Category: Compliance

AI compliance practices, documentation requirements, risk classification, and audit readiness for organisations

US court ruling shakes EU-US data deal AI Literacy: Lighter Rule, Higher Stakes Digital Omnibus: the AI Act Delay That Makes 2026 Busier, Not Quieter DMA: AWS and Azure face gatekeeper test The Junior Talent Pipeline: What AI Saves Now and Costs Later AI Act: retailers fight deepfake rule Face-scan buses: KC yes, EU mostly no AI Act: later duties, nudifier ban now AI Act: only eight Member States ready

Stay ahead of AI change. Get practical updates from Future Prep direct to your inbox.

By subscribing you agree to receive Future Prep news. Unsubscribe any time.

AI generated image - a stonemason setting the foundation stones of a building already rising above, illustrating AI literacy as the groundwork under the AI Act.

AI Literacy: Lighter Rule, Higher Stakes

Brussels softened the AI literacy duty in the Digital Omnibus, from ensuring a sufficient level to supporting its development. But it was not delayed, it has applied since February 2025, enforcement begins this August, and the EU's skills agenda is turning literacy from a compliance checkbox into a competitiveness lever.
AI generated image - stepping-stone path to a distant gate, illustrating the Digital Omnibus AI Act deadlines that fall in 2026 before the 2027 high-risk dates.

Digital Omnibus: the AI Act Delay That Makes 2026 Busier, Not Quieter

The Council adopted the Digital Omnibus on 29 June, pushing high-risk AI Act obligations to 2027 and 2028. But the transparency and literacy duties that bite in 2026 did not move, and two new bans arrive sooner than the relief.
AI cyber risk shown as a high-tech security door undone by one unfastened basic bolt.

AI Cyber Risk: Why the Newest Threat Demands the Oldest Discipline

A joint Five Eyes statement reframes AI cyber risk as an immediate leadership responsibility on a months-not-years horizon. The defence is unglamorous basic hygiene plus AI-aware threat modelling. We translate it into the EU frame of NIS2, DORA and the AI Act, and the questions a board should ask now.
Two near-identical bound volumes set slightly out of alignment, illustrating Canada's privacy reform diverging from the GDPR.

Canada’s Privacy Reform: Familiar on the Surface, Divergent Underneath

Canada has tabled Bill C-36, a GDPR-style privacy overhaul. For organisations already under European rules it reads as convergence but works as divergence: a second regulator, second thresholds and a second set of rights to map across adequacy, automated decisions and transfers.
A dark secure gallery with four progressively protected bays and a single procurement dossier in the foreground representing graded sovereignty assessment.

CADA’s Four Sovereignty Levels Change How You Buy Cloud and AI

CADA defines four assurance levels for cloud and AI sovereignty, up to EU ownership at Level 3 and full supply-chain control at Level 4. The proposal is not law yet, but the levels already work as a scoring frame. Five procurement and due diligence changes to make this quarter.
Overhead view of a dark boardroom table with a loose folder and papers on the left, a strict four-tier document stack on the right, and a central diagram sheet connecting both sides.

Transatlantic AI Governance: Two Philosophies, One Control Map

In one week the US chose voluntary, standards-referenced AI oversight while the EU adopted CADA's graded sovereignty test. A deployer operating across both cannot run on a single mental model. Here is one control map, with two triggers per control, that answers the European and American regimes at once.
Scroll to Top