EU AI Act

The EU AI Act is the world's first comprehensive AI law and it's reshaping how businesses globally handle AI. Think of it as the GDPR of AI—if you thought data protection was complex, AI regulation takes it to another level. But here's the thing: even if you're an Australian business with no European presence, this probably affects you if you're using AI tools built by global vendors.

The Act works on a risk-based system. Some AI uses are completely banned (like social scoring or manipulative AI). High-risk applications—such as AI in recruitment, credit decisions or critical infrastructure—face strict requirements around transparency, human oversight and technical documentation. General-purpose AI models (think ChatGPT) have their own set of obligations.

For you, this means three things: First, if you sell products or services into the EU, you need to understand these requirements now. Second, many of the AI tools you're already using will be changing how they operate to comply, which affects your risk profile. Third, this is setting the global standard—what Europe regulates today often becomes tomorrow's expectation everywhere else. The penalties are serious: up to €35 million or 7% of global turnover. Our advice? Start with a gap analysis of your current AI use against these requirements, even if you think you're not directly covered.