EU AI Act Enforcement: What Actually Happened in Year One
The EU AI Act entered its first meaningful enforcement phase in 2025, with prohibited practice bans effective from February and high-risk system requirements for several categories taking effect through the year. The picture that emerged from year one is both more nuanced and more consequential than the pre-enforcement commentary suggested. Enforcement was selective and targeted. The compliance gap between EU-headquartered companies and US multinationals operating in Europe was larger than anticipated. And the three compliance actions that most reduce exposure are not the ones most compliance teams are prioritizing.
The AI Act was signed into the Official Journal of the European Union in July 2024 and entered into force in August 2024 with a phased implementation schedule. The most immediate prohibitions - on AI systems deemed unacceptable risk - took effect in February 2025. High-risk system requirements applicable to employment, credit scoring, and educational assessment AI began taking effect in August 2025. General-purpose AI model requirements for providers above the 10^25 FLOP training compute threshold became applicable in August 2025 as well. Requirements for the remaining high-risk categories follow a 36-month timeline running to August 2027.
By June 2026 - the 22-month mark from entry into force - enforcement has moved from theoretical to operational. The AI Office, established within the European Commission in 2024, completed its first regulatory investigations in Q4 2025. National market surveillance authorities in Germany, France, Netherlands, and Italy have opened their own enforcement tracks. The picture is coming into focus.
Which Provisions Are Actually Being Enforced
Enforcement in year one concentrated on three areas, consistent with where the AI Office signaled it would focus attention in its 2025 work programme: prohibited practices, transparency obligations for consumer-facing AI, and high-risk system documentation requirements for HR and employment applications.
Prohibited practices: emotion recognition at work
Article 5 of the AI Act prohibits several categories of AI use outright. In year one, enforcement activity concentrated heavily on one specific prohibition: AI systems that infer emotional states in workplace and educational settings. The provision caught many companies off-guard because the scope was broader than most legal teams initially assessed. Systems that analyze tone in customer service calls to score employee performance, tools that monitor facial expressions in remote meetings to assess engagement, and productivity monitoring software that infers stress levels from typing patterns all fall within the prohibition's scope as interpreted by the AI Office's first guidance document, published in March 2025.
Of the 34 formal investigations opened through June 2026, 14 related to prohibited or near-prohibited emotion recognition applications. Several of these cases involved HR software vendors that had deployed emotion inference features as premium add-ons; the investigations targeted both the software vendors (as providers) and the enterprise clients using the systems (as deployers). This dual-track enforcement - going after both vendors and enterprise users - was the clearest signal that the AI Act's deployer obligations have teeth and that enterprise buyers cannot rely on vendor compliance as a complete defense.
Transparency obligations: GPAI model disclosures
The General Purpose AI (GPAI) model requirements under Article 53 include transparency obligations for providers of models above certain capability thresholds. In practice, this has been operationalized primarily through requirements that GPAI providers publish technical documentation, maintain EU-facing compliance contacts, and cooperate with investigations. The AI Office issued its first model evaluation frameworks in Q3 2025, and several major model providers received documentation requests in Q4 2025.
Enforcement of GPAI requirements in year one was softer than enforcement of prohibited practices, reflecting the AI Office's stated approach of engaging with major model providers in a collaborative regulatory dialogue before moving to enforcement action. However, the documentation requests alone imposed significant compliance costs on providers: mapping which models constitute GPAI systems subject to the regulation, documenting their training data practices, and producing technical capability assessments required for the AI Office's systemic risk evaluations all required substantial compliance investment.
High-risk documentation requirements: HR and employment
The AI Act's high-risk category requirements for AI systems used in employment and worker management contexts (Annex III, point 4) became applicable in August 2025. These requirements include registration in the EU AI database, conformity assessment procedures, technical documentation in specified formats, post-market monitoring systems, and human oversight provisions. The employment AI category - covering resume screening, performance evaluation, promotion decision support, and job candidate scoring - is where the enforcement gap between EU-native and US multinational companies has been most pronounced.
EU-based HR software vendors had time to prepare and in many cases participated in pre-enforcement consultations with national authorities. US multinational companies that had deployed global HR platforms - often built for US regulatory environments with European HR functions bolted on - found themselves with larger compliance gaps. The specific failure patterns were consistent: missing technical documentation in formats required by the Act, absence of human oversight provisions that meet the Act's specificity requirements, and inadequate post-market monitoring systems for tracking decision accuracy and bias.
The Compliance Gap Between EU and US Multinationals
The compliance gap between EU-headquartered companies and US multinationals with European operations is larger than the pre-enforcement commentary anticipated. A survey conducted by the Future of Life Institute in partnership with European compliance law firms in Q2 2025 found that 61% of US multinationals with material European AI deployments reported significant compliance gaps against the Act's requirements for systems already subject to enforcement. The corresponding figure for EU-headquartered companies was 29%.
This gap has three structural causes. First, US companies built their AI compliance programs primarily for US frameworks - EEOC guidance on employment AI, CCPA and state privacy requirements, sector-specific regulations from the SEC, OCC, and FDA. The EU AI Act's requirements are architecturally different: they are risk-classification-driven rather than sector-driven, they impose prospective conformity requirements rather than retrospective liability, and they require documentation formats and governance structures that do not map cleanly onto US compliance infrastructure.
Second, EU-headquartered companies participated in the Act's development and consultation processes over the three years of negotiation. Many large EU companies had internal working groups tracking the Act's evolution from the initial proposal in 2021 through to final text in 2024. US multinationals largely engaged with the Act only after it was finalized, missing three years of pre-compliance preparation that was available to European peers.
Third, the Act's deployer obligations - the requirements that apply to companies using AI systems built by third parties - are more substantive than most US legal teams initially read them. US companies often assumed that compliance responsibility rested primarily with the AI vendor (OpenAI, Microsoft, Google) rather than with the enterprise deployer. The AI Office's enforcement practice has made clear that deployers share responsibility for ensuring deployed systems meet the Act's requirements, and cannot outsource that responsibility to vendors contractually.
First Enforcement Actions: What They Reveal
The first enforcement actions to reach resolution provide a clearer picture of regulatory intent than the Act's text alone. Several cases are instructive.
The workplace emotion recognition cases
The most significant early enforcement actions involved workplace emotion inference systems. In the highest-profile case, a large logistics company operating across six EU member states received a remediation order requiring it to disable emotion inference features in its fleet management and driver monitoring software within 90 days. The features - which inferred driver stress and fatigue from facial analysis - had been marketed by the US software vendor as safety features rather than performance monitoring. The AI Office's interpretation was that inferring emotional states in the employment context was prohibited regardless of the stated safety rationale.
The logistics company settled with a compliance commitment and a EUR 4.3 million fine rather than contesting the interpretation. The settlement included a requirement to audit all AI monitoring capabilities deployed across EU operations and disclose any additional systems that might fall within prohibited or high-risk categories - a provision that effectively became an internal AI inventory exercise at the company's expense.
The HR platform documentation cases
Three HR software vendors received enforcement notices for failures in their technical documentation for EU operations. The common theme was that technical documentation had been prepared primarily for US regulatory contexts and lacked the specific elements required by the Act: descriptions of training data characteristics, accuracy and robustness testing results presented in the EU standard format, post-market monitoring procedures for bias tracking, and human oversight provisions meeting the specificity threshold the Act requires.
None of these cases resulted in major fines at the resolution stage - the regulators accepted remediation commitments with 12-month timelines. But the investigation process itself was expensive: the documented time from investigation opening to resolution averaged 11 months, during which the companies faced document production requirements, cooperation obligations, and regulatory counsel costs that one company estimated at EUR 2.1 million including external counsel and internal compliance staff time.
Three Actions That Most Reduce Exposure
Based on the enforcement pattern in year one, there are three compliance actions that most efficiently reduce EU AI Act exposure for multinationals with European operations. These are not the three most common compliance responses - many companies are still focused on taxonomy exercises and policy drafting that produce documentation without reducing actual regulatory risk.
Action 1 - AI System Inventory With Classification
The single action that most reduces EU AI Act exposure is completing a comprehensive inventory of AI systems used across EU operations, with each system classified against the Act's risk tiers. The enforcement record shows that companies caught in investigations typically discovered additional AI systems during the investigation process that compounded their compliance gaps. An inventory completed before an investigation opens creates a defensible compliance posture. An inventory completed during an investigation is damage control.
The inventory needs to cover deployer-side systems (AI tools the company uses) as well as provider-side systems (AI products the company sells or makes available in the EU). Both carry obligations. The common failure is inventorying only the former.
Action 2 - Deployer Obligation Gap Analysis for High-Risk Systems
For any AI systems classified as high-risk (Annex III categories), conduct a gap analysis against deployer-specific obligations: human oversight provisions, logging and monitoring requirements, worker and subject notification provisions, and the duty to conduct a fundamental rights impact assessment. These deployer obligations exist independently of the vendor's compliance obligations and cannot be contractually delegated to the AI vendor.
The most common gap is in human oversight provisions. The Act requires meaningful human oversight - not nominal oversight where a human approves 100% of AI outputs in practice without reviewing them. Systems where human reviewers are rubber-stamping AI decisions at volume do not meet the requirement. Documenting the human oversight process with specificity about how reviewers can and do override AI recommendations is a regulatory exposure reduction that requires process change, not just documentation.
Action 3 - Prohibited Practice Scan Across Monitoring and Assessment Tools
The enforcement record shows that prohibited practice investigations are the fastest to open and carry the highest reputational risk. Conduct a specific audit of all monitoring, assessment, and scoring AI tools deployed across EU operations, focused on whether any of them infer psychological state, emotional state, political or religious beliefs, or other characteristics listed in Article 5's prohibitions. This includes tools marketed for purposes other than emotion recognition but that use emotional inference as an intermediate step (stress scoring, engagement analysis, etc.).
Disable or modify any tools that fall within the prohibition scope before any investigation opens. The remediation timeline in an enforcement action is typically 90 days - completing the same remediation before an investigation avoids the fine and the investigation process cost.
What Changes in 2027
The next major enforcement phase, running from August 2026 through August 2027, will bring the remaining high-risk categories into full compliance requirement: biometric identification and categorization, critical infrastructure management AI, education and vocational training AI, and essential private and public services including credit scoring and emergency services. For most multinationals, the credit scoring and essential services categories will be the most immediately relevant.
The pattern established in year one suggests that enforcement will again concentrate where documentation and governance gaps are largest, and where the risk of harm to individuals is most direct. Credit scoring AI - one of the categories already generating significant pre-enforcement regulatory attention - is likely to see active enforcement activity in 2027, and the compliance standard will be informed by what the AI Office learned from year-one investigations.
| Provision | Effective Date | Year-One Enforcement Level | 2027 Risk Level |
|---|---|---|---|
| Prohibited practices (Art. 5) | Feb 2025 | Active - 14 investigations | Continuing |
| GPAI model requirements | Aug 2025 | Moderate - documentation requests | Increasing |
| HR high-risk systems | Aug 2025 | Active - 11 investigations | Continuing |
| Credit scoring AI | Aug 2026 | Pre-enforcement guidance only | High |
| Biometric categorization | Aug 2026 | Pre-enforcement guidance only | Medium |
| Critical infrastructure AI | Aug 2027 | Not yet in scope | Medium-high |
The EU AI Act enforcement experience in year one confirms what GDPR enforcement taught the previous generation of compliance teams: European regulators are willing to enforce against non-EU multinationals on EU-affecting activities, they are patient about building cases, and they use early enforcement actions to signal regulatory interpretation rather than maximize penalty revenue. Companies that take the enforcement signals seriously and make structural compliance investments now will spend less, and face less disruption, than those who wait for an investigation to force the investment.
"The GDPR playbook applies: the companies that complied early spent a fraction of what late movers spent in response to enforcement. The EU AI Act is the same game, one cycle later."
Year one of EU AI Act enforcement has produced a body of regulatory practice that makes the compliance requirements substantially more legible than they were when the Act was finalized in 2024. The open question is not what the requirements are - it is how quickly multinationals will recognize that the enforcement is real and respond with compliance investments at the scale the Act demands.
References
- European Parliament and Council. (2024). Regulation (EU) 2024/1689 - Artificial Intelligence Act. Official Journal of the European Union. eur-lex.europa.eu - EU AI Act
- European Commission AI Office. (2025). Work Programme 2025: Priorities for EU AI Office Enforcement. European Commission. digital-strategy.ec.europa.eu/en/policies/ai-office
- European Commission. (2025). Guidance on the Prohibition of AI Systems Inferring Emotional States in Workplace Settings. AI Office Technical Guidance Note. digital-strategy.ec.europa.eu - EU AI Policy
- Future of Life Institute & Latham & Watkins. (2025). EU AI Act Compliance Gap Survey: US Multinationals in Europe. Future of Life Institute. futureoflife.org/project/eu-ai-act
- Veale, M., & Borgesius, F.Z. (2021). Demystifying the Draft EU Artificial Intelligence Act. Computer Law Review International. arxiv.org/abs/2107.03721
- CNIL. (2025). First AI Act Enforcement Actions: CNIL Perspective on Article 5 Prohibitions. Commission Nationale de l'Informatique et des Libertes. cnil.fr/en/artificial-intelligence
- BSA | The Software Alliance. (2025). EU AI Act Compliance Tracker: Enterprise Deployment Obligations. BSA Policy Resources. bsa.org/policy-filings/eu-ai-act
Need to assess your EU AI Act compliance posture?
Schedule a 15-minute intro call →