The EU AI Act Is Already in Effect. Are You Ready?
Most Greek business leaders think the EU AI Act is something they’ll deal with “later.” The reality: key provisions are already enforceable. Prohibited AI practices were banned in February 2025. General-purpose AI rules kicked in August 2025. And the final wave of compliance requirements hits in August 2026.
If your company uses AI in any form, from chatbots to automated hiring tools to predictive analytics, this regulation applies to you. The fines for non-compliance reach up to €35 million or 7% of global annual turnover, whichever is higher.
This guide breaks down exactly what the EU AI Act means for Greek businesses, which deadlines matter, and what steps you should take now.
What Is the EU AI Act?
The EU AI Act is the world’s first comprehensive legal framework for artificial intelligence. It was formally adopted in August 2024 and applies to all EU member states, including Greece. It regulates how AI systems are developed, deployed, and used across the European Union.
The regulation follows a risk-based approach. Not all AI systems are treated the same. Instead, the law classifies AI into four risk categories and applies different rules to each one.
For Greek businesses, this means the compliance burden depends entirely on what kind of AI you’re using and how you’re using it.
The 4 Risk Categories: Where Does Your AI Fall?
Unacceptable Risk (Banned)
These AI practices are prohibited outright since February 2025. No exceptions. They include:
- Social scoring systems that rank people based on behavior or personal characteristics
- Real-time biometric identification in public spaces (with narrow law enforcement exceptions)
- AI that manipulates human behavior to bypass free will
- Emotion recognition systems in workplaces and schools
If your business uses any of these, you are already in violation.
High Risk (Strict Requirements)
This is where most compliance work will land. High-risk AI systems include:
- AI used in recruitment, hiring, or employee evaluation
- Credit scoring and insurance risk assessment
- AI in education that determines access or outcomes
- Safety components in critical infrastructure (energy, transport, water)
- AI used in law enforcement, border control, or justice systems
High-risk systems must meet strict requirements: technical documentation, human oversight mechanisms, data quality standards, conformity assessments, and registration in an EU database. Full compliance for high-risk AI is required by August 2026.
Limited Risk (Transparency Obligations)
These are AI systems that interact with people, such as chatbots and content generators. The main obligation here is transparency. Users must be informed that they’re interacting with AI, not a human. AI-generated content (text, images, audio, video) must be labeled as such.
If your business uses a chatbot on your website or generates marketing content with AI, you fall into this category.
Minimal Risk (No Specific Obligations)
Most AI applications fall here. Spam filters, AI-powered search, recommendation engines, inventory optimization. These systems can be used freely without additional regulatory requirements. The EU encourages voluntary codes of conduct but does not mandate them.
Key Deadlines: The EU AI Act Timeline
The EU AI Act rolls out in phases. Here is what has already happened and what’s coming:
- August 2024: EU AI Act formally adopted and entered into force
- February 2025: Prohibited AI practices (unacceptable risk) banned. Already in effect.
- August 2025: General-purpose AI model rules apply. Providers of foundation models must comply with transparency and documentation requirements.
- August 2026: Full compliance required for high-risk AI systems. This includes conformity assessments, technical documentation, human oversight, and registration.
- August 2027: Remaining provisions, including rules for AI systems embedded in regulated products (medical devices, machinery, vehicles).
The August 2026 deadline is the critical one for most Greek businesses. That is 6 months from now.
What This Means for Greek Businesses Specifically
Greece’s AI adoption is accelerating. More companies are deploying AI Agents for customer service, using predictive models for demand planning, and automating internal processes. But most Greek SMEs have not assessed whether their AI use cases fall under the EU AI Act’s scope.
Here is what makes the Greek context unique:
1. The SME challenge. Greece’s economy is dominated by small and medium enterprises. Most lack dedicated compliance teams or in-house legal expertise on AI regulation. This creates a real risk of unintentional non-compliance.
2. ESPA-funded digital transformation. Many Greek businesses are using ESPA subsidies to fund AI and automation projects. If those implementations don’t comply with the EU AI Act, the investment could become a liability rather than an asset.
3. No national AI authority yet. Greece has not yet designated its national competent authority for AI Act enforcement. But that does not mean enforcement won’t happen. The European AI Office has direct oversight powers, and other member states’ authorities can act on cross-border AI deployments.
4. Supply chain obligations. Even if your company doesn’t develop AI, you may have obligations as a deployer. If you use a third-party AI tool for hiring, credit scoring, or customer interaction, the EU AI Act places compliance responsibilities on you, not just the vendor.
Your 7-Step EU AI Act Compliance Checklist
Whether you’re a CTO evaluating your technology stack or a CEO preparing your board, here is a practical checklist to get started:
1. Inventory your AI systems. List every AI tool, model, or automated decision-making system your company uses. Include third-party SaaS tools with AI features. You cannot assess risk if you don’t know what you’re running.
2. Classify each system by risk level. Map each AI system to one of the four risk categories (unacceptable, high, limited, minimal). If you’re unsure, assume higher risk until confirmed otherwise.
3. Check for prohibited practices. Review your current AI use against the banned practices list. Emotion recognition in the workplace, social scoring, and manipulative AI patterns must be eliminated immediately.
4. Assess high-risk systems. For any AI classified as high-risk, document: the purpose of the system, training data sources, accuracy metrics, human oversight procedures, and potential bias risks.
5. Implement transparency measures. Ensure users know when they’re interacting with AI. Label AI-generated content. Update your website and product interfaces accordingly.
6. Review vendor contracts. If you use third-party AI tools, check whether your vendor provides the documentation and conformity assessments required under the Act. Add AI Act compliance clauses to new contracts.
7. Assign responsibility. Designate someone internally (or externally) to own AI compliance. This could be your CTO, a legal advisor, or a consulting partner who understands both the technology and the regulation.
Need help with steps 1 through 7? Our IT Readiness Assessment covers AI governance as one of its core dimensions.
The Cost of Ignoring Compliance
The penalties under the EU AI Act are significant:
- Prohibited AI practices: Up to €35 million or 7% of global annual turnover
- High-risk system violations: Up to €15 million or 3% of global annual turnover
- Incorrect information to authorities: Up to €7.5 million or 1% of global annual turnover
For SMEs and startups, reduced penalty caps may apply, but they are still substantial. Beyond fines, non-compliance creates reputational risk and can disqualify you from public procurement contracts, a major revenue source for many Greek businesses.
How Proxima Can Help
At Proxima, we work with Greek businesses on AI strategy, implementation, and governance. We don’t just build AI systems. We build them in ways that are compliant, documented, and ready for regulatory scrutiny.
Our services include AI system audits, risk classification assessments, and implementation of the technical documentation and oversight mechanisms the EU AI Act requires.
If you’re not sure where your business stands on EU AI Act compliance, the time to find out is now. Not in July 2026.