The date of 2 February 2025 was a crucial stage in the implementation path of the AI Act- the first regulation on AI in the world – in the European Union: here are the regulatory news and the tech solutions that can optimize the transposition of the European regulation on Artificial Intelligence
From the prohibition of “unacceptable” risk AI systems to the obligations for suppliers and developers: the contents of the AI Act
The first impacts of the AI Act are now coming. The first deadline in the implementation of the world’s first AI regulation within the EU – 2 February 20025 – has in fact just passed.
Before presenting the prohibitions and the new obligations that just started to apply for all the AI services and technologies providers, it is useful to recap briefly the main contents of the European regulation on AI.
As reported on the official website of the European Parliament, the AI Act exists to “ensure that Artificial Intelligence systems used in the EU are secure, transparent, traceable, non-discriminatory and environmentally friendly”. The first step towards this goal was the identification of three levels of risk of artificial intelligence systems.
The highest risk level has been defined as “unacceptable risk” and entails a ban on AI systems that constitute such a threat, making them prohibited. AI practices falling into this category include:
- cognitive behavioural manipulation of specific vulnerable people or groups;
- social classification of people by behaviour, socio-economic level, personal characteristics;
- real-time and remote biometric identification systems, such as facial recognition.
However, rare exceptions will be allowed, such as biometric identification systems used at a distance for the prosecution of serious crimes and subject to court authorization.
There are also AI systems defined as “high risk”, which have a negative impact on security or fundamental rights, as artificial intelligence systems used in products subject to the EU General Product Safety Directive and those falling under eight specific areas (source: European Parliament website), to be recorded in a dedicated database manned by the EU.
Finally, the third risk band is that of “limited risk” AI systems, in respect of which only certain “minimum transparency requirements must be met to enable users to make informed decisions”, such as the explicit disclosure of any interaction with AI.
Limited risk systems also include Generative AI – text, images, audio and video (including deep fakes) – therefore companies offering GenAI services will have to comply with transparency requirements, that are (i) explicitly communicate that the content was generated by AI, (ii) design the model to prevent illegal content generation and (iii) publish summaries of copyrighted data used for training.
The most relevant stages in the AI Act’s application timeline, from its entry into force to 2 August 2025 (and beyond)
Such a complex and impactful regulation as the AI Act is cannot obviously be applied in its entirety in one single solution. This is why European authorities have set a series of regulatory milestones over time, starting from the entry into force on 1 August 2024.
The EU’s planned timeline, in fact, includes as a first milestone which has just passed, February 2nd. From that date “taking into account the unacceptable risk associated with the use of AI in certain ways, the prohibitions as well as the general provisions of the Regulation should already apply ”.
As explained in Recital 179 of the AI Act, “it is important to anticipate the application of prohibitions in order to take into account unacceptable risks and to have an effect on other procedures, such as civil law”. In particular, Chapter I and Chapter II of the AI Act started to apply from 2 February 2025, including the prohibitions on AI systems with unacceptable risk and the requirements on AI literacy.
The latter relate in particular to the measures that AI system suppliers and deployers have to implement “to ensure, to their best extent, a sufficient level of AI literacy of their staff and other persons dealing with the operation and use of AI systems on their behalf”, taking into account a number of factors while defining the above mentioned measures.
In this regard, the publication of codes of practice is expected by 2 May 2025 to enable providers to demonstrate their compliance on time for the second milestone of the adoption of the AI Act within the EU, that is on 2 August 2025.
Since that date, “given the rapid pace of technological advancements and adoption of general-purpose AI models”, obligations for providers of general-purpose AI models will apply, including sanctions provisions.
Also from 2 August 2025, the provisions on notified bodies and governance structure will apply, with the aim of letting the infrastructure related to the governance and the conformity assessment system be operational before 2 August 2026.
Complying with the AI Act can become easier and faster, with Aptus
After this brief recap about the content of the EU Regulation on Artificial Intelligence, it is possible to go deeper into how AI technologies can streamline the compliance activities related to this regulatory transposition.
Among them, Aptus.AI’s RegTech platform can optimize the Regulatory Change Management processes of financial institutions with respect to the AI Act: here is how.
First, Aptus.Outlook feature allows users to analyse regulatory documents before they are officially published, so that they can prepare in advance for the future updates to the AI Act and for any new legal document that the EU will issue in the field of Artificial Intelligence, so that they can plan the compliance activities necessary to transpose to the European regulatory framework on AI.
In addition, thanks to Aptus.Search feature, users can exploit an advanced search both inside and outside the regulatory text. The first makes it possible to identify more quickly and reliably the obligations introduced, the possible sanctions and all information relevant for the transposition of the regulation. Besides, the external search allows users to browse all the other legal documents relevant for the regulatory analysis related to AI systems, and not only.
Finally, to make the consultation of the AI Act even more intuitive, fast and accurate, there’s Aptus.Chat, the first reliable and hallucination-free Generative AI solution for the legal sector.
Exploiting the legal requirements objectively translated into digital format and following the official hierarchy of regulations, Aptus.Chat is a “LegalGPT”: an intuitive conversational interface that allows legal professionals to use Gen AI safely in their field.
