Category: Compliance
AI compliance practices, documentation requirements, risk classification, and audit readiness for organisations
US court ruling shakes EU-US data deal
•
AI Literacy: Lighter Rule, Higher Stakes
•
Digital Omnibus: the AI Act Delay That Makes 2026 Busier, Not Quieter
•
DMA: AWS and Azure face gatekeeper test
•
The Junior Talent Pipeline: What AI Saves Now and Costs Later
•
AI Act: retailers fight deepfake rule
•
Face-scan buses: KC yes, EU mostly no
•
AI Act: later duties, nudifier ban now
•
AI Act: only eight Member States ready
•
US court ruling shakes EU-US data deal
•
AI Literacy: Lighter Rule, Higher Stakes
•
Digital Omnibus: the AI Act Delay That Makes 2026 Busier, Not Quieter
•
DMA: AWS and Azure face gatekeeper test
•
The Junior Talent Pipeline: What AI Saves Now and Costs Later
•
AI Act: retailers fight deepfake rule
•
Face-scan buses: KC yes, EU mostly no
•
AI Act: later duties, nudifier ban now
•
AI Act: only eight Member States ready
•
Stay ahead of AI change. Get practical updates from Future Prep direct to your inbox.
By subscribing you agree to receive Future Prep news. Unsubscribe any time.
The moment you move from buyer to builder, provider obligations, auditability, logging and exit discipline become yours. Here is how a mid-market organisation keeps a proprietary or co-developed AI tool governable, without a large-firm budget, and where the Cyber Resilience Act starts to bite.
Two US rulings show that material run through public AI tools can lose privilege and confidentiality. For EU practitioners, contract terms, deployment environment and acceptable-use rules are the controls that decide whether sensitive work stays protected before the next dispute.
The Commission's draft guidelines of 19 May 2026 set worked examples across all eight Annex III categories. The Annex III classification memo now has an external benchmark. Six fields make the call defensible before the 23 June consultation closes.
The Dutch DPA's consultation on the right to explanation closes on 26 May 2026. The draft reframes Article 22 GDPR and Article 86 AI Act obligations as a deliverable on demand, not paperwork. Three deployer gaps to close before the final guidance arrives in Q3 2026.
The EDPB has confirmed Europrivacy as both a Data Protection Seal under Article 42(5) and as an Article 46 transfer tool when combined with binding and enforceable commitments. Five concrete updates to make to your procurement file this quarter, with a decision sheet as the operational companion.
A frontier AI model that finds and exploits software vulnerabilities sits inside three legal regimes at once: NIS2, the AI Act and the CRA. For deployers that means three sets of obligations and three sets of audit risk. The fix is a single control map built now.