GDPR and the AI Act: Where They Overlap and Where They Don't
Both regulate data, both carry massive fines, but they cover different ground. How to handle compliance for both without duplicating work.
Read more →Articles
Practical guidance on EU AI Act compliance for businesses with customer-facing AI systems.
General-Purpose AI Models: What the EU AI Act Means for GPT Wrappers
If you've built a product on top of a foundation model, you inherit obligations. What GPAI transparency requirements mean for your wrapper.
Read more →Building a Compliance Team When You Don't Have One
Most mid-sized companies don't have a dedicated AI governance function. How to distribute responsibilities across legal, engineering, and product.
Read more →The Role of Harmonised Standards (and Why None Exist Yet)
The Act references standards that haven't been written. How to demonstrate compliance in the gap between regulation and standardisation.
Read more →AI Literacy Training: Article 4's Overlooked Obligation
Every organisation using AI must ensure staff have sufficient AI literacy. What 'sufficient' means and how to document it.
Read more →Risk Management for AI Systems: What Article 9 Actually Requires
A risk management system isn't a one-off assessment. It's a living document with continuous iteration. What auditors will expect to see.
Read more →Preparing for Your First AI Act Audit
National authorities will eventually inspect. What documentation to have ready, how to structure your compliance file, and common gaps that trigger findings.
Read more →Why I Spent Three Months Reading the EU AI Act
I'm a web developer who's been building for government and enterprise clients for 20 years. Here's why the EU AI Act stopped me in my tracks — and what I built because of it.
Read more →