EU AI Act Compliance Checklist: 17 Things to Do Before August 2, 2026

Silicate , and I'm sharing what I found. Two Things Are Already Live Prohibited practices. Banned since February 2, 2025. Social scoring, real time biometric surveillance without authorization, exploiting vulnerable groups, subliminal manipulation. Fine: up to 35 million EUR or 7% of global revenue. Most companies aren't doing these. But have you actually checked? "We don't think we do that" is different from "we audited our systems and confirmed we don't do that." AI literacy. Also February 2, 2025. Every company using AI must ensure staff have "sufficient AI literacy." Documented training. Role appropriate. Not a webinar you did once. If you haven't started this, you're already noncompliant. Over a year now. 17 Things Before August 2 These are in the order you should do them, not the order they appear in the Act. First Two Weeks: What Do You Actually Have? 1. Inventory every AI system. All of them. The ones your product team built. The vendor tools someone bought on a credit card. That ML model from 2023 that "nobody uses" but is still running in production. If it runs, it's in scope. Write down what each one does, who it affects, where those people are. 2. Classify by risk tier.