How to prepare your company for the EU AI Law with KPMG's EU AI Hub


The EU AI Hub, launched last week by AI security firm Cranium with KPMG and Microsoft, is a service designed to help companies comply with the newly adopted EU AI Law. With expert advice and customized technologies, users will follow a series of steps to identify which parts of the AI ​​Act apply to their products and what they need to do to comply.

On March 13, 2024, the European Union Parliament passed the AI ​​Law. This means that companies offering AI products in the region will soon have to comply with its strict rules regarding facial recognition, safeguards and consumer complaints and questions.

While the EU AI Law will not come into force until the end of 2024 at the earliest, many companies are considering complying with its requirements to ensure they are prepared and do not incur any penalties. However, navigating such comprehensive regulations is no easy task, and that is why the EU AI Hub was created.

SEE: 8 business AI trends in 2024, according to Stanford researchers

What is the EU AI Center?

The EU AI Hub is a service designed to take global organizations through a series of steps to help them understand how the EU AI Law regulations apply to their products and to comply and adopt AI in a way responsible. To achieve these goals, you will be given access to:

  • KPMG Trusted AI Framework and experience in strategy, transformation, technology, data sciences and assurance.
  • Cranium's enterprise AI security platform, which captures AI bill of materials, runs risk reports and performs gap analysis under the EU AI Law.
  • Microsoft's artificial intelligence technologies.

“A company's journey through the Hub will depend on where it is currently in its AI journey, so we will first identify an organization's goals regarding meeting EU compliance requirements,” Daniel told TechRepublic. Christman, director of AI programs at Cranium.

“We would then identify the path to bring a particular AI system or systems to a state of compliance, and leverage the Cranium technology platform, KPMG services, and Microsoft technology and expertise to determine and implement the relevant controls and oversight to achieve compliance. “

The resources provided by the Hub will ensure that all enterprise AI implementations are compliant, practical for your requirements, and ethically sound. Companies can work with experts from the initial strategy and design of AI technologies to their implementation and optimization, using input from regulators and relevant stakeholders.

Currently, Christman isn't sure how long it will take for a Hub user to reach compliance, although he hopes they can “scale compliance across multiple AI systems much faster” than if they tried alone.

Sean Redmond, director of the EU AI Centre, said in a press release: “Compliance with the EU AI Law and other regulatory frameworks should not be seen as a block to innovation/ideation, but should provide the barriers that allow organizations to experiment. with AI and deliver value to their businesses and customers.”

How much does it cost to use the EU AI Hub?

“Pricing will be made more flexible based on what the company is looking to achieve in the Hub,” Christman told TechRepublic. “Simply leveraging some of the experience and knowledge will incur minimal cost, and more intensive service delivery and technology implementation will generate additional investments.”

Which companies should consider using the EU AI Hub?

The EU AI Law will apply directly to companies located in the 27 EU member states and any company with customers in those states, regardless of their location. These companies could be suppliers, implementers, importers or distributors of AI systems and could consider using the EU AI Center to ensure compliance.

Christman told TechRepublic: “Many global companies are still struggling to prepare their AI systems. With the final requirements recently clearing final legal hurdles, this is something to expect, but it will continue to be a challenge for organizations to scale compliance across the enterprise.

“Primarily, organizations have the great challenge of capturing the full inventory of AI systems that are developed internally, as well as those included in third-party tools and services.”

Developers of AI systems considered “high risk” will have to meet certain obligations to comply with the AI ​​Law, including mandatory assessment of how their AI systems could affect the fundamental rights of citizens. This applies to the banking and insurance sectors, as well as any artificial intelligence system with “significant potential harm to health, safety, fundamental rights, the environment, democracy and the rule of law.”

Providers of general-purpose AI systems must also meet certain transparency requirements under the AI ​​Act; This includes creating technical documentation, complying with European copyright laws, and providing detailed information on the data used to train the basic AI models. The rule applies to models used for generative AI systems like OpenAI's ChatGPT.

What is the deadline for compliance with the EU AI Law?

While the AI ​​Act was passed in March, there are still some steps to take before companies must comply with its regulations. The EU AI Law must first be published in the EU Official Journal, which is expected to happen in June or July this year. It will come into force 20 days after its publication, but the requirements of the AI ​​Law will be applied in stages:

  • The bans on prohibited practices will apply six months after they come into force, i.e. approximately December 2024.
  • The codes of practice will come into force nine months after they come into force, i.e. approximately March 2025.
  • General-purpose AI standards, including governance, will come into force 12 months after they come into force, i.e. approximately June 2025.
  • The obligations for high-risk systems will come into force 36 months after entry into force, i.e. approximately June 2027.

The EU AI Law will be fully applied 24 months after it comes into force.

What are the penalties for violating the EU AI Law?

Companies that do not comply with the EU AI Law face fines ranging from €35 million ($38 million) or 7% of global turnover, up to €7.5 million ($8.1 million). million dollars) or 1.5% of turnover, depending on the violation and size. of the company.

scroll to top