EUcodex
Back to module

Lesson 2 / 3

What is the EU AI Act and Why Does it Exist?

3 min read

Key Points

  • AI has become embedded in everyday business tools — from email filters to recruitment software to chatbots
  • The EU recognised that AI can cause real harm if used irresponsibly — biased hiring decisions, manipulative advertising, privacy violations
  • The EU AI Act (Regulation EU 2024/1689) is the world's first comprehensive legal framework for artificial intelligence
  • It came into force in August 2024 and is being rolled out in stages through to 2027
  • Its core goal: ensure AI used in the EU is safe, transparent, and respects fundamental rights
  • It applies to any company providing or using AI systems that affect people in the EU — regardless of where the company is headquartered
  • The AI Act requires organisations to ensure their people have a sufficient level of AI literacy — documented training records are how organisations evidence they have met this obligation

Lesson 1.1 — What is the EU AI Act and Why Does it Exist?

AI is Already Part of Your Working Day

You may not think of yourself as an AI user, but chances are you already are. When your email inbox filters out spam before you see it, that is AI. When a chatbot greets a customer on your company's website, that is AI. When your HR team uses software to screen job applications or your finance department runs a forecasting tool, those are AI systems too. Artificial intelligence has quietly become part of how most organisations operate — often running in the background of tools people use every day without a second thought.

Why the EU Decided to Act

Most of these tools work well and cause no harm. But not all AI is low-stakes. An AI system that screens CVs could quietly disadvantage candidates based on gender or ethnicity — not because anyone programmed it to, but because it learned patterns from historically biased data. Advertising algorithms can manipulate consumer behaviour in ways people do not notice. AI tools that process personal data can create privacy risks that are difficult to undo once the data has been shared.

The European Union recognised that as AI becomes more powerful and more widespread, clear rules are needed to make sure it is used responsibly. Without a framework, there is no consistent standard for what counts as safe, fair, or transparent.

What the EU AI Act Is

The EU AI Act is Europe's answer to that challenge. It is the world's first comprehensive law governing artificial intelligence, and it sets out clear rules for how AI systems should be developed, deployed, and used. Its goal is straightforward: make sure AI used in the EU is safe, transparent, and respects people's fundamental rights. It is not about slowing down innovation — it is about making sure innovation happens responsibly.

The regulation was formally adopted by the Council in May 2024, published in the EU Official Journal on 12 July 2024, and entered into force on 1 August 2024. Its provisions are being rolled out in stages between 2025 and 2027, giving organisations time to adapt.

Who It Applies To

The EU AI Act applies to any organisation that provides or uses AI systems affecting people in the EU. This includes companies headquartered outside Europe — if your AI touches EU residents, the rules apply. It covers the companies that build AI tools (called providers) and the companies that use them in their operations (called deployers). Most organisations fall into the deployer category.

Why This Training Matters

The EU AI Act requires organisations that provide or use AI systems to take measures to ensure their people have a sufficient level of AI literacy. This obligation has been in effect since February 2025. It applies to employees, contractors, and anyone else involved in operating or using AI systems on the organisation's behalf.

This training is how your organisation meets that obligation — and just as importantly, how it proves it. Regulators, auditors, and clients can all ask for evidence that an organisation has taken AI literacy seriously. The answer is documentation: training records, completion dates, course versions, and a clear audit trail. By completing this course, you are building your own understanding of AI and creating a verifiable record that your organisation has acted responsibly.

Previous lessonNext lesson