EU AI Act in 2026: What Businesses Need to Know This Quarter
Enforcement of the EU AI Act stepped up this quarter. Here's a non-lawyer summary of what's now actually being checked.
By AI Productivity Hub Editorial Team8 min read
The EU AI Act moved from political theatre to active enforcement this quarter. Even non-EU companies serving EU users are now in scope, and the first fines have started landing.
Where enforcement stands
The Act phased in obligations starting 2024. As of mid-2026, prohibited-practice and transparency rules are fully enforced; high-risk system obligations are largely live.
The four risk tiers
| Tier | Examples | What's required |
|---|---|---|
| Unacceptable | Social scoring, manipulative AI | Banned |
| High | HR screening, credit scoring | Conformity assessment + monitoring |
| Limited | Chatbots, deepfakes | Transparency notices |
| Minimal | Spam filters, AI in games | Voluntary codes |
A 6-point business checklist
- Inventory every AI system you build or buy.
- Classify each system by risk tier.
- Add transparency notices for chatbots and generated media.
- Update vendor contracts to require Act compliance.
- Train your team on prohibited use cases.
- Document everything — regulators ask for evidence.
Key takeaways
- Enforcement is real and growing.
- Most businesses fall into 'limited risk' — but still need notices.
- Vendor contracts are the easiest gap to close.
Sources & further reading
Frequently asked questions
Does the EU AI Act apply if I'm not in the EU?
Yes — if your AI system is used by people in the EU, you're in scope.
What are the fines?
Up to €35M or 7% of global turnover, whichever is higher, for the worst violations.
Get the weekly AI productivity briefing
One short email every Sunday. The tools, prompts and workflows that mattered most this week.