The AI Act: What Every Software Vendor Needs to Know
The European AI regulation is now in force. It imposes unprecedented obligations on software vendors integrating AI into their products. Here is what you need to know to anticipate, comply and turn this constraint into a competitive advantage.
Introduction
What Is the AI Act?
The AI Act (European AI Regulation) is the world's first comprehensive AI regulation. Adopted in 2024, it takes effect progressively between 2025 and 2027.
Its founding principle: regulate AI by risk level, not by technology. The more risk an AI system poses to fundamental rights, the stricter the obligations.
For software vendors, this means every AI feature must be assessed, classified and documented according to its risk level. Ignorance will not be an excuse.
Regulatory Framework
Risk Classification
Prohibited
Unacceptable Risk
- Subliminal manipulation
- Social scoring
- Real-time biometric surveillance
Strict Obligations
High Risk
- Employment and recruitment
- Education and training
- Credit access
- Healthcare
Transparency Required
Limited Risk
- Chatbots
- Deepfakes
- Inform user it is AI
No Specific Obligations
Minimal Risk
- Spam filters
- Video games
- Content recommendations
Sector Impact
Which Software Is Affected?
High Risk
ATS / HRIS
Recruitment, employment access. Candidate scoring, CV matching, automated pre-screening.
High Risk (certain modules)
ERP
When used for HR management, payroll, financing. Affected modules fall under the high-risk category.
High Risk
EdTech / LMS
Training admission, automated grading. Decisions impacting access to education.
High Risk
FinTech / Insurance
Credit scoring, risk assessment, fraud detection. Access to essential financial services.
High Risk
HealthTech
Diagnostic support, medical classification. AI medical devices subject to enhanced requirements.
Limited Risk
CRM / MarTech
Recommendation, personalization. Transparency required: inform users of AI usage.
Requirements
Obligations for High-Risk Systems
Explainability
Every AI recommendation must be justifiable. The user must understand why AI made that choice.
Human Oversight
A human must be able to supervise, correct and disable the AI system at any time.
Complete Traceability
Every AI decision must be logged: inputs, outputs, model used, version, timestamp.
Bias Detection and Reduction
Regular testing, audited training data, mechanisms to correct identified biases.
Conformity Assessment
Complete technical documentation, robustness testing, audit before market launch.
Transparency
Inform users they are interacting with an AI system and how their data is processed.
Timeline
Application Timeline
February 2025
Ban on unacceptable risk systems
August 2025
Obligations for general-purpose AI models (GPAI)
August 2026
Full obligations for high-risk systems
August 2027
Full enforcement, penalties apply
"Ethics is not an optional module: it is the structural framework of the product."
Compliance by design costs less than retroactive compliance. Vendors who integrate AI Act requirements from inception avoid compliance debt and turn regulation into a competitive advantage.
Our Approach
How Rakam Helps
SafeBox
Proprietary bias removal and anonymization technology. Natively integrated into all Rakam systems to ensure fairness of AI decisions.
Compliant-by-Design
Compliant architecture from inception. No retrofit, no compliance debt. AI Act requirements are integrated at the product's core.
Sovereignty
Containerized systems deployable on-premise or sovereign cloud. Your data never leaves your servers.
Traceability
Complete logging, decision explainability, audit trail for every AI action. Every recommendation is justifiable and verifiable.
Go Further
The AI Act by Sector
Sources
Regulation text: artificialintelligenceact.eu
European Commission: digital-strategy.ec.europa.eu
Jean de Bodinat, Polytechnique Insights — "Responsible AI is not optional"
Prepare Your AI Act Compliance
Free audit of your AI systems: risk classification, gap analysis and compliance roadmap.
Book a CallAnticipate Regulation, Not Penalties
Leave us your details, we will get back to you within 24 hours.