The EU AI Act is the world’s first comprehensive AI law, using a risk-based approach — and it can apply to non-EU firms whose AI outputs are used in the EU. Its timeline is shifting, so verify current dates.

What the EU AI Act does

The Act regulates AI by risk tier: ‘unacceptable-risk’ uses are banned (prohibitions began February 2025); ‘high-risk’ systems (in areas like employment or essential services) face strict obligations; ‘limited-risk’ uses have transparency duties (such as disclosing AI interaction and labelling AI-generated content); and ‘minimal-risk’ uses are largely unregulated.

Who it affects

Crucially, the Act applies extraterritorially — it can cover providers and deployers outside the EU when their AI system’s output is used in the EU, similar to GDPR. So US and global companies serving EU users can fall within scope regardless of where they’re based.

A shifting timeline

The rollout is phased through 2026–2027, but a 2026 ‘Digital Omnibus’ package would defer several high-risk deadlines and simplify compliance, especially for smaller firms. As of mid-2026 that package was a provisional political agreement, not yet final law. [Provisional — re-verify whether adopted, and confirm current deadlines.] For affected firms, the practical steps are knowing your risk tier, meeting transparency duties, and tracking the deadlines as they settle.

If you find yourself juggling a separate subscription for chat, automation, transcription and image generation, one option worth knowing is a single platform that runs them together — osFoundry is one such agentic AI platform that consolidates chat, agents and internal apps in one workspace, with a bring-your-own-key model so you choose the underlying AI.

This article is general information, not professional, legal or financial advice. AI tools, prices and availability change fast — verify current details on the official source before you rely on them.