AI Compliance management systems can be difficult to build and support, especially with the evolving landscape of AI regulations. In this episode of Star’s limited podcast series, Antonina Burlachenko, Head of Regulatory Consulting, and Andrii Gorbenko, Head of HealthTech Marketing, navigate through the EU AI Act to dissect its implications and explore strategies for compliance.
Tune in for Antonina’s guide on defining your approach with the new EU AI Act:
- EU AI Act categories and timeline
- Risk level criteria and documentation
- The impact on companies inside and outside the EU
- ISO 42001 management system
Subscribe on Apple Podcast | Subscribe on Spotify
EU AI Act: Key takeaways for businesses
Management systems help you to be in control of what is happening. And when you are in control, it obviously benefits the end result.
Antonina Burlachenko
Head of Quality and Regulatory Consulting, HealthTech
In this podcast, Antonina elaborates on the framework outlined in the EU AI Act, which categorizes AI systems into three distinct groups: prohibited, high-risk, and non-high-risk.
- Prohibited systems, such as those associated with social scoring and manipulation, pose unacceptable risks and are strictly forbidden.
- High-risk systems, having significant impacts on individuals and society, necessitate thorough conformity assessments and CE markings prior to entering the market.
- Non-high-risk systems face fewer restrictions but are required to disclose their AI nature to users.
For businesses, understanding the nuances of these categories is key for strategic planning of ethical AI development. High-risk AI systems demand comprehensive technical documentation and adherence to quality management systems, akin to standards found in healthtech, to meet regulatory prerequisites. Non-compliance carries hefty penalties, reaching up to 30 million euros or 6% of global turnover for prohibited systems, and up to 20 million euros or 4% for high-risk systems failing to meet data governance standards. Startups and smaller enterprises are advised to adopt an AI management system compliant with ISO 42001. Beginning with the highest-risk product or department and gradually expanding allows for the development of robust compliance frameworks without overwhelming resources.
The ramifications of the EU AI Act extend globally, companies beyond the EU seeking access to its market must also comply. Proactively adhering to these regulations can grant a strategic advantage, especially considering the likelihood of other regions adopting similar measures. By documenting processes and upholding transparency, businesses not only meet regulatory standards but also cultivate trust among users. Start early, focus on high-risk areas and seek expert guidance. With key provisions coming into force over the next two years, businesses have this window to align their practices.
Looking for guidance on regulatory requirements?
At Star, we recognize that many businesses will have to manage products and services with AI components at some point. Our experts work beside you to ensure your business meets industry standards with best practices of AI management. Explore our AI regulatory expertise, and contact us to discuss how we can help to bring your ideas to market.
RESOURCES: EU AI Act, EU AI Act Chapter II
