EU AI Act

The EU AI Act is the world’s first comprehensive legal framework for artificial intelligence, applying a risk-based approach to regulate AI systems in the EU.

 It bans AI uses with unacceptable risks (such as social scoring or manipulative techniques), imposes strict requirements on high-risk systems (especially those affecting safety or fundamental rights), and sets transparency obligations for limited-risk AI while leaving minimal-risk systems largely unregulated.

AI is new, and we are breaking into unchartered territories. Demonstrated compliance with the EU AI Act signals to the public and regulators deliberate derisking and thoughtfulness in approaching AI implementation.

The EU AI Act takes effect in phases, with key dates as follows: bans on prohibited AI systems and AI literacy requirements began on 2 February 2025, governance and notification obligations come into force on 2 August 2025, general requirements for high-risk AI systems apply from 2 August 2026, and all remaining core provisions, including for earlier-deployed general-purpose AI, are fully enforceable by 2 August 2027.

This phased approach gives different actors up to sufficient time to comply, depending on risk category and system type.

We approach the AI Act as a friend. AI is new, and the AI development life cycle is new. The AI Act spells out a number of useful guidelines that can be used in establishing of AI Governance and AI Development Lifecycle.

Merceros has deep regulatory knowledge with specialized expertise in interpreting and implementing the EU AI Act for financial services. We maintain established relationships with regulatory authorities and industry working groups and have a proven track record of successful compliance implementations at major financial institutions.

A typical engagement can span 18 months, starting within 30 days of agreement. The foundation phase completes in 60 to 90 days, followed by full implementation over the remaining period. Phase 3 (9-18 months) involves enterprise-wide rollout, advanced monitoring, regulatory readiness, and stakeholder communication.

Merceros delivers complete governance implementation across all business units and AI systems, with demonstrated regulatory compliance. This includes advanced monitoring and reporting capabilities.

Delivering a set of implementable and testable requirement statements from the act is the first step. Analyzing your current state to understand where you have shortcomings is a practical send, with developing a set of deltas for implementation is a third practical step.

Our governance frameworks are designed for scalability and continuous evolution. We provide training and capability building to create lasting organizational change, along with ongoing support and optimization to maintain your competitive advantage.