IT Brief UK - Technology news for CIOs & IT decision-makers
Story image
EU parliament passes AI Act for risk-based regulation of AI
Tue, 19th Mar 2024

The EU parliament has passed the AI Act, which imposes world-first regulations on Artificial Intelligence (AI). These new rules divide AI solutions into risk categories, with those deemed 'unacceptable' on account of their system threat level liable to be prohibited. Although the act is yet to receive final approval from ministers of European Union member states, it is anticipated to come into effect a year after ratification.

The proposed language appears set to stimulate changes not only within EU nations, but globally, following a similar path to the GDPR in managing personal data. Yohan Lobo, the Industry Solutions Manager for Financial Services at M-Files, has provided crucial advice on how companies can ensure that their Generative AI (GenAI) complies with this new legislation.

GenAI regulation will operate on a two-tier system. Primarily, GenAI developers will have to adhere to EU copyright laws and detail the content used in training their respective models. A second, more rigorous tier will be reserved for those models determined to be of high risk and will necessitate regular incident reporting and stringent testing.

An important point raised by Lobo is the need for GenAI tools to only use accurate and well-structured data, which is usually the same information managed and used by a company itself, in order to be compliant with the EU AI act. He stated: “Now that GenAI has broken into the mainstream, businesses across industries are rushing to implement these solutions and get ahead of the competition. However, firms can only implement a GenAI tool if they are sure it is safe and reliable."

As Lobo explains, companies adhering to those terms must produce trustworthy data and conform to new regulations. He suggests: “Satisfying the requirements of the EU AI act is dependent upon three key pillars: trust, security, and accuracy. The easiest way to comply with the legislation is by deploying a solution that operates within reliable internal data. A question all companies should ask themselves, is do they trust their data? If so, they can count on the results their GenAI tool produces."

Lobo also contended that the effective utilisation of internal, highly accurate data allows businesses to be more assured of their AI's judgements, augmenting productivity by equipping knowledge workers with the ability to rapidly access, search for and analyse vital information.

In his conclusion, Lobo stated, “Trust, security, and accuracy are all intrinsically linked, and companies looking to embed a GenAI strategy that complies with the EU AI act should begin by organising data across all operations. In doing so, they can lay the foundation for a GenAI tool that protects their customers while delivering vital work automation that will increase efficiency and streamline processes for employees.”