← All services

EU AI Act Readiness Review.

The EU AI Act is enforceable. Fines reach €35M or 7% of global revenue.

The problem

The EU AI Act is the most comprehensive AI regulation in the world. It applies to companies with EU customers, employees, or processing of EU data, regardless of headquarters location.

Risk-based classification requires compliance across Unacceptable, High, Limited, and Minimal tiers. High-risk systems demand mandatory conformity assessments, extensive documentation, and ongoing monitoring. Penalties for non-compliance are severe.

Most organizations don’t even know which of their AI systems fall in scope, let alone which risk category they belong to. The readiness review answers those questions first.

What’s included

AI system inventory with EU AI Act risk classification (Unacceptable, High, Limited, Minimal)
Gap assessment against Act requirements for each risk category
Documentation audit against mandatory documentation requirements
Conformity assessment pathway analysis for high-risk systems
Regulatory timeline mapping specific to your systems and obligations
Remediation roadmap with prioritized actions and deadlines

What you get

AI system classification report with risk levels per system
Documentation gap analysis identifying missing mandatory documentation
Compliance roadmap with phased milestones aligned to enforcement dates
Executive briefing on regulatory exposure and business impact
Template documentation to accelerate compliance efforts

Who this is for

Companies with AI systems that touch EU data, customers, or employees
Organizations using AI in high-risk areas: HR, credit, healthcare, or education
US companies with EU subsidiaries or EU-based customers
Legal and compliance teams responsible for regulatory readiness
Timeline
3–4 weeks
Structure
Fixed fee

Methodology

1. Inventory — Week 1

Catalog all AI systems, integrations, and use cases across the organization.

2. Classification — Week 2

Classify each AI system under the EU AI Act risk framework. Map obligations per category.

3. Gap Assessment — Week 3

Assess documentation, technical requirements, and process gaps against Act requirements.

4. Delivery — Week 4

Classification report, gap analysis, compliance roadmap, executive briefing, and template documentation.

FAQ

Does the EU AI Act apply to our US-based company?

Yes, if your AI systems affect EU citizens — whether they are customers, employees, or data subjects. The regulation has extraterritorial reach similar to GDPR.

What counts as a high-risk AI system?

Specified high-risk categories include AI used in employment and worker management, creditworthiness assessment, education, healthcare, law enforcement, and critical infrastructure.

When does enforcement begin?

Enforcement is already active for certain provisions, with full implementation phasing between 2025 and 2027.

Are we responsible for third-party AI systems we use?

Yes. As a 'deployer' under the Act, you have specific obligations even when using third-party AI systems. Responsibility cannot be outsourced.

Can you help us achieve full compliance, not just assess gaps?

Yes. Implementation support is available as a follow-on engagement after the initial readiness review.

Book a 30-minute call to discuss your EU AI Act exposure and what a readiness review looks like for your organization.