The European Union recently enacted the world’s first comprehensive regulatory framework for Artificial Intelligence with the EU AI Act. Going into effect intermittently over the next few years, companies operating in Europe have to meet new standards for transparency, data quality, and bias reduction.
Different AI providers, deployers, and importers will be categorized based on their risk level. Companies operating in the EU must understand their categorization and what they need to do to remain compliant with the new regulations.
Transparency and bias
To help companies understand how to accommodate both their AI ambitions and the new law, Kyriba’s Chief AI Officer at Kyriba Morné Rossouw spelled out how finance applications may be affected.
Explore related questions
“While the Act doesn’t classify most finance AI applications as high-risk, it introduces intriguing new compliance requirements. Finance teams now face the challenge of ensuring transparency and documentation in AI systems, particularly those for payments and fraud detection,” said Rossouw.
Though end-users will still have some responsibility when ensuring transparency, most of this burden will fall on developers and deployers. For instance, they must ensure that end-users are aware that they are interacting with AI like chatbots and deepfakes. The act’s transparency requirements go into effect August 2, 2025.
Data quality and governance
Rossouw also indicated that data quality and governance is another major emphasis of the EU AI Act that companies should be aware of. In order to remain compliant, businesses should ensure that they have:
- Data Management Procedures: Implementing protocols for data acquisition, collection, analysis, labeling, storage, filtering, mining, aggregation, and retention.
- Design and Development Controls: Ensuring systematic actions for the design, verification, and validation of AI systems.
- Risk Management Processes: Identifying, assessing, and mitigating risks associated with AI system operations.
- Ensure Data Suitability: Utilizing datasets that are relevant, representative, free of errors, and as complete as possible to minimize biases and inaccuracies.
- Implement Continuous Monitoring: Regularly assessing data quality throughout the AI system’s lifecycle to detect and address potential issues promptly.
What This Means for SAPinsiders
AI is an essential service and now has to be regulated like one. Almost 70% of business leaders plan to invest somewhere between $50 to $250 million in AI over the next year, up from 51% the year before. Clearly, AI technology is not going anywhere. Companies now need to be prepared for their AI practices to be scrutinized in the same way other essential workflows like tax would be.
Ensure compliance even with low-risk AI solutions. Though the EU AI Act is largely aimed at GenAI and other use cases with more potential harm, companies leveraging AI for financial purposes should also be cognizant of the new regulations. Companies should ensure that they adopt solutions from partners like Kyriba that are plugged into the new legislation and are prepared to comply on day one.
Find the positives, like AI literacy. Though compliance can feel like a burden, the new rules can also have some positive impact. For instance, the Act emphasizes the importance of AI literacy within finance teams, which can help companies with their AI adoption ambitions. As CFOs understand this technology better, they will unlock potential use cases to help innovate and bolster decision-making. Companies should take this new law as an opportunity to ensure all team members thoroughly understand AI – both how to use it responsibly, and how it can help them achieve their business goals.
