logo
adaptacion reglamento

Compliance with the Artificial Intelligence Regulation

Regulation (EU) 2024/1689 on Artificial Intelligence does not merely impose prohibitions: it establishes a system of active obligations that organizations must implement before their AI systems go into production. The regulation distinguishes between the roles that each entity plays in the AI chain (provider, deployer, or user) and assigns each a different set of duties, including the preparation of technical documentation, the establishment of risk management systems, human oversight, and compliance with transparency requirements.

For most companies, complying with the AI Regulation also means reviewing and updating their existing data protection measures, since the two regulations overlap in most systems that process personal data. Ignoring this integration creates compliance gaps that neither regulation tolerates on its own.

At Letslaw, we offer a comprehensive service to ensure compliance with the AI Regulation, following the same methodology we have applied in hundreds of GDPR compliance projects, adapted to the specific characteristics of the new framework. The service covers:

  • Preliminary study: assessment of the current situation against the Regulation’s requirements, including identification of the AI systems used, the company’s role in each of them, and the corresponding obligations.
  • Risk Level Classification: A sequential analysis in accordance with the Regulation’s structure (prohibited practices, high risk, limited risk, minimal risk), with explicit legal reasoning for the conclusion reached and identification of the necessary documentation in accordance with the technical documentation requirements set forth by the Regulation.
  • Applicable obligations: determination of the specific requirements imposed by the Regulation based on the classification obtained, including technical documentation, transparency, human oversight, and risk management.
  • Internal procedures: design and implementation of the oversight, risk management, and incident response processes required by the Regulation.
  • Corporate documentation: Review and update of contracts, internal policies, and agreements with AI providers to incorporate the clauses and commitments required by the Regulation.
  • Legal texts and transparency: drafting of informational communications to users, legal notices regarding AI systems, and policies on the use of artificial intelligence, tailored to each client’s profile and business activities.
  • GDPR Compliance: Joint analysis of personal data processing activities involving AI systems, including updating the record of processing activities and, where applicable, conducting data protection impact assessments.

The result is a concrete, prioritized compliance plan, with documents ready for implementation and ongoing guidance throughout the implementation process.

If you want to know how the AI Regulation specifically affects your company, the most effective starting point is an initial compliance assessment.
If you’re assessing how the AI Regulation affects your company or need guidance on where to start, you can conduct a preliminary analysis using the form below:

Do you have any query?

    By clicking on "Send" you accept our Privacy Policy - + Info

    I agree to receive outlined commercial communications from LETSLAW, S.L. in accordance with the provisions of our Privacy Policy - + Info