🚨 Does the EU AI Act Affect My Business?

What UK, EU, and Global Companies Need to Know

Artificial Intelligence compliance is about to become critical — and one of the biggest misconceptions out there is that the EU AI Act only affects companies based in the EU.

That’s simply not true. The Act has a broad, extraterritorial reach, similar to GDPR — meaning it can apply to businesses anywhere in the world.

Here’s what every organisation should know right now:

Who Does the EU AI Act Affect?

 

EU-based companies:

  • If your organisation is established in the EU, you’re directly covered by the Act for any AI systems you place on the EU market or use within the EU.

UK companies:

  • The EU AI Act applies to you if you sell, deploy, or offer AI systems in the EU.
  • Many UK businesses provide digital services or AI tools to EU customers — and that’s enough to bring your operations under the Act.
  • If you only operate within the UK and do not target or serve EU customers or users, the Act does not apply — but beware accidental exposure, for example, websites or SaaS platforms accessible to EU residents.

Global companies (outside the UK/EU):

  • The EU AI Act applies if you:
    • Place AI systems on the EU market (sell, license, or deploy them in the EU), or
    • Use AI systems in the context of EU activities (e.g., a US-based company screening EU job applicants with an AI hiring tool).
  • This extraterritorial scope mirrors GDPR — and it means businesses worldwide need to pay attention if they serve EU customers.

🚨 Why This Matters

  • The EU AI Act sets the first legally binding global standard for AI systems, including general-purpose AI such as chatbots and image generators.
  • Fines can reach up to €35 million or 7% of global annual turnover, whichever is higher — exceeding even GDPR’s maximum penalties.
  • August 2025 is a key milestone: new obligations for general-purpose AI systems come into force, affecting thousands of businesses worldwide.

🔥 Are You at Risk?

If your business uses AI in any of the following scenarios, you should assess your exposure today:

  • Your website or SaaS platform has EU-based users.
  • You sell AI-enabled products or services in the EU market.
  • You process data from EU residents using AI tools.
  • You operate in a high-risk AI area such as healthcare, recruitment, education, or financial services, and plan to expand into the EU.

Don’t Overlook US AI Regulation

While the EU AI Act is the world’s first comprehensive AI law, the United States is catching up. Businesses operating in or selling to the US should prepare for:

  • Increased scrutiny from the Federal Trade Commission (FTC) on deceptive or biased AI.
  • President Biden’s 2023 AI Executive Order prioritising safety, transparency, and responsible innovation.
  • The NIST AI Risk Management Framework as the de facto best practice for AI governance in the US.
  • State-level initiatives, such as California’s AB 331, which could soon impose strict obligations on developers of advanced AI systems — even before a federal AI law is enacted.

Bottom line: AI compliance isn’t just a European issue — it’s a global one. Organisations should proactively stay ahead of both EU and US developments.

🛡️ How to Prepare

Identify where your AI systems interact with EU customers or data.
Draft or update your internal AI policy to cover EU AI Act obligations.
Align your AI governance with ISO 42001 to prove responsible AI practices.
Train your teams on the new rules and risks — don’t assume they know what’s allowed.
Monitor further guidance from regulators — both the European Commission and US agencies will issue clarifications ahead of enforcement deadlines.

How DSB Tech Can Help

At DSB Tech, we help businesses worldwide navigate AI compliance:

  • Assessing whether your organisation falls under the EU AI Act or US emerging regulations.
  • Drafting practical AI policies tailored to your operations.
  • Preparing your AI management system in line with ISO 42001.
  • Training staff on safe, ethical, and compliant AI use.

Not sure if your business is affected? Let’s talk today.

 

#AI #EUAIAct #ISO42001 #AICompliance #DSBTech #AIPolicy #DataProtection