

The EU AI Act entered into force on 1 August 2024 and is being applied in stages. According to the European Commission, it becomes fully applicable on 2 August 2026, with some exceptions applying earlier. The majority of rules, including those for high-risk AI systems in certain areas and transparency obligations, apply from 2 August 2026.
No. The Act follows a risk-based approach. Some AI practices are prohibited because they are considered unacceptable, other systems are classified as high-risk and carry stricter obligations, some tools are subject mainly to transparency requirements, and many lower-risk uses face limited obligations. The level of risk depends on the use case.
Create a simple inventory of AI tools and AI-related processes. Management should know which tools are being used, who is using them, what data is being processed, what decisions the tools support, and whether humans remain involved in final decision-making. Without this basic visibility, it is difficult to manage AI risk properly.
No. The EU AI Act should be viewed alongside other regulations. Even if a specific AI use is not classified as high-risk under the Act, the business may still have obligations under GDPR, confidentiality rules, employment law, consumer protection rules, or sector-specific regulations. AI adoption should be treated as part of the wider compliance framework.
Accounting, tax, audit and corporate services from a licensed Malta audit firm — delivered through one secure portal.