nexalign

Glossary term

EU AI Act

Also: AI Act, Regulation (EU) 2024/1689

World's first comprehensive AI law. Four risk classes: prohibited, high-risk, limited (transparency), minimal. Phased application from February 2025 to August 2027.

Entered into force 1 August 2024. Prohibitions (Article 5) apply since 2 February 2025. General-Purpose AI (GPAI) obligations from August 2025. Annex III high-risk systems from August 2026. Annex I high-risk in regulated products from August 2027.

Provider obligations (Art. 8-22): risk management, data governance, technical documentation, logging, transparency, human oversight, accuracy/robustness/cybersecurity, conformity assessment, CE marking, EU database registration. Deployer obligations (Art. 26): instructions, oversight, suitable input, logging retention >=6 months, information of affected persons.

Fines up to 35 M EUR or 7% of turnover (prohibited practices), 15 M / 3% (other obligations), 7.5 M / 1% (false info to authorities).

Related terms

AI Act Risk Categories

Four-tier classification under the EU AI Act: prohibited (Art. 5), high-risk (Annex I/III), limited

FRIA

Mandatory assessment under EU AI Act Art. 27 for deployment of specific high-risk AI systems. Requir

GPAI / Foundation Models

General-purpose AI models under EU AI Act Art. 51-56. Obligations from August 2025: technical docume

EDR (Endpoint Detection and Response)

A class of endpoint security tools that continuously records endpoint activity and enables detection

Evidence grade

A grade attached to each claim in a decision memo, showing whether the claim is backed by primary so

AI Act Conformity Assessment

Procedure to demonstrate that a high-risk AI system complies with the EU AI Act before being placed

Audit-ready decision

A decision whose record is structured, evidence-backed and stakeholder-signed to a level that a thir

BAIT

BaFin circular that concretises IT requirements for credit institutions. Specifies MaRisk AT 7.2 for

← All termsBook a demo →