We support MaxAppeal™, St John’s SPC, and other amazing causes. Over £2,000 🙌 raised to date, with every project helping us give more. See how we’re making an impact.
AI governance is no longer abstract. The EU AI Act entered into force on 01 August 2024. Most obligations apply from 02 August 2026, with some exceptions running to 02 August 2027. Some milestones are already live, including the AI literacy obligation (from 02 February 2025). This playbook shows how to get ready without boiling the ocean.
Last updated: 27 February 2026.
Watch-out: the Commission has signalled implementation simplification work, including proposals that could affect how some timelines are applied in practice. Plan to the published baseline, then keep a short monthly review cadence to track updates.
If you only do one thing this week, do this. Most organisations already use AI through HR systems, recruitment tools, scheduling, performance tooling, learning platforms, customer support, and internal assistants. Create a single list of systems, use-cases, and decision points. Keep it boring and complete.
Under Annex III, “Employment, workers’ management and access to self-employment” includes AI used for recruitment or selection (including analysing and filtering applications and evaluating candidates), and AI used for decisions affecting terms of work, promotion, termination, task allocation based on behaviour or traits, and monitoring or evaluating performance and behaviour.
A good compliance posture is evidence you can hand to a competent person quickly. Focus on controls that prevent harm and prove oversight.
If you deploy systems that interact directly with people, or you publish AI-generated content in ways that trigger transparency duties, note that transparency rules are scheduled to start applying from 02 August 2026.
Article 4 requires providers and deployers to ensure a sufficient level of AI literacy for staff and others using AI systems on their behalf, taking account of context and the people affected. Do not run one generic session and call it done. Build a small, role-based programme and keep evidence.
Keep evidence: attendance, a short assessment, and a quarterly refresher for high-risk areas.
Most organisations fail on the same point: they cannot prove who is competent to oversee AI in people processes. A skills matrix fixes that, if you define skills clearly and score consistently.
Start with a capability framework and evidence standards. For reference, see the Upleashed capability framework approach here: https://upleashed.com/capability-framework/
If you want this to run with less admin, and with better visibility across teams, PulseAI is the platform route: https://upleashed.com/pulse-ai-skills-matrix/ also see our capability framework: https://upleashed.com/capability-framework/
If you want a clean, practical path to run this as an operating rhythm, publish the playbook as a Learning Lab post, then link to your capability framework and PulseAI pages. Start here: https://upleashed.com/learninglab/
Note: this article is informational and not legal advice. If you operate across multiple jurisdictions, validate your approach with appropriate legal and data protection counsel.
Accessibility