How to prepare for EU AI law with KPMG's EU AI Hub

AI For Business


The EU AI Hub, launched last week by AI security company Cranium in collaboration with KPMG and Microsoft, is a service to help companies comply with the newly adopted EU AI law. With expert advice and bespoke technology, it walks users through a series of steps to identify which parts of AI law apply to their products and what they need to do to comply.

On March 13, 2024, the European Union Parliament passed the AI ​​Bill, which means that companies offering AI products in the region will soon have to comply with strict rules regarding facial recognition, safety measures, and consumer complaints and questions.

Although the EU AI law won't come into force until late 2024 at the earliest, many companies are looking to comply with its requirements to ensure they are prepared and avoid penalties. However, complying with such comprehensive regulation is no easy task, which is why the EU AI Hub was established.

SEE ALSO: 8 AI business trends for 2024 according to Stanford researchers

What is the EU AI Hub?

The EU AI Hub is a service designed to guide global organizations through a series of steps to understand how EU AI law applies to their products and to ensure that they comply with and use AI responsibly. To achieve these goals, organizations will be provided with access to:

  • KPMG's trusted AI framework and expertise in strategy, transformation, technology, data science and assurance.
  • Cranium’s enterprise AI security platform captures AI bill of materials, runs risk reports and performs gap analysis against the EU AI law framework.
  • Microsoft AI technologies.

“A company's journey through the hub will be determined by where they are currently in their AI journey, so we start by identifying the organization's goals with regards to meeting EU compliance requirements,” Daniel Christman, AI program director at Cranium, told TechRepublic.

“We then identify the path to bringing a particular AI system into a compliant state, and leverage the technology and expertise of the Cranium technology platform, KPMG Services and Microsoft to determine and implement the relevant controls and oversight to achieve compliance.”

The resources provided by the Hub will ensure that all of a company's AI implementations are compliant, practical for their requirements, and ethically sound. Companies can work with experts from initial strategy and design to deployment and optimization of AI technologies, with input from regulators and relevant stakeholders.

Christman said it's unclear at this point how long it will take hub users to achieve compliance, but he hopes that “we can scale compliance across multiple AI systems much faster” than if they were to try it alone.

“Compliance with EU AI law and other regulatory frameworks will not be a hindrance to innovation and ideation, but rather a set of guardrails to enable organizations to experiment with AI and deliver value to their business and customers,” Sean Redmond, director of the EU AI Hub, said in a press release.

How much does it cost to use the EU AI Hub?

“Pricing will be flexible depending on what companies are looking to accomplish with the hub,” Christman told TechRepublic. “Leveraging some of the expertise and knowledge will cost zero or minimal, while more intensive service delivery and technology implementation will require additional investment.”

Which companies should consider using the EU AI Hub?

EU AI law applies directly to companies located in the 27 EU member states and those with customers in those countries, regardless of their location. These companies could be providers, implementers, importers or distributors of AI systems and may consider using the EU AI Hub to ensure compliance.

“Many global companies are still struggling to prepare their AI systems,” Christman told TechRepublic. “This was somewhat expected given that the final requirements only recently passed the final legal hurdles, but it remains a challenge for organizations to scale compliance across the enterprise.”

“First, organizations have a significant challenge in understanding their full inventory of AI systems, not just those developed in-house, but also those contained within third-party tools and services.”

Developers of AI systems deemed “high risk” must meet certain obligations to comply with AI law, including a mandatory assessment of how the AI ​​system will affect citizens' fundamental rights. This applies not only to the insurance and banking sectors, but also to any AI system that “poses significant potential harm to health, safety, fundamental rights, the environment, democracy or the rule of law.”

Providers of general-purpose AI systems must also meet certain transparency requirements under the AI ​​Act, including producing technical documentation, complying with European copyright law, and providing detailed information about the data used to train the AI-based models. This rule applies to models used in generative AI systems such as OpenAI's ChatGPT.

What is the deadline for compliance with EU AI law?

Although the AI ​​Law was approved in March, there are still several steps that must be taken before companies can comply with the regulation. The EU AI Law must first be published in the EU Official Journal, which is expected to be published in June or July of this year. It will come into force 20 days after publication, but the AI ​​Law's requirements will be applied in stages.

  • The ban on prohibited activities will apply six months after coming into force, i.e. around December 2024.
  • The Code of Practice will come into force nine months after publication, i.e. approximately March 2025.
  • The General AI Rules, including governance, will come into force 12 months after their entry into force, i.e. around June 2025.
  • The obligations regarding high-risk systems will come into force 36 months after entry into force, i.e. approximately after June 2027.

EU AI law will be fully applicable 24 months after it comes into force.

What are the penalties for breaching EU AI law?

Companies that do not comply with EU AI law face fines ranging from €35 million (US$38 million) or 7% of global turnover to €7.5 million (US$8.1 million) or 1.5% of turnover, depending on the severity of the non-compliance and the size of the company.



Source link

Leave a Reply

Your email address will not be published. Required fields are marked *