EU AI Act
The European Union's comprehensive regulatory framework for artificial intelligence — creating legal obligations for AI governance based on risk classification.
The EU AI Act is the world's first comprehensive AI regulation. It establishes a risk-based classification system for AI systems:
- Unacceptable risk: Banned (social scoring, manipulative AI, real-time biometric surveillance) - High risk: Strictly regulated (critical infrastructure, education, employment, law enforcement) - Limited risk: Transparency obligations (chatbots must disclose they're AI) - Minimal risk: No specific obligations
For high-risk AI systems, the Act requires: - Risk management systems - Data governance - Technical documentation - Record-keeping and logging - Transparency with users - Human oversight - Accuracy, robustness, and cybersecurity
The EU AI Act creates new governance obligations for organisations using AI. Boards and management must ensure appropriate AI governance infrastructure is in place, or face significant penalties (up to 7% of global turnover).
How Constellation handles this
Constellation provides the governance infrastructure that the EU AI Act requires. Constraint enforcement, governance traces, and escalation chains map directly to the Act's requirements for risk management, record-keeping, and human oversight.