All frameworks// framework reference

EU AI Act for EU B2B software companies.

The EU AI Act applies to organizations that provide, deploy, import, or distribute AI systems in the EU. Most software companies need at least AI literacy and prohibited-practice controls; high-risk AI and general-purpose AI providers need deeper governance, documentation, and risk management.

Information bankbindingLast updated May 12, 2026

Who it applies to

EU providers and deployers of AI systems.
Products that make consequential decisions in areas like hiring, credit, education, healthcare, or biometrics.
General-purpose AI model providers and companies embedding AI into customer-facing products.

What you need to do

AI literacy, prohibited-practice controls, transparency, documentation, risk management, and monitoring.
Cybersecurity, robustness, and data governance for high-risk systems.
Lifecycle records that show how AI risks are identified, treated, and reviewed.

How to use this entry

Use this page to understand the buyer or regulatory pressure before it becomes a deadline.
Run the regulation checker to see whether this area is likely to matter for your company now.
If it becomes relevant, Kaamos can help you scope the gap and turn it into prioritized security work.