EU AI Act, made navigable for indie AI founders.
136 articles, 13 annexes, ongoing Commission guidelines. You don't have to read it. RegImpact tells you which articles apply to your product, what they require, and what you need to do — in plain English.
Why EU AI Act founders use RegImpact
The EU AI Act is the most consequential AI regulation in the world right now. It applies to any AI system "placed on the market" or "put into service" in the EU — including by US companies whose products happen to have EU users. Penalties top out at €35M or 7% of global revenue.
The Act is not one rule — it's a 700-page framework with risk classifications, conformity assessments, transparency obligations, GPAI rules, and dozens of Commission guidelines that keep dropping. RegImpact tracks every Commission guideline + enforcement signal and tells you which one matters for your product, with the action items already drafted.
What you're actually up against
- Determining whether your AI is "high-risk" (Annex III) vs "limited risk" — wrong answer = wrong obligations
- GPAI obligations apply differently based on whether you fine-tune, RAG, or just call APIs
- Conformity assessment + technical file requirements for high-risk AI take 4-8 weeks of effort
- Commission guidelines drop monthly and reshape what you have to do — easy to fall behind
Score your EU AI Act product
We've pre-filled a typical eu ai act product description. Edit it to match yours, drop in your email, and you'll get the top 3 most-relevant regulations scored 1-10 against your product (plus the rest emailed and behind the paywall).
AI-powered B2B SaaS product. Uses LLMs (OpenAI/Anthropic) for customer-facing features. Some customers are in the EU. We don't train our own models — we fine-tune and RAG on top of foundation models.
We'll send your scan results plus 2 short followups. No spam, unsubscribe anytime.
Click Run to score this product profile against the most recent AI regulations in our database. 60 seconds.
Recent rules we're tracking (169 total)
A snapshot of the highest-relevance AI regulations in our database right now. Click into any rule for the plain-English explainer, or run the scan above to see which ones actually apply to your product.
- federal register
AI-Enabled Optimization of Early-Phase Clinical Trials Pilot Program; Request for Information
The Food and Drug Administration (FDA or the Agency) is issuing this request for information to solicit input on a proposed pilot program to assess how artificial intelligence (AI)-enabled technologies can improve efficiency, speed, and quality of decision- making in early phase clinical trials. Ear
- fcc
Implications of Artificial Intelligence Technologies on Protecting Consumers From Unwanted Robocalls and Robotexts
In this document, the Federal Communications Commission (Commission or FCC) proposes steps to protect consumers from the abuse of Artificial Intelligence (AI) in robocalls alongside actions that clear the path for positive uses of AI, including its use to improve access to the telephone network for
- fcc
Disclosure and Transparency of Artificial Intelligence-Generated Content in Political Advertisements
In this document, the Federal Communications Commission (Commission or FCC) initiates a proceeding to provide greater transparency regarding the use of artificial intelligence-generated content in political advertising. Specifically, the Commission proposes to require radio and television broadcast
- fcc
Open Commission Meeting Thursday, August 3, 2023
The Commission will consider a Notice of Inquiry that would initiate a technical inquiry into how to obtain more sophisticated knowledge of real-time non- Federal spectrum usage-- and how the Commission could take advantage of modern capabilities for doing so in a cost- effective, accurate, scalable
- eu ai act
Overview of Guidelines for GPAI Models
On 18 July 2025, the European Commission published draft Guidelines clarifying key provisions of the EU AI Act applicable to General Purpose AI (GPAI) models. The Guidelines provide interpretive guidance on the definition and scope of GPAI models, related lifecycle obligations, systemic risk criteri
- eu ai act
Providers of General-Purpose AI Models — What We Know About Who Will Qualify
This content is outdated – Draft guidelines have now been published by the AI Office, which you can learn more about here. On 22 April 2025, the AI Office published preliminary guidelines clarifying the scope of the obligations for providers of GPAI models. These outline seven topics that are expect
- fcc
Open Commission Meeting Wednesday, August 07, 2024
The Commission will consider a Report and Order to establish a Missing and Endangered Persons event code that will provide law enforcement, EAS Participants, and WEA providers with a means to quickly disseminate information pertaining to missing and endangered persons cases. 2.................. Cons
- eu ai act
Why work at the EU AI Office?
It’s probably not for everyone, but there are a lot of great reasons to consider, including the potential to have an impact on AI governance worldwide, leveraging the first-mover advantage, and more.
FAQ
- I just call OpenAI / Anthropic APIs. Am I a "GPAI provider"?
- No — you're a "deployer" or "downstream provider" depending on what you do. The GPAI obligations land mostly on OpenAI and Anthropic, not you. But you still have transparency + documentation obligations under Article 13 if your product is high-risk. RegImpact scores each GPAI guideline against your specific role.
- My company is US-only. Does the EU AI Act apply to me?
- It applies the moment any of your users is in the EU. There's no minimum threshold. Practically: if your product has a public sign-up and you accept EU credit cards, you have EU users by default. You either scope in (comply) or scope out (geofence + add EU exclusion to your TOS).
- How do I know if my product is "high-risk"?
- Annex III lists the high-risk categories: biometric ID, critical infrastructure, education, employment/HR, essential public services, law enforcement, migration/border, justice, democratic processes. Plus anything safety-related. If your product touches any of these, you're likely high-risk. RegImpact runs the full Annex III check against your product description in the free scan.
- What are the actual fines for non-compliance?
- Three tiers. Highest: €35M or 7% of global annual turnover (whichever is higher) for prohibited-use violations. Middle: €15M or 3% for non-conformity with key obligations. Lower: €7.5M or 1.5% for incorrect/incomplete information. Penalties scale with company size, but the top end is existential for indie founders.