EU AI Act: Is Enterprise Architecture Key To Compliance?

Posted by Neil Sheppard on August 31, 2023

SBOMs Global Interest Swelling In Security By Design - The EU Cyber Resilience Act

The EU AI Act is the first legislation on artificial intelligence to be proposed, but other governments are sure to follow Europe's lead. Find out what you need to do to stay compliant with approaching worldwide AI regulation.

The EU AI Act is gaining momentum in the European Parliament. This first-of-its-kind sweeping regulation will categorize and control the use of artificial intelligence (AI) tools in order to protect the rights of EU citizens.

While the European Union (EU) is the first authority to push forward with this kind of regulation, the topic is being discussed by legislatures around the globe. The EU AI Act is, therefore, likely to serve as a benchmark for what we can expect other governments to adopt.

Using the EU AI Act as guidance when acquiring and leveraging AI tools will avoid compliance issues when regulation becomes standard over the next five years. Organizations that take action now will find themselves at a competitive advantage down the road.

Let's look at what restrictions the EU AI Act will impose and how you can best comply with them.

What Is The EU AI Act?

Artificial intelligence (AI) may have hit the headlines in the last 12 months, but the EU AI Act has been in development for far longer. The European Parliament first adopted three reports on AI regulation in October 2020.

In January 2021, the EU proposed guidelines for AI regulation, and in May, 2022, a roadmap was put forward for legislation. Finally, on June 14, 2023, the Parliament adopted its negotiating position on a final AI Act.

The Act is likely to pass much as it was proposed. It includes a detailed categorization of different levels of AI risk, appropriate controls for software at each level of risk, and a set of general rules for AI governance.

AI systems at all levels will be required to offer customers basic transparency. This means ensuring content created by generative AI is clearly marked as such to consumers.

In addition, the regulations require that organizations take measures to ensure AI tools cannot be used to generate illegal content. Finally, all AI developers will need to publish summary information on any copyrighted data used for AI training.

High-risk And Banned AI

A range of AI systems will be classified as "high risk" under the EU AI Act. Organizations will have to register these systems with an EU database, receive approval before releasing them into the market, and make them available for regular audits. These systems include AI systems involved in:

  • EU product safety legislation
  • Biometric identification
  • Management and operation of critical infrastructure
  • Education and vocational training
  • Employment, worker management, and access to self-employment
  • Access to and enjoyment of essential private and public services and benefits
  • Law enforcement
  • Migration, asylum, and border control management
  • Assistance in legal interpretation and application of the law

Lastly, AI software will be outright banned if it is in any way designed for:

  • cognitive behavioral manipulation, such as toys designed to encourage negative behavior in children
  • social scoring that classifies people based upon their personal characteristics
  • biometric identification, such as facial recognition

When Will The EU AI Act Come Into Force?

The EU AI Act has been in development for many years and has progressed apace. This latest step makes it increasingly likely that the Act will pass before the end of the year.

Still, it will take around two years for the Act to be implemented. This means regulation won't come into place until 2025 at the very earliest; more likely, 2026.

Of course, organizations around the world face mounting pressure to make decisions about AI right now. That being said, making hasty, uninformed decisions never works out well. Avoiding problems in the future calls for taking the regulatory landscape of tomorrow into account when making AI decisions today. 

So, how can you stay on the right side of AI regulation?

Complying With Regulations Like The EU AI Act

The EU AI Act is designed to regulate the misuse of artificial intelligence (AI). As such, staying compliant won't be difficult for legitimate organizations.

Few businesses will aim to manipulate children, racially profile customers, invade their privacy, or create illegal content. Avoiding tools that do so should be current standard practice anyway.

On the other hand, customers will increasingly appreciate and even demand transparency when it comes to how organizations use AI. Since AI will inevitably play a role in every organization's operations, everyone must prepare to report on it.

Organizations working in the "high-risk" industries listed above will face the most intense regulatory scrutiny. As a result, complying with these regulations will be essential to their operating model. The burden will be placed upon these businesses to provide full documentation to regulators for assessment before product release and regularly going forward.

To facilitate the preparation of regulatory documentation, you need a tool that can pull together the information you need about how your AI systems fit into your application portfolio and IT landscape. You need LeanIX EAM.

How LeanIX Supports AI Compliance

The EU AI Act will require regulatory assessment of high-risk artificial intelligence (AI) tools and this means other governments are likely to legislate for similar inspection. That means you need a tool to help you prepare documentation for regulators.

The LeanIX EAM is the perfect tool to assist your enterprise architects in detecting, documenting, and reporting on the AI systems in use within your IT landscape. The information logged in EAM will make preparing regulatory AI reports simple.

We can confirm this due to our first-hand experience with AI implementation. The LeanIX AI Assistant can even support you with preparing your AI regulatory reports.

LeanIX Has First-Hand Experience With AI

LeanIX-Ai-Assistant

The EU AI Act will also govern the LeanIX EAM, due to the advanced AI Assistant we're developing within the platform. Our customers already have access to the beta version of our artificial intelligence (AI) tool, and it's currently supporting them with:

  • the automation of documentation tasks
  • accelerated report creation
  • researching successor technologies
  • simplifying access to EA tools for business users
  • and much more

To learn about our AI Assistant, see our previous article:

READ: Secure AI? We're Offering It For Enterprise Architecture

Discover LeanIX EAM

EAM DE10

The EU AI Act is the forerunner for coming worldwide legislation on artificial intelligence (AI). To comply with these regulations, you'll need a solution that can efficiently support your documentation needs.

That's why you need LeanIX EAM. To find out more, book a demo today:

Get Started

Subscribe to the LeanIX Blog and never miss a post again!

Related Posts