EU AI Act Compliance Deadline Hits: What Small Businesses Need to Know

What Happened

The EU AI Act has reached another significant compliance milestone this month. Businesses operating in the EU that use AI systems classified as high-risk, or that deploy general-purpose AI tools in customer-facing roles, are now expected to meet transparency, documentation, and human oversight requirements.

Who Does This Affect?

This is not just for large tech companies. Any business based in the EU, or selling to EU customers, that uses AI tools in areas like recruitment, credit decisions, customer service automation, or content recommendation may need to take action.

High-risk categories include AI used in hiring processes, loan or insurance decisions, and anything touching critical infrastructure. Even lower-risk AI deployments now require basic transparency notices so users know when they are interacting with an AI system.

What the Rules Require

At a practical level, businesses may need to:

• Display clear notices when customers interact with AI chatbots or automated decision tools
• Keep basic records of what AI systems are being used and why
• Ensure a human can review or override AI decisions in sensitive areas
• Have a process for handling complaints about AI-driven outcomes

Why This Matters Beyond the EU

Even UK businesses trading with Europe need to be aware of these rules. The EU AI Act has extraterritorial reach similar to GDPR, meaning it applies based on where your customers are, not just where you are registered.

What to Do Now

Do a quick audit of every AI tool your business uses and how it touches customers or employees. If you use AI for any kind of decision-making, get legal or compliance advice. The fines for serious breaches can reach 3 percent of global annual turnover.