EU AI Act compliance for enterprises

EU AI ActNow in force

Comply with the EU AI Act Without the Hassle

Modulos connects 10+ AI governance frameworks in a single platform, giving you complete visibility of your obligations and the controls you need to meet them.

Map AI risks to organisational and technical controls across 10+ frameworks.
Build an audit-ready evidence trail that holds up under scrutiny.
Demonstrate AI governance to your board, your auditors and your customers.

Based in the UK or US? The EU AI Act still applies if you offer AI-enabled products or services in the EU, or your AI's output is used there.

Running a business with 50 to 500 employees? EU AI Act compliance for smaller businesses

Request a Demo

Takes 30 seconds. We reply within 24 hours.

ISO/IEC 42001 Product Conformity · SOC 2 Type 2 compliant

EU AI Act compliance, without the hassle.Request a Demo

Request a Demo

Trusted by over 200 organizations

Timeline and Compliance Milestones

Key dates for EU AI Act compliance.

You are here

August 2024

The EU AI Act entered into force.

February 2025

Prohibitions on unacceptable-risk AI practices apply, along with AI literacy requirements.

August 2025

Obligations for general-purpose AI models and EU governance rules apply.

December 2027

High-risk AI obligations under Annex III (biometrics, critical infrastructure, law enforcement) apply. This is the next major deadline.

August 2028

High-risk AI obligations under Annex I (AI in regulated products requiring third-party conformity assessment) apply.

August 2024

The EU AI Act entered into force.

February 2025

Prohibitions on unacceptable-risk AI practices apply, along with AI literacy requirements.

August 2025

Obligations for general-purpose AI models and EU governance rules apply.

You are here

December 2027

High-risk AI obligations under Annex III (biometrics, critical infrastructure, law enforcement) apply. This is the next major deadline.

August 2028

High-risk AI obligations under Annex I (AI in regulated products requiring third-party conformity assessment) apply.

August 2024

The EU AI Act entered into force.

February 2025

Prohibitions on unacceptable-risk AI practices apply, along with AI literacy requirements.

August 2025

Obligations for general-purpose AI models and EU governance rules apply.

You are here

December 2027

High-risk AI obligations under Annex III (biometrics, critical infrastructure, law enforcement) apply. This is the next major deadline.

August 2028

High-risk AI obligations under Annex I (AI in regulated products requiring third-party conformity assessment) apply.

Deadlines reflect the Digital Omnibus on AI, provisionally agreed 7 May 2026, pending formal adoption.

EU AI Act: How Compliance Really Works

The EU AI Act introduces four independent gates, and obligations stack. A single AI system can trigger multiple gates simultaneously.

GATE 1 · Article 5

Prohibited Practices

Does this AI practice cross a red line?

Prohibited. Period.

GATE 2 · Annex III

High-Risk Systems

Is this AI deployed in a high-risk domain?

Full compliance regime required

GATE 3 · Article 50

Transparency

Does this AI interact with people, detect emotions, or generate synthetic media?

Disclosure and labeling required

GATE 4 · Chapter V

General-Purpose AI

Are you providing a foundation model or GPAI?

Model-level obligations apply

Obligations stack: A single system can trigger multiple gates

Real-World Examples

Credit Scoring Chatbot

High-risk (essential services) + Transparency (human interaction)

Customer Service Bot

Transparency only: disclose that it is AI

Medical Triage LLM

All three: high-risk + transparency + GPAI obligations

Why AI Act Compliance Is Complex

Most organizations underestimate the effort required for EU AI Act compliance.

Complex Regulation

The regulation spans over 450 pages with interconnected technical and legal requirements.

Manual Assessments

Manual control assessments require 2-4 hours per system.

Multiple Frameworks

Multiple frameworks (EU AI Act, ISO 42001, NIST AI RMF) triple the implementation effort.

Inadequate Risk Matrices

Qualitative risk matrices are insufficient for board and auditor scrutiny.

Lack of Visibility

Organizations lack centralized visibility across all AI systems.

Siloed Teams

Disconnected teams (data, legal, compliance, business) work independently.

Modulos

Your AI Governance Platform

Manage governance, risk management, and compliance from a single platform, with AI agents that optimize your work.

Governance

Manage AI governance like an operating system

Project dashboards, AI lifecycle monitoring, accountability workflows, and complete traceability. Manage your entire AI portfolio from a single panel.

Project and enterprise dashboards
AI lifecycle monitoring
Accountability and responsibility workflows
Complete audit traceability

Request a Demo

Penalties and Non-Compliance Risks

The EU AI Act provides a strict sanctions regime. The amount varies depending on the severity of the violation: from providing false information to implementing expressly prohibited AI practices.

For SMEs and startups, proportionate caps are provided that balance deterrent effect with business sustainability.

Penalty Details

Use of Prohibited AI Systems

Up to

35M

or 7% of revenue

Non-compliance with High-Risk Requirements

Up to

15M

or 3% of revenue

False or Incomplete Information to Authorities

Up to

7.5M

or 1.5% of revenue

Beyond financial penalties, reputational and operational impacts can be decisive: forced market withdrawal of systems, mandatory audits, operational disruptions, and significant loss of trust from customers, partners, and investors.

Even if you are based in the UK, US or elsewhere outside the EU, the EU AI Act can still apply. For example, it applies if you place an AI system on the EU market, act as a deployer established in the EU, or your AI system's output is used in the EU. Modulos helps organisations meet these obligations alongside their own evolving national AI rules.

Frequently Asked Questions

Almost certainly yes. The EU AI Act applies to any organisation that uses AI systems, not just those that build them. If your business uses AI-powered tools for hiring, customer service, credit decisions, fraud detection, content moderation or any operational process, you are likely in scope. The Act classifies AI systems by risk level, and many tools that organisations use every day, including HR software, CRM platforms and automated decision systems, fall into categories that carry compliance obligations. And if you place AI systems on the EU market, sell to EU customers, or your AI system's output is used in the EU, the Act applies regardless of where your organisation is headquartered.

Customer Reviews

What Our Customers Say

“At Adigital, we use Modulos as an evidence management system for our AI transparency and explainability certification – the first of its kind in Europe.”

Justo Hidalgo

Chief AI Officer

Adigital

“The Modulos AI governance platform streamlined our process. Without it, we would have needed twice as much time to manually create control lists from ISO 42001 annexes.”

Leif-Nissen Lundbaek

CEO & Co-Founder

Xayn

“Modulos is an essential platform for anyone who wants to make their sophisticated AI systems compliant. The platform's ability to bring together various stakeholders...”

Mason Hiroto

Head of Consulting, Digital Transformation

SCSK

“Are you planning to develop an AI-based application for diagnosis or therapy and looking for valid guidance in the dynamic EU AI regulatory jungle?”

Dr. Ursula Kramer

CEO

sanawork Gesundheitskommunikation

“Modulos is crucial to UniverseTBD's mission, integrating essential AI governance principles like ethics, transparency, and fairness into our AI exploration.”

Dr. Ioana Ciuca

Universe TBD / ANU

Universe TBD

Prepare Your Organization for the AI Act

Request a personalized demo and discover how Modulos can turn your EU AI Act compliance into a competitive advantage.

Request a Demo