The EU AI Act: A Foundational Overview

The European Union's Artificial Intelligence Act (AI Act), which entered into force on August 1, 2024, is a pioneering regulatory framework designed to ensure the ethical, safe, and trustworthy development and deployment of AI systems within the EU. This legislation establishes a global precedent for AI governance by adopting a risk-based approach, with obligations and oversight measures directly proportional to the potential harm an AI system could pose to health, safety, and fundamental rights. The Act's broad, extraterritorial reach means it applies not only to providers and deployers based in the EU but also to any third-country providers whose high-risk AI system outputs are used within the Union.

The core of the AI Act is a four-tiered risk framework that categorizes AI systems with escalating levels of regulation:

• Unacceptable Risk: AI systems that pose a clear threat to fundamental rights are prohibited. This includes practices such as social scoring systems, biometric categorization of individuals to deduce protected characteristics, and manipulative AI that exploits vulnerabilities to distort behavior and cause significant harm.

• High-Risk: These are AI systems that can pose a serious risk to health, safety, or fundamental rights. They are subject to the most stringent obligations under the Act. The legislation identifies high-risk applications in several key sectors, including financial services, healthcare, and manufacturing.

• Limited Risk: This category of AI systems, such as chatbots or deepfakes, is subject to specific transparency obligations. Providers must ensure that users are aware when they are interacting with an AI system and that AI-generated content is clearly identifiable.

• Minimal Risk: The majority of AI applications currently available on the market, such as video games and spam filters, are considered to pose minimal to no risk and are therefore largely unregulated by the Act.

Phased Implementation: A Compliance Timeline

The AI Act’s obligations are not effective immediately but are phased in over a multi-year timeline, creating a staggered compliance roadmap. The most critical prohibitions on unacceptable risk AI systems will become applicable as early as February 2025. Any company, regardless of its industry or location, that currently uses or is developing systems that fall into this banned category is already operating with a significant compliance risk. The motivation for early preparation is underscored by the Act’s severe penalties for non-compliance, with fines reaching up to €35 million or 7% of a company’s global turnover.

Following the initial prohibitions, codes of practice for General Purpose AI (GPAI) systems will be ready in May 2025, with corresponding obligations becoming applicable in August 2025. The core obligations for high-risk AI systems listed in Annex III—which include systems used in employment, education, and critical infrastructure—will take effect in August 2026. A later deadline of August 2027 is provided for high-risk AI systems that are components of regulated products, such as medical devices or vehicles. This phased approach means that companies cannot afford to wait; they must initiate an immediate audit of their AI systems and establish a comprehensive governance framework now to navigate the full timeline.

Sectoral Implications and High-Risk Use Cases

The AI Act will have significant implications across multiple industries by classifying specific use cases as high-risk. Companies in these sectors must begin aligning their product development and internal processes with the Act’s requirements.

• Financial Services: AI is widely used for tasks such as fraud detection, creditworthiness assessments, and risk evaluation. The Act specifically categorizes AI systems used for creditworthiness assessments as high-risk. This classification imposes strict requirements on financial institutions, including the need to implement a quality management system, perform conformity assessments, and maintain detailed documentation and logging. Given that a 2023 ECB survey found 60% of major European banks are already using AI, the compliance burden for this sector is substantial.

• Healthcare: AI is transforming medicine by improving diagnostics, personalizing treatment plans, and optimizing resource allocation. However, AI-based software for medical purposes is classified as high-risk. This necessitates that manufacturers integrate the AI Act's requirements with existing regulations, such as the Medical Device Regulation (MDR), ensuring data quality to mitigate bias and establishing clear protocols for human oversight. The new Product Liability Directive also works in tandem with the AI Act to provide better legal certainty for victims in cases where a defective product, including an AI system, causes damage.

• Manufacturing and Other Sectors: The Act classifies AI used in machinery, robotics, and vehicles as high-risk, particularly where safety is involved. Manufacturers must align their product development and conformity assessments with the Act's technical and transparency standards now. Beyond these core sectors, the Act also impacts education (e.g., AI tools for exam scoring), employment (e.g., CV-sorting software for recruitment), and law enforcement (e.g., predictive policing).

Obligations for Providers and Deployers

The AI Act imposes distinct but interconnected obligations on both providers (developers) and deployers (users) of AI systems. For providers, this means establishing a robust risk management system, ensuring high-quality datasets that minimize bias, providing comprehensive technical documentation, and designing systems for record-keeping and human oversight. For certain high-risk systems, third-party conformity assessments will be required before they can be placed on the market. Deployers, on the other hand, must ensure human oversight and continuous monitoring of the systems in operation to ensure compliance. The new legal regime grants a contracting party a direct, extracontractual claim against a director if the director’s fault caused the damage, even if that fault was committed in the framework of a contract.

The Pillars of Sustainability: A Triple Bottom Line Approach

Sustainability in a business context has evolved from a voluntary, philanthropic endeavor to a core strategic imperative that is fundamental to a company's longevity and resilience. This holistic approach is often framed by the "Triple Bottom Line" theory, which posits that a company's success should be measured not just by its financial performance but also by its impact on society and the environment. This framework is often summarized by the three Ps: Profit, Planet, and People.

• Profit (Economic Sustainability): This pillar goes beyond short-term financial gains to focus on a company's long-term viability. It encompasses practices that create a resilient economic model, such as efficient resource management, cost-effective operations, and investment in innovation. It also includes ensuring fair wages and equitable growth opportunities for employees, recognizing that a stable, well-compensated workforce is essential for sustained profitability.

• Planet (Environmental Sustainability): This dimension is perhaps the most widely understood. It is centered on minimizing the negative impact of business activities on the natural world. This includes reducing carbon emissions, conserving water, managing waste responsibly, and transitioning to renewable energy sources.Companies that adopt green practices not only help combat climate change but often achieve cost savings through reduced energy consumption and waste-disposal expenses.

• People (Social Sustainability): This pillar focuses on the well-being of all people and communities affected by a company’s operations. It covers a wide spectrum of issues, from employee rights and working conditions to community engagement and ethical supply chain management. For multinational corporations, this means ensuring against child labor and promoting fair wages for workers across their global supply chains.

This three-pronged approach is encapsulated in the increasingly influential ESG (Environmental, Social, and Governance) criteria, which provides a practical framework for investors to evaluate a company's sustainability performance and inform their investment decisions.

The Business Imperative: Benefits and Opportunities

Adopting a comprehensive sustainability strategy is no longer a matter of corporate social responsibility but a critical factor in a company's competitive advantage. By embracing sustainable practices, companies can achieve improved operational efficiency and reduced costs, as evidenced by examples such as Unilever saving $440 million through eco-efficiency projects. Furthermore, a commitment to sustainability enhances a company’s brand reputation, helping to attract and retain customers and employees who value green and ethical practices. Companies that are proactive in this area, such as IKEA, are also better positioned to comply with new and forthcoming legislation, including the EU Climate Law and the CSDDD, which mandates due diligence on human rights and environmental impacts.

A particularly compelling dynamic is the complex interplay between artificial intelligence and sustainability. AI presents a significant paradox: it can be a powerful tool for advancing sustainability goals, yet its underlying infrastructure has a substantial environmental footprint. On one hand, AI and machine learning models are already being used to optimize transportation logistics, as seen in UPS’s ORION system, which reduces fuel usage by minimizing turns on delivery routes. Airbus similarly uses 3D printing to manufacture lighter aircraft parts, which significantly decreases fuel consumption and greenhouse gas emissions.

On the other hand, the energy-intensive nature of AI training and deployment is a growing concern. Generating a single image with a generative AI can consume as much energy as fully charging a smartphone. The fossil fuel industry is also leveraging AI to optimize its operations and increase production. While the EU AI Act currently only "encourages" environmental sustainability on a voluntary basis, existing regulations, such as the EU's Energy Efficiency Directive, require data centers to disclose their energy and water consumption, providing a partial regulatory push towards more responsible AI infrastructure.

Real-World Case Studies in Sustainability

Leading companies across various industries have successfully integrated sustainability into their core business models, providing valuable blueprints for others.

• IKEA's Supply Chain Accountability: IKEA's IWAY supplier code of conduct is a robust framework that ensures its partners meet strict humanitarian and environmental standards. The code evaluates everything from core worker rights and workplace safety to water and waste management in the supply chain.

• Patagonia's Circular Economy and Activism: Patagonia has built its brand on a commitment to the environment. The company operates a circular economy model by sourcing recycled materials, offering free repair services, and actively engaging in climate policy. The founder’s decision to transfer ownership of the company to a non-profit dedicated to fighting climate change is a powerful example of integrating purpose into a corporate structure. The company's circular economy approach continues to evolve, with a goal of eliminating virgin materials from its product line by 2025. Its headquarters also operates on 100% renewable electricity and has one of California's largest corporate solar panel systems.

• H&M's Circularity: H&M has shown how even a fast-fashion retailer can create a more circular model with its "Let's Close the Gap" initiative. The program collects old clothes from customers for restoration or recycling and provides incentives in the form of discounts, creating a feedback loop that promotes sustainable consumption.

• Apple's Closed-Loop Supply Chain: Apple has achieved 100% renewable energy use across its data centers, retail stores, and offices. As of 2025, over 99% of its product packaging is fiber-based and recyclable. The company's material recovery labs and self-designed disassembly robots support its goal of a closed-loop supply chain.

The New Frontier of Director Liability

A new Book 6 of the Belgian Civil Code, which took effect on January 1, 2025, has introduced a significant shift in corporate liability by abolishing the principle of "quasi-immunity" for company directors. Previously, a company's contractual partners were generally shielded from directly suing a director for a contractual breach committed by the company. Legal claims had to be directed at the company itself, and directors were largely protected from personal liability for their actions in the execution of corporate contracts.

The new legal regime fundamentally changes this dynamic. It now grants a contracting party a direct, extracontractual claim against a director if the director’s fault caused the damage, even if that fault was committed in the framework of a contract. For example, if a director knowingly approves the delivery of a defective product, the customer can now pursue personal liability claims against that director in addition to a claim against the company.

While directors still benefit from liability caps—which range from €125,000 to €12 million depending on the company's size—these protections are not absolute and do not apply in cases of intentional misconduct. To mitigate this new risk, companies must take proactive steps, including revising new and existing contracts to explicitly limit or exclude the non-contractual liability of their directors. Additionally, companies should review and potentially increase their directors and officers (D&O) insurance coverage and strengthen internal governance through clear decision-making processes and meticulous documentation to demonstrate due diligence.

Significant Amendments to Belgian Employment Law

The new Belgian government agreement, effective from January 2025, marks a substantial overhaul of labor law, introducing several key changes that will impact employers and employees alike. These measures aim to increase flexibility for employers while also tightening conditions for unemployment and early retirement.

• Reintroduction of Probation Periods: Employers will be allowed to terminate employment with a one-week notice period during the first six months. This is a significant change from the previous system and provides greater flexibility for employers in the initial phase of an employment relationship.

• Cap on Severance Pay: For new hires, severance pay will be capped at 52 weeks. While its immediate effect will be limited, as it will only become relevant after 17 years of seniority, it is a clear long-term signal of the government's intention to control labor costs.

• Flexi-Jobs Expansion: The "flexi-job" system, which provides a tax-attractive system for part-time work, will be expanded to all sectors unless a specific sector opts out. The maximum tax-free annual income for flexi-jobs will also be increased to €18,000, and the minimum hourly wage will rise to €21.

• Increased Employer Responsibility for Sick Employees: Employers will now be required to contribute 30% of the sickness allowance during the first two months following the initial 30 days of an employee's incapacity, making long-term absences more expensive for companies.

Beyond these changes, the government has also identified imbalances in B2B purchase agreements as a priority concern and is expected to ban certain unfair contract terms in the hotel, restaurant, and catering sectors.

Additional Amendments in Employment Law

The new government agreement also includes additional changes to labor law. The maximum number of annual voluntary overtime hours will be increased to 360 for all workers, with up to 450 hours allowed in the hotel, restaurant, and bar (HORECA) sector. The government also intends to introduce "fit notes" from treating physicians, which will clarify an employee's remaining work capacities rather than simply providing a sick note. The minimum age for student work will be set at 15 years old, and the maximum limit for student work under the fiscally beneficial system will be permanently increased to 650 hours per year.