Key facts
- Format: one-page PDF checklist plus a 2026–2028 deadline tracker.
- Covers the five steps: inventory, risk classification, transparency, governance and evidence.
- Mapped to the confirmed EU AI Act dates — Article 50 transparency applies from 2 August 2026.
- Written for SMEs: proportionate, jargon-free and free to download (no sign-up required).
- Pairs with the free AI Act exposure check to see where you stand first.
What is the EU AI Act compliance checklist?
It is a practical, one-page checklist that turns the EU AI Act into the concrete steps an SME can actually work through. Instead of reading the full regulation, you follow five ordered steps — build an AI inventory, classify each system by risk, address transparency, put governance around the systems that need it, and keep the evidence — with a companion tracker for the dates that matter between 2026 and 2028.
📥 Download the EU AI Act Compliance Checklist + Deadline Tracker (PDF)
Who is it for?
It is written for UK and EU small and mid-sized businesses that build, buy or use AI and need a proportionate starting point — founders, operations and compliance leads, and the person who has just been handed ‘sort out the AI Act’. You do not need legal training to use it.
What the checklist covers
1. Inventory. List every AI system you develop, buy or use, with owner, vendor, data used and purpose. See what is an AI inventory?
2. Risk classification. Tag each system as prohibited, high-risk, limited-risk (transparency) or minimal-risk against the Act's tiers.
3. Transparency (from 2 August 2026). Tell people when they are interacting with AI and label AI-generated or manipulated content under Article 50.
4. Governance. Put an acceptable-use policy, clear ownership and a simple risk process around the systems that need it. See what is AI governance?
5. Evidence. Keep the inventory, classifications, policies and training records that prove what you have done — the artefacts buyers and regulators ask for.
The deadline tracker (2026–2028)
The companion tracker lists the dates to plan around: prohibited-practice and AI-literacy duties (already in force since 2 February 2025), GPAI obligations (2 August 2025), Article 50 transparency (2 August 2026), and the provisional high-risk deadlines deferred under the Digital Omnibus to 2 December 2027 (Annex III) and 2 August 2028 (product-embedded). See the full EU AI Act timeline.
How to use it
Work top to bottom. Complete the inventory first — you cannot classify or comply for AI you have not mapped. Then classify, then act on the items that apply to your highest-risk systems. Re-run the checklist each quarter and whenever you adopt a new AI tool. If you would like a quick read on your exposure before you start, take the free exposure check.
Frequently asked questions
What's the first step to EU AI Act compliance?
Build an AI inventory and classify each system by risk — you can't comply with obligations you haven't mapped.
When does the EU AI Act take effect?
Entered into force Aug 2024; obligations phase in. Prohibited practices and GPAI rules already apply (2025); transparency duties from 2 Aug 2026; high-risk deferred to 2027/2028 after the Digital Omnibus.
What is the deadline I should care about most?
For most organisations: 2 Aug 2026 (transparency and GPAI governance) and your high-risk classification ahead of the 2027 deadlines.
What are the penalties for non-compliance?
Up to €35m or 7% of global turnover for prohibited practices; up to €15m or 3% for most other breaches; lower caps for SMEs.
Does the EU AI Act apply to UK businesses?
Yes, if you place AI on the EU market, are established in the EU, or your AI's output is used in the EU — regardless of where you are based.
Do I need a conformity assessment?
Only for high-risk AI systems before they're placed on the market or put into service.
Is the checklist really free?
Yes — download the PDF checklist and deadline tracker directly, no sign-up required.
Related pages
Sources
Last updated 19 June 2026.