The EU AI Act: A Field Guide

The short version

Most EU AI Act explainers are either a press release or a 100-page PDF. This is the version a busy team can act on. The Act sorts AI systems into four buckets by risk: **prohibited**, **high-risk**, **limited-risk** (transparency duties), and **minimal-risk**. Almost everything you build is minimal- or limited-risk — but the obligations jump sharply the moment a system touches hiring, credit, education, biometrics, or safety. Three things teams get wrong: assuming "we just use an API" means it doesn't apply; missing the transparency duty to tell users they're talking to AI; and treating compliance as a one-time gate rather than ongoing monitoring. The full guide gives you a one-page decision tree to find your tier, the obligation checklist per tier, the phased deadlines, and a worked example for a mid-market company.