← Back to all briefings

AI · Credibility 94/100 · · 2 min read

AI Governance Briefing — February 2, 2025

The EU AI Act’s Article 5 prohibitions enter into force today, and Zeph Tech is confirming shutdown evidence, regulator notifications, and supplier attestations for unacceptable-risk systems.

Executive briefing: The grace period granted by Article 113(2)(a) of Regulation (EU) 2024/1689 expires on . From today, EU market-surveillance authorities can impose fines and corrective measures on unacceptable-risk AI systems listed in Article 5, including untargeted facial-recognition scraping, biometric categorisation that infers sensitive traits, and manipulative systems that exploit vulnerabilities. Zeph Tech is running day-one enforcement drills—collecting decommissioning artefacts, confirming model retirement in product environments, and issuing completion attestations to regulators and key clients.

Regulatory checkpoints

  • Article 5 scope. Validate that any systems enabling cognitive behavioural manipulation, social scoring by public authorities, or real-time remote biometric identification in public spaces (outside narrow law-enforcement exceptions) are fully withdrawn.
  • Documentation duties. Article 71 requires providers to retain technical documentation for withdrawn systems so authorities can audit historical behaviour.
  • Market surveillance. National authorities may order corrective measures, request conformity information, or levy fines up to €35 million or 7% of global turnover for operating prohibited systems.

Control alignment

  • Inventory reconciliation. Cross-check AI system registries against Article 5 definitions and archive sign-offs from accountable executives.
  • Incident escalation. Maintain channels to notify authorities within the timelines described in Commission guidance if residual prohibited functionality is discovered.
  • Third-party governance. Require suppliers and joint ventures to provide attestations or audit reports confirming removal of prohibited capabilities across shared platforms.

Enablement moves

  • Publish customer advisories documenting how legacy features were retired, replacement workflows, and human oversight guardrails that remain in production.
  • Feed lessons learned into 2025 high-risk AI projects so design reviews flag prohibited characteristics earlier.
  • Align internal communications, crisis plans, and legal briefings on enforcement powers now that Article 5 is fully applicable.
  • EU AI Act
  • Article 5 prohibited AI
  • Market surveillance
Back to curated briefings