The AI Act and its impact on the future of AI in business
by Antonina Zemska
Eurostat figures (Dec 2025) demonstrate the accelerated use of AI in European Union companies with over 10 employees: from 7.7% in 2021, 8.1% in 2023, 13.5% in 2024, to 20% in 2025%.
Motivated by this trend, the EU drew up the world’s first Artificial Intelligence Act which came into force in August 2024, although most of its provisions will only become applicable from 02 August 2026. Some of these regulations may hinder the automation of certain internal processes in companies and complicate compliance, whilst others may affect the characteristics of products offered as part of these businesses.
Prohibited AI practices
The regulation restricts AI use in areas where misuse could infringe civil and personal rights, including privacy, access to information, data protection, and equal treatment. It requires companies to ensure both the design and use of AI tools comply with these rules. For example, AI systems that manipulate behaviour through subliminal or misleading techniques, or exploit individuals in vulnerable circumstances, are prohibited, significantly limiting certain forms of AI-driven advertising.
The Act also aligns with the EU’s 2018 General Data Protection Regulation (GDPR) by restricting the processing of biometric and other sensitive data. In practice, this means companies cannot use AI to build untargeted facial image databases, conduct biometric identification, or infer sensitive traits such as race, political views, religion, or sexual orientation.
High-risk AI systems
Specific rules apply to high-risk AI systems which may significantly affect health, safety, or fundamental rights, including decision-making outcomes. This impacts the compliance obligations of companies using such systems, which must ensure human oversight by trained personnel, adherence to operating instructions, and reliance on high-quality data.
Annex III to the AI Act lists examples of high-risk AI systems, including systems used in employment, staff management, and access to self-employment. This means employers need to ensure the proper use of AI in recruitment, performance evaluation, and workplace decisions, as well as notifying employee representatives of this fact. Additional compliance obligations apply in financial services, where AI is used for credit scoring, risk assessment, or insurance pricing, and where providers must assess the impact of these systems on fundamental rights.
Directing development
While AI use in business is increasingly supported, concerns remain about its reliability. Businesses continue to question output accuracy, data protection compliance, and potential copyright issues, even in routine tasks. Despite this scepticism, AI continues to develop rapidly and is becoming more embedded in work and services. Although regulation often lags behind technological change, the AI Act represents a clear step toward establishing binding standards.
Antonina Zemska specialises in labour law, with a particular focus on the introduction and analysis of internal workplace regulations and policies.
/https://storage.googleapis.com/ggi-backend-prod/public/media/7739/72286612-cdab-4395-80b5-b3bcf9e13f95.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/1116/WILLIAMS-Gary-_-Rosenfeld-Kant-b&w-square.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/429/imageIfHECc.png)
/https://storage.googleapis.com/ggi-backend-prod/public/media/7103/c8caba58-fdbe-4957-a285-40d0c98f1956.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/7734/fd525481-2e05-457b-83ba-b843ed14a087-(1).jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/7743/7fd1a967-829d-42d4-a10e-7e466686b78e.jpg)
/https://storage.googleapis.com/ggi-backend-prod/public/media/7492/3e269cd3-233c-497b-89a9-2b204e91afc3.jpg)