March 2025 Newsletter

Dear All,

Welcome to the March 2025 edition of the AI & Partners Newsletter.? Our customised monthly newsletter by AI & Partners updating you on the latest developments and analyses of the [now] legally binding EU Artificial Intelligence Act (the “EU AI Act”). ?As 2025 begins its journey, January marked the half-way point in which the EU AI Act became legally applicable following its entry into force on 1 August 2024. Now, this month is the first month since phasing out prohibited AI systems under Article 5 of the EU AI Act became applicable on 2nd February 2025. Since AI & Partners began more than 4 years ago, the EU AI Act’s entry into force represents a landmark moment, both in terms of regulating of ‘frontier technologies’ as well as driving forward a trustworthy AI ecosystem.

With the EU AI Act’s formal entry into force as well as the start of the two-year mandatory compliance implementation period, businesses must now start their EU AI Act readiness journeys. This issue examines a range of matters things from prohibited AI system guidelines released by the European Commission to AI Literacy requirements kicking in. Our objective is to remain ahead of the curve to keep you informed.

AI’s long-term potential for sustained value creation remains uncontested. Now, and in the foreseeable future, we base our services around helping firms achieve regulatory excellence for the EU AI Act.? We hope you find this content beneficial.?

As always, if you have any comments or recommendations for content in future editions or would like to contribute content, please let us know: [email protected].

What’s the latest with the legislative process?

Initial Implementation of the AI Act. The first phase of the AI Act came into effect on February 2, just ahead of the Paris AI Summit, as noted by Le Monde journalist Alexandre Piquard. The initial restrictions focus on prohibiting certain AI applications, including social scoring systems, predictive policing tools that profile individuals, and emotion recognition technology in workplaces and educational institutions. Additionally, AI systems designed to exploit human vulnerabilities, manipulate behavior, or employ subliminal techniques are banned. The use of real-time facial recognition in public spaces and biometric categorization for identifying personal traits is also prohibited, with specific exemptions for law enforcement. The regulation's implementation will proceed gradually. By August 1, providers of general-purpose AI models must disclose technical documentation and training data, with major models subject to security audits. Following this, regulatory measures will extend to high-risk AI applications across sectors such as infrastructure, education, employment, finance, and justice. Enforcement responsibilities will be shared between the newly established AI Office and national regulatory bodies. Non-compliance could lead to significant financial penalties, with fines reaching up to 7% of global revenue for prohibited activities and 3% for other violations.

Review of Systemic Risk Thresholds for AI Models. Journalists Luca Bertuzzi and Jean Comte from MLex reported that France is advocating for a revision of the criteria used to classify general-purpose AI models as posing a "systemic risk" under the AI Act before the rules take effect on August 2. A document reviewed by MLex indicates that the French government has urged the European Commission to update the parameters, reference points, and indicators used for this classification. The AI Act imposes regulatory requirements on providers of these models, affecting major technology firms such as OpenAI, Google, and Meta. AI models exceeding a specified computational threshold are deemed to pose systemic risks and are consequently subject to stricter oversight. French authorities stress the urgency of updating these thresholds before the compliance obligations for model providers take effect.

Commission Issues Guidelines on AI System Definition. The European Commission has released guidance clarifying the definition of AI systems under the AI Act. These guidelines aim to assist providers and stakeholders in determining whether their software qualifies as AI under the new regulatory framework. Though not legally binding, the guidance will be updated over time to reflect practical applications, emerging questions, and new use cases. As of February 2, initial provisions of the Act have taken effect, including the definition of AI systems, requirements for AI literacy, and prohibitions on certain high-risk AI applications within the EU. While the Commission has approved the draft guidelines, they have not yet been formally adopted.

Commission Publishes Guidelines on Banned AI Practices. The European Commission has provided guidance on AI practices deemed unacceptable under the AI Act. These guidelines outline restrictions on activities that may threaten fundamental rights and European values, including manipulative AI applications, social scoring, and real-time biometric surveillance. Designed to support the uniform application of the Act across EU member states, the guidance includes legal explanations and real-world examples but remains non-binding. The Court of Justice of the European Union will be responsible for final interpretations. Like the AI system definition guidelines, these recommendations have been approved but are awaiting formal adoption.

AI Literacy Repository Established. To support AI literacy efforts mandated by Article 4 of the AI Act, which took effect on February 2, 2025, the European Commission has created a living repository. This resource compiles AI literacy initiatives from organizations participating in the AI Pact. The repository, available as a downloadable PDF, categorizes initiatives based on their implementation status—fully operational, partially implemented, or planned. While regularly updated, it does not provide a comprehensive list, nor does adopting these practices guarantee compliance with Article 4. Instead, it serves as a knowledge-sharing platform for AI providers and deployers. The Commission does not endorse or evaluate these practices but encourages their development and exchange.

What do the latest analyses state?

Accountability in High-Risk AI Systems. A recent blog post from KU Leuven Law explored how the AI Act assigns responsibilities across various stakeholders in the high-risk AI ecosystem, including providers, authorized representatives, importers, distributors, and deployers. This structured approach is designed to ensure accountability, with primary compliance obligations resting on providers before market entry. Non-EU providers must designate an authorized representative within the European Union. However, the linear structure of the regulation may struggle to address the complexities of multi-stakeholder AI ecosystems, potentially leading to accountability gaps. There are concerns that liability might shift from providers to deployers, particularly when large technology firms limit their obligations through contractual agreements. Another challenge lies in reporting serious incidents, as deployers are required to notify providers before authorities. Given the opacity of AI technologies, linking design choices to actual harm remains difficult, and the Act's provisions do not sufficiently connect affected individuals with responsible entities.

Refinements to the AI Code of Practice. Laura Caroli, a Senior Fellow at the Wadhwani AI Center within the Center for Strategic and International Studies, highlighted ongoing developments in the drafting of rules for general-purpose AI models, particularly those classified as high risk. While the broad provisions of the AI Act have been established, specific details are being refined through a voluntary code of practice. The latest draft consolidates the Safety and Security Report with the Safety and Security Framework to improve compliance monitoring and transparency. The taxonomy section has been integrated into commitments for providers of high-risk AI models. The updated draft adopts a more industry-friendly tone, replacing mandatory phrasing with more flexible commitments. Key changes include clarifications that incident reporting does not imply liability and that external assessors will only be required in certain pre-deployment situations. However, the revised draft also introduces more demanding obligations, such as reducing the review cycle for safety frameworks from one year to six months.

Standardization Challenges for High-Risk AI Requirements. Bitkom, a digital industry association, emphasized in a position paper that standardization is essential for the effective implementation of the AI Act but faces several obstacles. Delays in developing common standards have created legal uncertainties, increased compliance costs, and may hinder AI innovation and product deployment. While the European Commission plays a role in guiding standardization, it must strike a balance to ensure efficiency while preserving technical independence. Bitkom advocates for flexible general standards that align with existing industry practices to accelerate the standardization process. Furthermore, European AI standards should be harmonized with international ISO/IEC frameworks to enhance global market access and prevent regulatory fragmentation. Ensuring consistency across all AI Act standards and their interaction with other legislative frameworks is crucial, with an emphasis on complementarity in definitions and requirements.

Lessons for Australia from the EU AI Act. Wendy Yang from the Law Society interviewed Bello Villarino, a Senior Research Fellow at the University of Sydney Law School, about the potential implications of the EU AI Act for Australia. Villarino noted that most advanced liberal democracies recognize the need for risk-based AI regulations. He suggested that Australia could benefit from the EU's structured approach, particularly in prohibiting AI applications that exploit human vulnerabilities. One key strength of the EU AI Act is its clarity, providing developers with well-defined expectations when creating AI systems for a market of 500 million people. For Australia, ensuring interoperability with international regulations will be crucial, given its relatively small AI market. The country will need to import AI technologies while maintaining compatibility with global regulatory frameworks to support both domestic development and international deployment.

Tech Giants Push Back Against AI Code of Practice. POLITICO’s Pieter Haeck reports that the European Union’s proposed voluntary code of practice for general-purpose AI models is facing resistance from major tech companies, including Google and Meta. This initiative, intended to operationalize aspects of the AI Act, applies to AI providers such as OpenAI, Anthropic, Google, Meta, and Microsoft. Google’s senior public affairs executive, Kent Walker, has criticized the proposal as a potential obstacle to European competitiveness. Similarly, Meta’s chief lobbyist, Joel Kaplan, dismissed the code’s requirements as impractical, stating that Meta would not support it in its current form. Google has yet to confirm its stance. The proposed code aims to address concerns related to training data transparency and systemic risk management, but critics argue that it extends into areas such as copyright and external model testing, exceeding the AI Act’s original scope. These objections come amid broader tensions between the EU and the US, with former President Trump characterizing EU tech regulations as disguised trade barriers. The code is expected to be finalized in April.

Civil Society Raises Concerns Over AI Code Drafting Process. According to Jacob Wulff Wold at Euractiv, civil society groups have expressed frustration over the lack of inclusivity and transparency in the drafting of the general-purpose AI Code of Practice. Discontent has grown following the AI Action Summit in France, where discussions focused more on business interests than on safety and human rights. A coalition of safety advocates, including Professor Stuart Russell and several academic institutions, has put forward recommendations calling for stricter risk assessment protocols and external oversight. Meanwhile, human rights organizations have criticized the relegation of rights-based concerns to secondary considerations. While tech firms like Meta and Google argue that the code is unworkable, some activists, including Karine Caunes, reject these claims, asserting that the code should, in fact, establish higher standards than those outlined in the AI Act.

EU Pushes Forward with AI Regulation Amid US Tensions. Reporting for the Financial Times, Barbara Moens, Henry Foy, and Melissa Heikkil? note that the European Commission has intensified its regulatory efforts by issuing new guidance on AI definitions and prohibited practices. This move has heightened tensions with the US, as former President Trump has warned of possible retaliation against what he perceives as unfair treatment of American tech firms. While the Commission remains committed to enforcing the AI Act, concerns persist about potential external pressures influencing its implementation. A senior EU official acknowledged these challenges but emphasized that while enforcement strategies may be adjusted for innovation-friendliness, the core legislation will remain intact. However, digital rights advocates fear that these adjustments could lead to a weakening of AI regulations.

EU Adjusts Tech Rules to Encourage AI Investment. As reported by the Financial Times, EU digital policy chief Henna Virkkunen has confirmed that the Commission is scaling back certain regulatory measures to encourage AI investment. She denied suggestions that these adjustments were made in response to US lobbying, asserting instead that the EU is focused on reducing bureaucratic burdens for businesses implementing AI regulations. Despite threats from the Trump administration regarding EU fines on US tech firms and criticisms from US Vice-President JD Vance over the complexity of international AI rules, Virkkunen insisted that these policy shifts are independent of external influence. The Commission has withdrawn its proposed AI liability directive and plans to limit certain reporting obligations in the forthcoming AI Code of Practice. Nevertheless, Virkkunen reassured that enforcement of existing digital platform regulations will continue, maintaining the EU’s commitment to both business competitiveness and the protection of European values in the digital landscape.

What is coming up next?

Gartner Data & Analytics Summit 2025

3 - 5 March 2025

Shape the Future of Data, Analytics, and AI

TThe Gartner Data & Analytics Summit 2025 is the must-attend event for data-driven leaders. Held in Orlando, FL,, this summit delivers unparalleled insights, networking opportunities, and actionable solutions for the future of data and AI.

Why This Summit Stands Out

●??????? 5,000+ Attendees: Network with top data, analytics, and AI leaders worldwide.

●??????? 50+ Gartner Experts: Gain trusted insights based on 200,000+ conversations annually.

●??????? Key Tracks for 2025: Explore leadership strategies, cutting-edge AI innovations, and analytics modernization.

Featured Sessions Include: ?? Leadership Track – Build a data-driven culture and mature your capabilities. ?? AI Track – Learn about generative AI, large language models, and responsible AI. ?? Analytics Track – Explore data storytelling, decision intelligence, and composable ecosystems.

Plus, join the exclusive CDAO Circle Program, designed specifically for Chief Data & Analytics Officers to enhance strategy and drive business value.

?? Featured Speakers: Arun Chandrasekaran | Rita Sallam | Adam Ronthal | Jorg Heizenberg

?? Don’t Miss Out! Save $425 on standard registration with code AIPARTNER!

?? Reserve Your Spot Here https://www.gartner.com/en/conferences/na/data-analytics-us?utm_source=linkedin&utm_medium=social&utm_campaign=EVT_NA_2025_BI23_NPP_MP1_AIANDPARTNERS&utm_term=aiandpartners&utm_content=li-sponsored-inmail

#DataLeadership #GenerativeAI #CDAO #AnalyticsSummit #GartnerSummit

Shape the Future of Data, Analytics, and AI

Human[X]

10 - 13 March 2025

The #1 AI Conference for Business Leaders.

Join us March 10-13 at the Fontainebleau Las Vegas for HUMANX 2025, the premier AI event for business leaders! ?? Connect with visionaries and industry pioneers as we explore AI's vast potential across diverse sectors, from finance and healthcare to cybersecurity and retail.

?? Why You Can’t Miss HUMANX 2025:

• Inspiring Keynotes: Hear from Reid Hoffman, Co-Founder of LinkedIn and Inflection.ai, as he dives into AI’s transformative impact on business.
• Industry-Specific Tracks: With 10+ tracks tailored for professionals in finance, retail, and more, there’s a session for everyone.
• Exclusive Networking: Meet C-suite executives, founders, and innovators through networking receptions and events.
• The e[X]po Floor: Get hands-on with the latest in AI from Google Cloud, Synthesia, Snowflake, and many other top companies.

Don’t miss your chance to be part of the conversation shaping AI’s role in business! Reserve your spot today and download the attendee snapshot to see who else is coming! ??

Register Now: https://www.humanx.co/register?utm_campaign=hx25&utm_source=aiandpartners&utm_medium=social

See you in Las Vegas! ??

Gartner Identity & Access Management Summit 2025

24 - 25 March 2025

Identity Amplified

Join us at the Gartner Identity & Access Management Summit 2025 at InterContinental London – the O2.

??? When: 24 – 25 March 2025

?? Where: London, U.K.

?? Why Attend?

?? 1,000+ IAM Leaders and IT Executives – Build your network with forward-thinking leaders.

?? 25+ Gartner Experts – Gain actionable insights from the best in the business.

?? 35+ Solution Providers – Discover cutting-edge solutions for your IAM priorities.

?? Topics to Explore:

?? IAM Program Management – Boost your security posture while delivering business value.

?? Privileged Access Management (PAM) – Discover the latest on PAM controls evolution.

?? Identity Governance and Administration (IGA) – Learn to strengthen identity life cycle management and access certification.

?? Don’t miss out on this chance to future-proof your identity strategies. Register before 24

January 2025 to save €425 with our early-bird discount. Register now:

https://gtnr.it/40aIv4e

#IAM #Cybersecurity #IdentityAmplified #GartnerIAMSummit

PAY360 2025

25 - 26 March 2025

Shaping the Future of Payments

PAY360 is the flagship annual conference and exhibition organised by The Payments Association, bringing together leaders, innovators, and decision-makers from across the payments ecosystem. The event will explore the latest trends, challenges, and opportunities within the payments industry through a packed agenda, cutting-edge exhibits, and networking opportunities.

https://pay360event.com/why-visit/?gad_source=1&gclid=Cj0KCQiA19e8BhCVARIsALpFMgEgQq-GJSYb2O3JGh65Euxw3KyjcVYydAfGV_bjdx0E-mYK7cL4_8YaAm7REALw_wcB

#AI #Future #Payments #PAY360

Paris Blockchain Week 2025

8 - 10 April 2025

Uniting Global Blockchain Innovators.

Join us April 8-10, 2025, at the Carrousel du Louvre, where Paris Blockchain Week will bring together blockchain pioneers, innovators, and professionals from around the world. This is where blockchain’s most important conversations take place!

Why Attend? ?? Visionary Agenda – Topics on open finance, Web3, AI, and public policy ?? High-Value Networking – Meet with C-suite execs, investors, and founders ??? VIP Dinner – Join industry elites beneath the iconic Pyramide du Louvre

Don’t miss this chance to shape blockchain’s future!

?? Register at > https://www.parisblockchainweek.com/

#ParisBlockchainWeek #Web3Innovation #DigitalTransformation #Blockchain #CryptoParis

Game Changer London 2025

8 May 2025

Uniting Global Blockchain Innovators.

?? When: May 2025 ?? Where: London

Get ready for Game Changer London 2025, part of an ongoing series of events uniting tech leaders, innovators, and creative minds to shape the digital transformation of tomorrow. With a focus on making technology more humane, this event is where ideas meet action to build the infrastructure of the next century.

? Why Attend? This is not just another conference—it’s a platform for fostering collaboration across industries and inspiring innovation. You’ll gain:

• ?? Expert Insights: 8 panels and presentations featuring 20+ speakers.
• ?? Networking Opportunities: Connect with over 260 attendees, including leaders from startups, corporates, and the tech community.
• ??Future-Focused Content: Explore solutions for digital transformation, sustainability, and ethical tech development.

?? Register at > https://drive.google.com/file/d/1RFDIi5DBedl3AOdD4Mx6UmQEBdAYJ08v/view

#GameChanger2025 #HumanCentricTech #DigitalTransformation #Innovation

Gartner Data & Analytics Summit 2025

12 - 14 May 2025

Shape the Future of Data, Analytics, and AI

?? Are you ready to transform your data and analytics strategies?

The Gartner Data & Analytics Summit 2025 is the must-attend event for data-driven leaders. Held at ExCeL London, this summit delivers unparalleled insights, networking opportunities, and actionable solutions for the future of data and AI.

Why This Summit Stands Out

●??????? 3,000+ Attendees: Network with top data, analytics, and AI leaders worldwide.

●??????? 30+ Gartner Experts: Gain trusted insights based on 200,000+ conversations annually.

●??????? Key Tracks for 2025: Explore leadership strategies, cutting-edge AI innovations, and analytics modernization.

Featured Sessions Include: ?? Leadership Track – Build a data-driven culture and mature your capabilities. ?? AI Track – Learn about generative AI, large language models, and responsible AI. ?? Analytics Track – Explore data storytelling, decision intelligence, and composable ecosystems.

Plus, join the exclusive CDAO Circle Program, designed specifically for Chief Data & Analytics Officers to enhance strategy and drive business value.

?? Featured Speakers: Debra Logan | Rita Sallam | Adam Ronthal | Jorg Heizenberg

?? Don’t Miss Out! Early bird registration is now open.

?? Reserve Your Spot Here https://www.gartner.com/en/conferences/emea/data-analytics-uk?utm_source=linkedin&utm_medium=social&utm_campaign=EVT_EMEA_2025_BIE26I_NPP_MP1_AIANDPARTNERS&utm_term=aiandpartners&utm_content=li-sponsored-inmail

#DataLeadership #GenerativeAI #CDAO #AnalyticsSummit #GartnerSummit

What AI & Partners can do for you

Established in 2021, AI & Partners is a leading provider of AI governance solutions, helping businesses comply with the EU AI Act and adopt AI responsibly.

Our Solutions:

1. Software Solutions:

? AI Scanner – automatically detects AI systems within your infrastructure (algorithms, Models, LLM's and prompts) .

? AI inventory & Model monitoring – centralizes AI assets and tracks risks.

? Self-assessment tools – evaluate AI compliance with regulatory standards.

2. Education & Training:

? Online courses – flexible learning for individuals and teams.

? Group sessions – interactive learning with industry experts.

? Company-wide programs – tailored training for AI governance.

3. Consultancy Services:

? AI impact assessments – ensure your responsible AI deployment.

? ISO 42001 pre-audit – prepare for AI management system certification.

? AI Legal Frameworks

? Steps approach to comply with the EU AI Act

Our Best Content Picks for 2025

Removing Prohibited AI Systems from the EU Market

????The European Commission's EU #AI Act, which entered into force on August 1, 2024, outlines that prohibited #AI systems are banned in the EU market from February 2, 2025. In this publication, Sean Musch & Michael Charles Borrelli provide guidance on Article 5, and what businesses need to do in order to phase them out.

Read more at > https://www.dhirubhai.net/feed/update/urn:li:activity:7291356769723781120

#prohibited #AI

Fostering Trustworthy AI for the Digital Decade

?????? Our latest report explores how the European Commission EU #AI Act strengthens Europe's commitment to a secure, safe, and sustainable digital transition. Aligned with the Declaration on Digital Rights and Principles, the Act embeds ethical, transparent, and responsible #AI development into its regulatory framework.

Read more at > https://www.dhirubhai.net/feed/update/urn:li:activity:7292797308675481600

#trust #AI #digital

EU AI Act: Six Months After Entry Into Force

??? AI & Partners has released "Six Months After Entry Into Force: A Practitioner’s Perspective," a report by Sean Musch and Michael Charles Borrelli, providing key insights into how the EU #AI Act is shaping compliance, risk management, and #AI governance across Europe – and globally, under extra-territorial provisions in Article 2.

Read more at > https://www.dhirubhai.net/feed/update/urn:li:activity:7293886579150917632

#trust #AI #regulation #law

EU AI Act: Supervisory Responsibilities

??? AI & Partners has released "Implementation & Supervisory Responsibilities Under the European Commission's EU #AI Act," a report by Sean Musch and Michael Charles Borrelli. This report explores how EU institutions and Member States are structuring #AI oversight, ensuring compliance, and addressing governance challenges.

Read more at > https://www.dhirubhai.net/feed/update/urn:li:activity:7296426878557417472

#trust #AI #enforcement #supervision

EU AI Act: Methodology - Classification of General-Purpose AI Models as General-Purpose AI Models with Systemic Risks

????Charles Kerrigan, CMS UK, Sean Musch, AI & Partners, and Michael Charles Borrelli, AI & Partners, created a methodology for classifying general-purpose #AI (#GPAI) models as #GPAI models with Systemic Risk under Article 51 of the European Commission’s EU #AI Act. These are designed to help organizations classify systemic risks when developing and deploying #GPAI models.

Read more at > https://www.dhirubhai.net/feed/update/urn:li:activity:7297878171322867713

#trust #AI #systemic #risk #artificial intelligence

EU AI Act: General-Purpose AI Code of Practice - Commitment Areas

??? AI & Partners has released "General-Purpose #AI (#GPAI) Code of Practice: Commitment Areas," a report by Sean Musch and Michael Charles Borrelli. This report explores the governance, transparency, and risk mitigation commitments required under the European Commission’s EU #AI Act for #GPAI models, including systemic risk management obligations.

Read more at > https://www.dhirubhai.net/feed/update/urn:li:activity:7298960021508222977

#trust #AI #systemic #risk #law #code

EU AI Act: National Implementation Plans - State of Play

??? AI & Partners has released "National Implementation Plans – State of Play," a report by Sean Musch and Michael Charles Borrelli. This report examines how EU Member States and EEA countries are structuring AI oversight under the EU #AI Act, highlighting key regulatory decisions, enforcement mechanisms, and compliance challenges.

Read more at > https://www.dhirubhai.net/feed/update/urn:li:activity:7301496433264754688

#trust #AI #systemic #risk #law #code

Legitimate Interest

As we will continue to communicate with UK and EU individuals on the basis of ‘legitimate interest’ if you are happy to continue to receive marketing communications covering similar topics as you have previously then no action is needed, else please unsubscribe by following the Opt Out process. ?We will process your personal information in accordance with our privacy notice.

Opt Out

If, however, you do not wish to receive any marketing communications from us in the future you can unsubscribe from our mailing list at any time, thank you.

DISCLAIMER

All information in this message and attachments is confidential and may be legally privileged. Only intended recipients are authorized to use it. E-mail transmissions are not guaranteed to be secure or error free and sender does not accept liability for such errors or omissions. The company will not accept any liability in respect of such communication that violates our e-Mail Policy.