Trusq

factual analysis · traceable to primary sources

Topics Opportunities Take the check Work with us LinkedIn NLยทEN
Guide

What does AI Act compliance cost?

Adopted 2026-06-22 ยท ≈ 2 min read ยท Dirk Baaijen

The cost of AI Act compliance depends mainly on your risk class, role and number of AI systems. The law requires proportionality, so most organisations with low-risk AI face limited costs.

Short answer: There is no fixed price tag. The cost of AI Act compliance is driven by your risk class, your role and the number of systems โ€” not by the law as such. For most organisations, with predominantly low-risk AI, costs stay limited; only high-risk uses demand serious investment.

The main cost drivers

Four factors account for most of the cost:

  • Risk class. High-risk systems require risk management, documentation, logging and conformity assessment. Limited and minimal risk mainly require a transparency notice.
  • Role. A provider carries more (and costlier) obligations than a deployer.
  • Number and complexity of systems. More AI, or self-built models, means more work.
  • Existing maturity. Those who already have data governance, ISO-like processes or a privacy function reuse a lot and pay less.

Proportionality is built in

The AI Act is not "one size fits all". Small and micro enterprises get relief, such as simplified technical documentation. Obligations scale with risk: low-risk AI does not need a heavy compliance machine. Read the AI Act for SMEs for what that means in practice.

Where the money goes

The largest items are usually not fines but internal time: inventorying, classifying, documenting and setting up governance. On top of that come some external costs: legal advice, a conformity assessment for high-risk systems, or tooling for monitoring and logging. One-off setup costs are generally higher than the ongoing maintenance.

Keeping costs manageable

The cheapest compliance is targeted: invest heavily where risk is high and lightly where it is low. Phasing โ€” see AI Act readiness in 90 days โ€” stops you buying everything at once and expensively. Reuse existing processes where you can.

What to do

  • Determine your risk classes first; they drive the whole budget.
  • Estimate internal time realistically โ€” usually the biggest item.
  • Reserve external costs for high-risk systems only (advice, conformity assessment, tooling).
  • Reuse existing governance and data-quality processes.
  • Avoid duplicate work by following the AI Act roadmap first.

Compliance need not be expensive; it should be proportionate. Steer by risk, not by fear.

Sources

  1. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
    Regulation (EU) 2024/1689 (AI Act): obligations scale with risk class; proportionality for smaller providers.
  2. https://artificialintelligenceact.eu/article/62/
    Article 62 AI Act: measures for small and micro enterprises, including simplified documentation.

Share on LinkedIn

Read next

W

The AI Act for SMEs: proportionality, sandboxes and costs

The AI Act applies to SMEs too, but builds in relief: proportionate documentation, priority and lower cost in regulatory sandboxes, and fines with an SME cap. This guide shows what to watch for as a small business.

A

AI fraud detection by government: the lessons after SyRI

After the SyRI ruling (District Court of The Hague, 2020) and the Dutch childcare-benefits scandal, government fraud detection with AI is high-risk under Annex III. The lessons: no opaque risk scores, no proxy discrimination, but proportionality, explainability and a rights assessment.

W

The AI Act for non-EU companies: extraterritorial reach

The AI Act also applies to companies outside the EU if their AI system or its output is used in the Union. Non-EU providers often have to appoint an authorised representative in the EU.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject โ€” programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method โ†’

A project or programme? Work with YRproject โ†’

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.