Compliance Deadlines Approaching

EU AI Act
Compliance Hub

Everything you need to understand and comply with the EU AI Act. Authoritative guides, timelines, and practical resources.

Time until August 2, 2026 (High-Risk AI Compliance Deadline)

Key Compliance Dates

The EU AI Act rolls out in phases. Know your deadlines.

Feb 2, 2025

Prohibited AI Practices Banned

AI systems with unacceptable risk — social scoring, manipulative AI, real-time biometric mass surveillance — are banned across the EU.

Aug 2, 2026

High-Risk AI Systems Must Comply

Organizations deploying high-risk AI (HR, credit scoring, critical infrastructure, law enforcement) must meet strict requirements: conformity assessment, technical documentation, human oversight, transparency.

Aug 2, 2027

Full Enforcement

All EU AI Act provisions in full effect. All AI systems (including minimal and limited risk) must meet their respective obligations. Penalties up to €35M or 7% global turnover.

AI Risk Categories

The EU AI Act classifies AI systems into four risk categories. Each has different obligations.

Unacceptable

Prohibited

Banned entirely. Severe penalties for use.

AI systems that manipulate behavior, exploit vulnerabilities, enable social scoring by governments, or conduct real-time biometric mass surveillance.

Examples: Subliminal manipulation, biometric categorization for discrimination, social scoring systems

High Risk

Strict Requirements

Extensive compliance requirements. Must comply by Aug 2026.

AI used in critical infrastructure, employment, essential services, law enforcement, or biometric identification. Requires conformity assessment, human oversight, technical documentation, quality management.

Examples: CV screening, credit scoring, medical diagnosis, critical infrastructure management

Limited

Transparency Required

Must disclose AI usage to users.

Chatbots, deepfakes, emotion recognition systems, and biometric categorization systems. Users must be informed they're interacting with AI.

Examples: Customer service chatbots, AI content generators, emotion detection tools

Minimal

No Specific Obligations

Voluntary codes of conduct encouraged.

The vast majority of AI systems. No mandatory requirements, but organizations can voluntarily adopt codes of conduct and best practices.

Examples: Spam filters, inventory management, AI-enabled video games, recommendation engines

What This Means for Companies

Four actions every organization must take to prepare for the EU AI Act.

Build a Complete AI Inventory

Before you can classify risk or ensure compliance, you need to know every AI tool in use — from ChatGPT subscriptions to embedded AI features in your software stack.

Classify Every AI System by Risk

Each AI system must be assessed against the EU AI Act's risk categories. High-risk systems have extensive compliance requirements including technical documentation and quality management.

Maintain Extensive Documentation

You'll need records of AI system purposes, data sources, risk assessments, human oversight procedures, and incident responses. Authorities can audit these records at any time.

Understand the Penalties

Fines reach €35M or 7% of global annual turnover (whichever is higher) for prohibited AI use. High-risk AI violations cost up to €15M or 3% of turnover.

How Armadillo Helps

Armadillo features map directly to EU AI Act requirements, giving you the technical foundation for compliance.

Audit

Article 71

AI System Documentation

Discovers all AI tools across your organization — from SaaS subscriptions to embedded AI features. Maintains the inventory required by law.

Map

Articles 6-7

Risk Classification

Automatically classifies AI systems by risk level based on EU AI Act definitions. Know which systems need conformity assessments.

Review

Article 14

Human Oversight

Logs when humans review AI decisions and outputs, creating the audit trail required for high-risk AI systems.

Watch

Article 72

Post-Market Monitoring

Alerts you to policy changes in AI tools, ensuring continuous compliance as vendor terms evolve.

Detect

General Obligation

Shadow AI Prevention

Identifies unapproved AI tool usage before it becomes a compliance gap. You can't comply with what you don't know exists.

Article 71

Documentation Access

Generates compliance reports you can share with auditors, legal teams, or management. Documentation must be accessible to authorities.

Important: Armadillo provides the technical foundation for EU AI Act compliance — the inventory, classification, and monitoring infrastructure. It's not a replacement for legal counsel. You'll still need legal guidance for full compliance strategy and interpretation.