to national authorities.

ISO 42001 AS YOUR EU AI ACT FOUNDATION

ISO 42001 was designed to align with the EU AI Act's governance requirements. Organizations that implement ISO 42001 establish the risk management, data governance, and human oversight controls the Act requires. GRID42's diagnostic engine maps your AI systems against both standards simultaneously — closing EU AI Act gaps while building toward ISO 42001 certification.

See ISO 42001 →
FREQUENTLY ASKED QUESTIONS
When does the EU AI Act take effect?
The EU AI Act entered into force in August 2024. The prohibition on unacceptable-risk systems applied from February 2025. High-risk AI system requirements apply from August 2026. General-purpose AI model obligations have applied from August 2025.
Does the EU AI Act apply to non-EU companies?
Yes. The EU AI Act has extraterritorial reach. Any organization placing AI systems on the EU market or using them to affect EU residents must comply — regardless of where the organization is headquartered.
What makes an AI system 'high-risk'?
High-risk systems are those used in: employment and worker management, access to education, essential private and public services, law enforcement, migration and border control, administration of justice, and critical infrastructure. AI systems that are safety components of regulated products are also high-risk.
How does GRID42 help with EU AI Act compliance?
GRID42's Scaffold diagnostic maps your AI systems against EU AI Act risk tiers and high-risk requirements. Where gaps exist, Cubelets deliver targeted training to the people responsible for AI oversight. The Passport issues verifiable credentials demonstrating that your team can meet the human oversight requirements the Act mandates.

August 2026 is closer than you think.

Map your AI systems against EU AI Act risk tiers and high-risk requirements before the deadline.

Run an EU AI Act diagnostic →