The EU AI Act applies to high-risk systems from 2 August 2026. An agreement (Digital Omnibus, 7 May 2026) defers high risk to 2 December 2027. Maximum fine: €35M or 7% of global turnover. What changes sector by sector.
State social scoring, subliminal manipulation, targeting vulnerabilities, real-time biometrics in public spaces.
AI in employment (CV screening, monitoring), health (diagnosis, surgery), critical infrastructure, education, justice, migration. Requires: technical documentation, registry, human oversight, robustness testing.
Chatbots, deepfakes, generative systems: obligation to disclose AI-generated content.
Spam filters, e-commerce recommendations, automatic translation: no specific obligations.
AI medical devices (imaging, diagnosis): high risk. CE marking with AI module mandatory. MDR + AI Act = dual compliance.
Deadline: Aug 2028Automatic CV sorting, candidate scoring, employee monitoring: high risk. Human oversight and bias audit mandatory.
Deadline: Dec 2027AI credit scoring: high risk. Model documentation, right of explanation for refused customers.
Deadline: Dec 2027AI assessment systems: high risk. Data access, appeal mechanism, algorithm transparency.
Deadline: Dec 2027Systems with unacceptable risk must be withdrawn. Social scoring and behavioural manipulation banned in the EU.
All high-risk AI systems must comply. Technical documentation, testing, human oversight mandatory.
Provisional agreement of 7 May 2026: the high-risk deadline (Annex III, e.g. HR, credit, education) moves to 2 December 2027, and systems embedded in regulated products (Annex I, e.g. medical devices) to 2 August 2028. Formal adoption expected before 2 August 2026.
Molderez Consult SRL assesses your EU AI Act and GDPR compliance and guides you through the process.
Request my compliance audit