The EU AI Act for European SMEs in 2026: what actually applies to you

Introduction

If your product has any AI in it (including a third-party LLM behind a feature) and you sell into the EU, the EU AI Act applies to you. Scope is rarely the question. The question is which obligations apply, when each one becomes enforceable, and what proportionate compliance looks like at your stage.

This guide is for founders, CTOs, and heads of compliance at European SMEs. It covers what the Act does, the four risk tiers, the staggered timeline, the SME-specific provisions, the misreadings that produce wasted work, and a five-step starting plan. No legal background assumed.

What the EU AI Act is and is not

The EU AI Act (Regulation (EU) 2024/1689) is the European Union’s horizontal regulation on artificial intelligence. "Horizontal" means it applies across sectors, not only healthcare AI or finance AI, but AI as a category, on top of any sector-specific regulation you already follow.

It is a product-safety regulation in form, not a data protection regulation. It governs how AI systems are placed on the EU market, how they are used in the EU, and how their outputs are used in the EU, regardless of where the provider is headquartered. The GDPR governs personal data; the AI Act governs AI systems. They overlap but they are not the same instrument.

It is not (and this is the most common SME misreading) a checklist of "if you use AI you must do these twenty things." It is a tiered regime. Most AI systems carry no obligations at all. A smaller set carries transparency obligations. A much smaller set of high-risk systems carries the heavy obligations. A short list of practices is prohibited outright.

The timeline: what is enforceable when

The Act entered into force on 1 August 2024. Its provisions apply on a staggered timeline:

• 2 February 2025: prohibited AI practices became applicable (Chapter II). Eight categories of unacceptable-risk AI are now banned outright in the EU.
• 2 August 2025: obligations for general-purpose AI (GPAI) models became applicable (Chapter V). The Code of Practice for GPAI providers, governance bodies (the AI Office, AI Board), and the penalty framework also took effect.
• 2 August 2026: the bulk of obligations for high-risk AI systems (Chapter III, Title II onwards) become applicable. This is the next major compliance milestone, and what most SME work this year is pointed at.
• 2 August 2027: the remaining obligations apply, including those for high-risk AI systems that are safety components of products covered by existing EU product-safety legislation listed in Annex I.

The four risk tiers and which one you are probably in

The Act sorts AI systems into four buckets. Most SMEs sit firmly in the bottom two.

Unacceptable risk. Prohibited outright. The list covers subliminal, purposefully manipulative, or deceptive techniques that materially distort behaviour and cause significant harm; exploitation of vulnerability by age, disability, or a specific social or economic situation; social scoring of natural persons leading to detrimental or unjustified treatment (not limited to public authorities in the final Act); predictive policing based solely on profiling or personality traits; untargeted scraping of facial images to build databases; emotion recognition in the workplace and education; biometric categorisation that infers sensitive attributes; and real-time remote biometric identification in publicly accessible spaces by law enforcement (with narrow exceptions). An ordinary SaaS or B2B product is almost never in this category. If you read the list and recognise your product, stop reading this guide and call a lawyer.

High risk. Permitted but heavily regulated. Annex III lists the high-risk use cases: biometric identification, critical infrastructure, education and vocational training, employment and workforce management, access to essential services and benefits, law enforcement, migration and border control, administration of justice and democratic processes. Most SME B2B products do not fall in Annex III. The exception that surprises founders most often is employment. Any AI that materially affects hiring decisions, performance evaluation, or termination is in scope.

Limited risk. Transparency obligations only. This is where most consumer-facing and B2B AI products land. Users must be told they are interacting with an AI system, deepfakes must be labelled, AI-generated text published in the public interest must be disclosed, and chatbots must identify themselves unless it is obvious from context.

Minimal risk. No specific obligations. Most AI in the market today falls here: spam filters, recommendation engines, the autocomplete in your CRM.

General-purpose AI: relevant even if you only use third-party models

You are probably not training a GPAI model. The compute threshold for "systemic risk" is 10^25 FLOPs at training time, which puts the bar above all but a handful of frontier labs. Chapter V is still relevant to SMEs in two ways.

If you use a third-party GPAI model (OpenAI, Anthropic, Mistral, an open-weights model) and you fine-tune it or modify it materially, you inherit downstream provider obligations. The threshold is "substantial modification". Cosmetic system-prompt changes do not count. A fine-tune that changes the intended purpose does.

If you build a product on top of a GPAI model, the model provider has obligations to make documentation and risk information available to you. Read the model card and the acceptable-use policy of every GPAI you rely on. Keep evidence of which version you used at which time. The AI Act, like most product regulations, treats provenance and versioning as first-class evidence.

Practical obligations if you are limited-risk (most SMEs)

If your product is limited-risk (a chatbot, a content generation feature, a recommendation system, an AI-assisted summarisation tool), the practical obligations are narrow and largely about transparency:

• Tell users they are interacting with an AI system when it is not obvious from context. A clear label or a one-line disclosure in the UI is enough.
• Watermark or label AI-generated synthetic content (images, audio, video, text) where applicable. The technical implementation is your choice, but the label has to be detectable.
• For chatbots specifically, identify the chatbot as such, unless the entire interaction context makes it obvious.
• Maintain a description of the system suitable for downstream users: what it does, what data classes it processes, what its known limitations are. This is good engineering hygiene regardless.

Practical obligations if you are high-risk

If your product is high-risk under Annex III (most commonly because it operates in employment, education, access to services, or critical infrastructure), the obligations are heavier and become applicable from 2 August 2026.

• Risk management system. A documented, lifecycle-long process for identifying, evaluating, and mitigating risk.
• Data and data governance. Training, validation, and testing datasets that meet defined quality criteria, with documented data provenance and bias-mitigation steps.
• Technical documentation. The Annex IV document set that lets authorities assess conformity. The longest single deliverable in the regime.
• Record-keeping. Automatic logging of events relevant to risk identification, modification, and traceability over the system’s lifetime.
• Transparency to deployers. The system ships with instructions for use that let the deployer meet its own obligations.
• Human oversight. Measures that let natural persons oversee the system effectively, including the ability to intervene or stop it.
• Accuracy, robustness, and cybersecurity. Appropriate levels documented and tested.
• Quality management system. A documented QMS covering design, development, validation, and post-market monitoring.
• Conformity assessment and CE marking before placing the system on the market, plus post-market monitoring and serious-incident reporting throughout its lifetime.

Penalties and the SME cap

The Act sets three penalty tiers. Prohibited AI practices: up to €35 million or 7% of total worldwide annual turnover, whichever is higher. Non-compliance with most other obligations: up to €15 million or 3%. Supplying incorrect, incomplete, or misleading information to authorities: up to €7.5 million or 1%.

The SME and start-up provision matters. For SMEs (including start-ups), each of these caps is the lower of the absolute amount or the percentage. Proportionality is built in. The Act is designed not to bankrupt small organisations for first-offence administrative failures. That does not make SMEs exempt; it means a proportionate maximum applies.

The two SME failure modes

The first failure mode is denial. "We are too small for this to matter." Wrong. The Act applies regardless of company size to any AI system placed on the EU market or whose output is used in the EU. The SME provisions reduce the proportionate maximum penalty and the documentation burden in specific cases. They do not exempt anyone.

The second failure mode is over-engineering. SMEs that read the high-risk regime and decide to apply it to their limited-risk product end up producing reams of technical documentation, conformity assessment paperwork, and quality-management infrastructure the Act does not require for their product class. It is expensive, slows the team down, and signals to prospective enterprise customers that the company does not understand the regulation it is responding to.

The discipline is to classify accurately, then apply only the obligations the Act imposes on that class.

A five-step starting plan

• Inventory every AI system you provide or deploy. For each one, capture the intended purpose, the data it processes, the user base, and the role you play (provider, deployer, importer, distributor).
• Classify each system into one of the four risk tiers. Use Article 6 and Annex III for the high-risk test. Document the reasoning. Classification rationale is itself an artefact.
• For each system, identify the specific articles that apply. Limited-risk systems often only touch Article 50 (transparency). High-risk systems touch Articles 8 through 29. GPAI providers touch Articles 51 through 56.
• Build a minimum-viable evidence pack for each in-scope obligation: the system description, the transparency notice text, the risk classification reasoning, the human-oversight design, and (for high-risk) the technical documentation skeleton mapping to Annex IV.
• Set up a quarterly review cadence. Regulatory guidance from the AI Office and the AI Board is evolving. Keep a living document of the AI systems in your product, their classifications, and the obligations attached.