Financial Compliance Guidelines

🇪🇺(22 May) White & Case LLP The EU AI Act Handbook 📘The EU AI Act is a complex new law that is, in places, hard to understand. Compliance burdens for in-scope businesses are extensive, and penalties for non-compliance are significant—up to a maximum of €35 million or 7 % of global annual turnover, figures that are 75 percent higher than the penalties in the GDPR. Because the stakes are so high, businesses need practical guidance more than ever. With a complex enforcement timeline and new guidance emerging regularly, businesses need to keep abreast of a rapidly changing regulatory environment. 📖 The Handbook emphasizes practical compliance over legal theory, offering actionable guidance and insights wherever possible. It attempts to demystify the often-complex world of AI regulation. https://lnkd.in/ddw7vEUN

🛠️ New whitepaper out: A Practitioner’s Guide for Operationalizing the EU AI Act in the Enterprise To support the entire AI community in transitioning from theory to practice, appliedAI Initiative GmbH and its partners have decided to publish this practitioner-driven whitepaper with their best practices and lessons learned on implementing the EU AI Act's high-risk requirements. Many enterprises face similar challenges: ⚠️ A lack of actionable guidelines and AI Act-first governance frameworks ⚠️ Ongoing standards development ⚠️ Lack of information on how to organize governance structures ⚠️ Uncertainty about which roles (ML Skill Profiles) are necessary In this practitioner-driven guide, you'll find: ✅ How to identify your obligations under the AI Act ✅ The most common operational challenges ✅ A layered, modular approach to setting up AI governance ✅ Best practices to implement each high-risk requirement ✅ How to define ML Skill Profiles under the AI Act No matter where you are in your journey towards compliance, we expect that this practitioner's guide becomes a helpful companion. #AIAct #AIGovernance #MLOps #TrustworthyAI Akhil Deo Manuel Jiménez Mérida Anish Pathak Simone Oldekop Dirk Wacker Dr. Steffen Marc Herterich Geoffroy P. Cecilia Carbonelli Christiane Miethge Ruth Eljalill Tauschinsky Heinrich Dold Alexandra Wander Simone Heitzer Asad Preuss-Dodhy Sona Jose Araceli Alcalá Philippe Coution Sebastian Hallensleben Arash Heidarian Hendrik Scherner Marika Horne Doris Fonseca Lima Susanne Klausing Ronnit Wilmersdörffer Dr. Pawan Goyal Julia Katharina Pfeiffer Dr. Philipp Hartmann Dr. Andreas Liebl Verena Andrea Jaschinski Cornelia Schaurecker Dr. Fabian Schäfer

Stop guessing how to comply with the EU AI Act. 🇪🇺 Start using the most practical, detailed, and free guide on conformity assessments I’ve seen yet. 📘 The Step-by-Step Guide to Conformity Assessments (April 2025) walks you through the actual requirements under the final version of the AI Act — not abstract summaries, not legalese-heavy bullet points — just clear, structured, operational steps. This isn’t just a PDF. It’s a compliance playbook for high-risk AI systems. And yes, it’s free. What’s inside? ✅ A visual decision tree to assess if conformity assessments (CA) apply to you ✅ Roles and responsibilities (who must do what — provider, deployer, importer?) ✅ When and how to perform internal vs third-party assessments ✅ Clear mapping of all seven requirements in Chapter III, Section 2 (RMS, datasets, docs, logs, transparency, oversight, security) ✅ Detailed guidance on the post-market obligations, including monitoring and corrective actions ✅ Explanation of how standards, sandboxes, and derogations affect your CA strategy ✅ Fully updated to the final AI Act text (June 2024 corrigendum) 🛠️ Why it matters? Because conformity assessments are the backbone of high-risk AI governance. And unless you want to be chasing interpretations in 2026, this is the resource to start from. 🙌 Huge thanks to the authors Andreea Serban, Vasileios R., and Katerina Demetzou, and to the editors and contributors from Future of Privacy Forum and OneTrust. Your work is not only accurate — it’s actually usable. That’s rare. #AIGovernance #AIAct #EULaw #AICompliance #ResponsibleAI === Did you like this post? Connect or Follow 🎯 Jakub Szarmach Want to see all my posts? Ring that 🔔.

The EU just handed you a regulatory intelligence advantage. Most companies will miss it. On October 8, 2025, the European Commission launched two critical AI Act implementation tools that change how we approach AI medical device development: The AI Act Service Desk — Direct access to Commission guidance on obligations and definitions The Single Information Platform — Unified portal with FAQs, templates, and the new EU AI Act Compliance Checker (beta) Here’s why this matters beyond compliance: The Compliance Checker is a strategic planning tool. It’s an interactive questionnaire that risk-classifies your AI system (minimal, limited, high-risk, or prohibited) before you invest development resources. For SaMD and digital therapeutics, this is gold. It creates regulatory pathway alignment. The tool maps directly to Articles 3-7 and Annex III use-cases, giving you documentation trails that feed conformity assessments and technical files. If you’re building AI Quality Management Systems (AIQMS), this is your starting point. It bridges FDA and EU strategy. Companies already navigating FDA’s predetermined change control plans can now run parallel EU risk assessments early. The strategic winners will be those who architect products for both regulatory frameworks from day one. Three immediate opportunities: 1. Use it for competitive intelligence — Run your competitors’ AI systems through the checker to understand their likely regulatory burden 2. Inform your product roadmap — Risk-classify concepts before R&D investment to avoid high-risk classifications 3. Build investor confidence — Show PE/VC partners you have regulatory pathway clarity for EU market entry The EU AI Office will enforce this, especially for general-purpose AI. The voluntary Code of Practice for GPAI providers is becoming table stakes for showing compliance. Ok, now I’ve gone and wrote too much for Linkedin, but I can’t emphasize enough that companies treating this as “just another compliance tool” will struggle. The ones using it as strategic intelligence will create regulatory differentiated strategy (and investment 😀). Have you run your AI medical devices through the checker yet? #AIAct #MedTechRegulation #SaMD #RegulatoryStrategy #AICompliance #DigitalHealth

Joan D Pepin, our CISO, has been cutting through the EU AI Act confusion with practical guides that actually explain what these regulations mean for organisations using AI systems. Her latest piece tackles the vendor compliance gap - because your AI vendors' compliance weaknesses become your regulatory liability under the EU AI Act. Joan's CISO Guide series walks through the foundations of what these rules actually require, the technical obligations that flow down to deployers, and the gap between what executives think compliance means versus what engineering needs to build. She's also put together a compliance questionnaire that helps teams figure out where their AI usage actually sits within these requirements. The regulatory landscape moved faster than most organisations' understanding of it, and her work bridges that gap with operational detail that's actually useful. Worth reading if you're trying to map your current AI implementations against what the EU AI Act actually requires. Thank you to Joan for translating complex regulatory requirements into something teams can actually work with. Read the pieces here: The CISO's Guide to Not Getting Blindsided by EU GPAI Rules: Part I, Foundations: https://lnkd.in/dQ63KVzU Your GPAI Compliance Strategy Has a Vendor-Shaped Hole: https://lnkd.in/djVZnpta And if you want a copy of the GPAI Vendor Compliance Questionnaire, message me and I’ll send it over.