AI Act in a nutshell

This is a joint article written with Ethiqais, an OVHcloud Startup Program member providing a solution for intelligent auditing of AI system compliance.

AI Act regulation and actual implementation at a larger scale is only a few weeks ahead with its first real impact on businesses.

We wanted to recap the main information to have in mind with this short recap – as of April 2025.

𝗘𝗨 𝗔𝗜 𝗔𝗰𝘁: 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 𝗳𝗮𝗰𝘁𝗼𝗿 𝗼𝗿 𝗰𝗼𝗻𝘀𝘁𝗿𝗮𝗶𝗻𝘁 𝗳𝗼𝗿 𝘁𝗵𝗲 𝗔𝗜 𝗺𝗮𝗿𝗸𝗲𝘁 𝗶𝗻 𝗘𝘂𝗿𝗼𝗽𝗲?

The EU’s AI Act is a global regulation already implemented in Europe, with now the Ban on AI Systems with Unacceptable risks since February 2025.

The AI Act applies to providers and deployers of AI systems within the EU, aiming to ensure product safety and mitigate risks associated with AI use.

🔑 Core objectives:
• Creating a framework of trust for AI adoption
• Encouraging responsible innovation
• Protecting fundamental rights and user data

⏱️ Key timeline milestones:
• August 2024: Law enters into force
• February 2025: Ban on unacceptable risk AI systems
• May 2025: AI Office Codes of Practice ready
• August 2025: GPAI model regulations effective
• August 2026: Full application to all AI systems

The Act creates a two-level governance structure:
1️ National authorities supervising AI systems
2️ European Commission and AI Office regulating general-purpose AI models

While the legal complexity is significant, the goal is straightforward: making AI trustworthy while fostering innovation.

Businesses face several challenges in complying with the EU AI Act due to its complexity and stringent requirements.

𝗪𝗵𝗶𝗰𝗵 𝗹𝗲𝘃𝗲𝗹 𝗼𝗳 𝗿𝗶𝘀𝗸 𝗰𝗼𝗻𝗰𝗲𝗿𝗻𝘀 𝘆𝗼𝘂𝗿 𝗔𝗜 𝘀𝘆𝘀𝘁𝗲𝗺 ?

The EU AI Act introduces a four-tier risk classification system that is key to understand:

🔴 Unacceptable Risk (PROHIBITED): • Social scoring systems • Emotion recognition in workplaces/education • Biometric categorization systems that infer sensitive attributes • Scraping facial images from the internet • Manipulative or deceptive AI
🟠 High Risk: • Medical devices • Recruitment systems • Critical infrastructure • Education and vocational training • Law enforcement systems
🟡 Specific Transparency Risk: • Chatbots • Deepfakes • AI-generated content → Must clearly disclose they are AI-generated
🟢 Minimal Risk: • Anti-spam filters • AI in video games • Most business applications

The penalties are severe: up to 7% of global annual turnover or €35 million for violations related to prohibited practices.

Before deploying any AI system, you need to assure the use of the AI system and to assess its risk – this will determine your compliance exigence.

Talking about compliance is also talking about processes and governance.
OVHcloud and ETHIQAIS have been among the very first signatories of the AI Pact at the European Commission and can help you navigate in this new regulatory framework:

With OVHcloud:
🔹 European Trusted Cloud with Data Sovereignty at its heart
🔹 A wide rage of GPU & Compute capabilities with best-in-class sustainable infrastructure

With Ethiqais:
🔹 Automate documentation for AI systems
🔹 Elaborate AI global governance and real-time conformity assessment

Know Your Role & Responsibilities

Your obligations under the EU AI Act depend on your role in the AI value chain. The 2 main categories are:

👨‍💻 𝗦𝘂𝗽𝗽𝗹𝗶𝗲𝗿/𝗗𝗲𝘃𝗲𝗹𝗼𝗽𝗲𝗿:

• You develop AI systems and put them on the market

• Highest level of obligations, especially for high-risk systems

• Responsible for risk assessments, documentation, technical requirements

👩‍💼 𝗗𝗲𝗽𝗹𝗼𝘆𝗲𝗿/𝗨𝘀𝗲𝗿:

• You use AI systems in professional contexts

• Must follow instructions from suppliers

• Additional obligations if using high-risk systems

🤝 Other roles with specific obligations: • Agent: EU representative for non-EU suppliers • Importer: Brings AI systems into the EU market • Distributor: Makes AI systems available on the EU market

See the attached table for an overview of obligations status per role

And check “The AI Act Explorer” provided by the Future of Life Institute for all the related details.

Start preparing NOW by:

1 – Identifying all AI systems in your organization

2 – Determining your role for each system

3 – Classifying each system’s risk level

4 – Understanding your specific obligations

5 – Implementing compliance measures before deadlines

And now… Time to introduce more formally ETHIQAIS, a member of the OVHcloud Startup Program!

What tool for AiAct in France and Europe? ETHIQAIS – your platform for the global AI management, governance and compliance of artificial intelligence systems

Why do you need to define the governance of artificial intelligence systems within your company?

Like any technology, artificial intelligence needs to be challenged in the way it is implemented, in order to evolve in a way that is consistent with human needs. AI addresses issues linked to climate change, energy saving and production, education, health, transport, finance and many other sectors.

Adopting AI in an existing product, service or system, or in the ideation phase, requires defining a structure, a process, and identifying the resources and tools needed throughout the AI lifecycle.

Managing and monitoring the AI system has become essential in order to control risks and ensure that AI is aligned with current regulations.

All players involved in the AI lifecycle are required to participate in the development of its governance: managers, but also technical teams – AI developers, data scientists, product owners, product managers, CIOs, CDOs, quality managers, AI lawyers, compliance officers, etc. Governance doesn’t just refer to company policy, it’s the first step in operationalizing AI in company: defining the rules for adopting AI internally, standardizing and structuring documentation production to ensure transparency and collaborative decision-making, adopting AI management and monitoring tools to foster a faster ROI and to limit reputational, legal but also economic and technical risks.”

This approach requires the adoption of a global AI management solution. ETHIQAIS and OVHcloud are working together to offer companies concrete added value in the development of AI governance, from the ideation phase right through to market launch. As guarantors of security, compliance, robustness and technological sovereignty, ETHIQAIS and OVHcloud are joining forces to provide companies developing AI with the ETHIQAIS platform.

ETHIQAIS is an intelligent platform designed to help developers of AI systems and models, data scientists to create automated AI documentation, and managers to define AI governance while complying with regulations, notably the European AI Act.

ETHIQAIS automatically collects data to manage and document your organization’s AI systems. ETHIQAIS continuously monitors your systems in an automated way to ensure you remain compliant with the European AI Act Regulation. The traceability of your AI systems and the monitoring of your use cases is an essential element for compliance, but above all for steering your product roadmap and managing your organization.

In addition to ensuring the traceability of AI systems right from their production, ETHIQAIS develops functionalities for analyzing the requirements and controls set out in standards and regulations. ETHIQAIS is designed to detect irregularities that might escape the analysis of your teams, and to suggest improvements to reduce risks.

Do not take any risks, request a demo quickly to help you build your skills and master the development of your AI system.

– A demo: contact@ethiqais.com
– More about ETHIQAIS: ethiqais.com

ETHIQAIS and OVHcloud provide you with the essential tools to help you build trust and scale your AI products in a responsible, secure and compliant way.