Recent Articles
Companies not complying with the EU AI Act may face heavy fines like those listed in the General Data Protection Regulation (GDPR). The Act includes a penalty structure that encourages compliance. Tech startups must be well versed with these fines and the financial and operational impact they might have on a startup in the long run.
The Act introduces a tiered penalty system depending on the severity of the breaches. Penalties for a serious infringement can be as much as €35 million or 7% of global annual turnover, whichever is higher. Major violations liable for imposition of these kinds of fines include using an AI system to trick people, violating fundamental rights, or risking harm to vulnerable groups. Such fines could destroy a startup's financials and devastate its brand and trust with the stakeholders.
This is the second level of fines, which can total up to €15 million or 3% of a startup’s worldwide annual turnover for serious breaches associated with high-risk AI systems. These violations include ineffective risk management, inadequate data governance, and insufficient human oversight mechanisms. For instance, a health-tech company whose diagnosis AI falsely identifies disease as an effect of biased or poor-quality data. These errors affect patient safety, invoke regulatory actions, and create a negative response from the public.
The least serious breaches fall under the third category of penalties, a maximum of €7.5 million or 1.5% of a startup’s global revenue. One violation in this tier would be not being transparent to the standards set for limited-risk AI systems. Even minor oversights, like not notifying the user that they are talking to an AI bot, can bring unwanted perspectives. These penalties may appear small for a startup, but they can be financially draining in the long run as offenses pile up.
National supervisory authorities are responsible for auditing and investigating institutions for compliance. Startups, especially those in more high-stakes industries like healthcare, finance, or autonomous technology, must prepare themselves for the possibility of inspection. Some steps for mitigating regulatory risk include keeping up-to-date documentation, a clear record of how notifications are managed, and evidence supporting compliance with the regulations. Likewise, start-ups can collaborate with regulators by adhering to AI ethics and responsible practices.
Besides the penalties, non-compliance can damage a startup's operations. For example, a university developing an AI system for autonomous vehicles whose algorithms it cannot demonstrate are safe and effective could have its functions suspended. This will cost the startup a year of development and assets. Another case involves a startup scaling operations across the EU borders. They would need to deal with the differences in how each member state implements the Act and must customize their strategies towards compliance so as not to be banned from operating.
While traversing the compliance landscape can be challenging, risks can be mitigated through several proactive actions. For example, a startup may take out liability insurance to cover regulatory fines and thus protect the firm from some financial level. The second way to mitigate the risks could be frequent third-party compliance audits to detect potential risks in advance. Audit results could be helpful in case an investigation gets started. Finally, startups should spare no effort to develop contingency plans to cover possible compliance problems.
While non-compliance's financial and operational repercussions constrict, startups must regard the AI Act as an opportunity. Startups can establish themselves as frontrunners in ethical AI innovation by embedding effective compliance practices into their operations. Over time, institutions that commit to responsible and transparent AI will be able to develop baseline trust with users, investors, and the broader technology ecosystem.
Stay ahead of the curve with the latest legal insights, and updates from Axioma.
Thank you for subscribing to our newsletter!
We appreciate your interest and will keep you updated with the latest news and offers.
Oops! Something went wrong with your subscription.
Please try again later or contact our support team if the issue persists.
About the Firm
Resources
Contact
Tarik Zahzah
Avocat à la Cour | Attorney at Law
CNBF: 131266 | New York: 4532081
CDAAP, 11 Bd de Sébastopol
75001 Paris, France
Axioma Law. All rights reserved.