Zum Inhalt springen

EU AI Act: Basics of the AI Regulation for companies

3 min.

With the EU AI Act, the European Union is creating a comprehensive legal framework for the use of artificial intelligence for the first time.

This raises a key question for companies: What specific requirements apply - and how can the use of AI be made legally compliant?

What is the EU AI Act?

The EU AI Act is a European regulation that standardises the use of AI systems within the EU.

The aim of the regulation is to:

  • Minimising risks through AI
  • Strengthen trust in AI applications
  • Promote innovation and competition

The approach is deliberate Technology-neutral and risk-based designed.

The risk-based approach of the AI Regulation

The core of the EU AI Act is the categorisation of AI systems into different risk categories:

Inadmissible AI systems

Certain applications are completely prohibited, especially if they violate fundamental rights.

High-risk AI

Strict requirements apply to high-risk systems, for example in sensitive areas such as personnel decisions or security-relevant applications.

Low risk

Many AI applications are subject to less stringent requirements, in particular transparency obligations.

This categorisation is crucial for companies, as it determines the specific obligations.

What obligations do companies have?

The requirements depend largely on the risk classification. Typical obligations are

  • Documentation and traceability of AI systems
  • Risk assessment before and during use
  • Transparency towards users and stakeholders
  • if applicable. Internal control and compliance processes

Companies therefore need to clarify this first, which AI systems they use at all and how these are to be legally categorised.

Legal risks in the use of AI

The use of AI harbours considerable legal risks as well as opportunities:

  • Fines for violations of the regulation
  • Restrictions or bans on certain applications
  • Liability risks in the event of incorrect decisions by AI systems
  • Reputational risks with non-transparent use

It is particularly critical that risks are often not immediately visible, but only become apparent during operation.

Practical implementation: What companies should do now

A structured approach to AI is becoming increasingly crucial. Here's what companies should do now:

Inventory

Which AI tools are used in the company (e.g. HR, marketing, processes)?

Risk categorisation

Which systems fall into which category?

Development of processes

How are deployment, monitoring and documentation organised?

An early and systematic approach helps to avoid later adjustments.

Conclusion

The EU AI Act will permanently change the use of artificial intelligence in companies. Those who deal with the requirements at an early stage can not only reduce legal risks, but also utilise the opportunities offered by AI in a targeted manner.

If you have any questions on this or other topics, please contact us - we will be happy to advise you.

To the contact form

Logo Spectre Legal - Lawyers

Law firm

Spectre Legal
Partnership of attorneys at law mbB

Karlsplatz 3
80335 Munich

Routing with GoogleMaps

Contact us

+49 (0) 89 25557302

Contact | Appointment

Connect

Spectre Legal on Linkedin

 |  DATA PROTECTION  |  IMPRINT
© 2026 SPECTRE LEGAL