The EU AI Act: Your Guide To Ethical Innovation

7 minute read | 21 Feb 2024

By Ann Maya

Like a lighthouse guiding the way through turbulent waters, the EU’s AI Act is intended to illuminate the path towards responsible artificial intelligence (AI) practices within the European Union (EU). This landmark legislation, once implemented, will become the world’s first comprehensive legal framework for regulating AI systems based on their risks and applications.

As the EU AI Act takes effect soon, how can businesses navigate this evolving legislation landscape whilst simultaneously innovating and thriving? This blog identifies key trends in AI adoption across EMEA, explores the current state of the EU’s AI legislation, and offers future-facing guidance for organizations operating in the EU AI sector.

The EU: Advancing AI Innovation

With countries such as the UK, Germany, and France leading the charge, the EMEA region is already fertile ground for AI. By 2025, its AI market is projected to reach a staggering €40.8 billion, driven by trends like:

  • Enterprise AI: Businesses use AI to automate tasks, streamline processes, and gain a competitive edge.
  • AI in Healthcare: Personalized medicine services, high-tech diagnostics, and novel treatments are capitalizing on AI’s transformative power.
  • Public Sector Adoption: Governments leverage AI to combat fraud, optimize service delivery, and deliver data-driven policy decisions.

This rapid proliferation of AI-enabled apps and systems for personal and professional use raises concerns about its impact on citizen rights and freedom. According to IDC’s EMEA Emerging Tech Survey, 72% of EMEA organizations are either using or planning to use AI in the next two years. As businesses surge ahead on uncharted AI waters, reimagining its impact on organizational productivity, value creation, innovation, and compliance measures must not be overlooked.

Risk-Based Approach: Redefine AI Ethics and Compliance

The EU AI Act offers a nuanced, risk-based approach, categorizing AI systems based on their potential for impact viz. unacceptable risk, high risk, limited risk, and minimal or no risk.

  • Unacceptable risks include systems involved in social scoring to evaluate citizen compliance and some uses of biometric categorization.
  • High-risk applications like facial recognition require stringent transparency, testing, and documentation requirements.
  • Limited-risk AI such as chatbots and some computer vision tools must adhere to basic transparency guidelines.
  • Minimal-risk systems like AI-enabled video games and spam filters face no regulation. However, these systems must abide by a voluntary code of conduct for creating safe and unbiased AI models.

The enforcement of the AI Act will be initiated by national market surveillance authorities across the EU’s 27 member states. It will apply to any business using AI models that impact EU citizens, i.e. it doesn’t have to be a model operating solely in the EU. Non-compliance with the Act involving violations such as banned AI applications can result in fines of up to 7% of a company’s global annual turnover.

AI Strategies in MEA

It’s also important to note the broader implications of regional AI regulations, particularly across the rest of the region often lumped together as “EMEA.” In the Middle East and Africa, we’re starting to see more country-by-country regulations put in place. Countries on the African subcontinent, specifically Egypt, Rwanda and Mauritius have published comprehensive AI strategies. The African Union (AU), which comprises 54 member states, has developed a Continental Strategy on AI to support the AI technology initiatives in this region.

As the EU AI Act comes into force, it will propel AI companies in Africa to lobby African governments and the AU to align their AI laws with it, to simplify compliance with both African and European markets.

Navigate the AI Act With Practical AI

While the EU’s AI Act presents challenges, it also unlocks opportunities. Deloitte states that proper governance can open up new revenue sources and productivity gains by 2025, as AI enhances areas such as drug discovery, smart infrastructure management, and personalized service experiences.

And Gartner experts “see generative AI becoming a general-purpose technology with an impact similar to that of the steam engine, electricity and the internet. The hype will subside as the reality of implementation sets in, but the impact of generative AI will grow as people and enterprises discover more innovative applications for the technology in daily work and life.”

However, compliance costs also rise, with European companies facing between 15-30% added expenditure to satisfy rules, depending on their risk level and use cases. Let’s look at how businesses can streamline their routes to compliance with the EU AI Act:

  1. Assess Risks: Businesses must analyze their AI systems and categorize them in line with the AI Act’s risk-based framework. Enza Iannopollo, Forrester’s research analyst, states that organizations must create an inventory of their AI systems, and design processes to build and execute an approach for classifying AI systems and assessing use case risks. In this complex regulatory landscape, we at Boomi believe that practical AI, a pragmatic approach to help businesses pursue AI, is the best way to get started.
  2. Streamline Compliance Planning: For high-risk systems, businesses must develop a roadmap that adheres to the Act’s transparency, explainability, and oversight requirements. Boomi’s intelligent integration and automation platform reduces the burden on businesses navigating the AI Act’s requirements by automating and streamlining data governance and compliance tasks.
  3. Focus on Explainability: Businesses must build trust and demonstrate compliance by ensuring that AI systems are clear and understandable. Boomi can help foster credibility and conformity by integrating data lineage and provenance tools as part of its practical AI approach.

As the AI Act evolves, organizations must create resilient systems and processes to keep abreast of the latest developments around this transformative technology. They must also adopt methodologies for introducing change to take advantage of compliance and regulatory rulings.

As AI systems start to operate in real time, the disconnect between insight and action can be bridged with integration and automation, which simplifies classification and assessment of AI systems based on their risk. By focusing on robust and secure data ecosystems, you can transform systems of analysis into systems of intelligence that are smarter and faster than contemporary analytics tools — and do it in a practical, responsible way.

Our guide to AI-readiness provides a practical framework all organizations can follow. Download “AI and the End of Business as Usual” to find out how to navigate the challenges and harness the potential of AI.