Regulation (EU) 2024/1689 — the EU AI Act — was published on 12 July 2024 and entered into force on 1 August 2024. Obligations are being phased in. The next major deadline is 2 August 2026, when transparency obligations under Article 50 take effect, high-risk AI system rules become enforceable, and every member state must have at least one operational regulatory sandbox.
For IT teams deploying AI in helpdesks, ticket automation, or knowledge base management, this is not abstract regulation — it is a deadline with real consequences.
What applies from 2 August 2026
Transparency obligations (Article 50)
If you operate an AI system that directly interacts with users — typically a chatbot on your IT portal or an automated request classifier — you must ensure that users know they are communicating with AI, not a human. The only exception is when this is obvious from context.
For AI systems generating text, images, audio, or video, the output must be machine-readably marked as artificially generated. That marking duty under Article 50(2) sits with the provider of the generative model. If you are a deployer using a third-party LLM in your helpdesk, separate duties under Article 50(3)-(4) apply to you — typically informing users they are talking to AI, and labelling any deepfake content you produce.
High-risk AI systems
Common internal ITSM tools — ticketing chatbots, automated categorisation, request routing — typically fall into the limited-risk category with transparency obligations only. High-risk classification (Annex III of the regulation) covers AI systems used in recruitment, employee evaluation, access to education, or as a tool assisting judicial authorities. If your ITSM system automatically decides resource allocation or prioritisation based on employee attributes, assess the classification carefully — Annex III obligations apply from 2 August 2026, while obligations for high-risk products under Article 6(1) (Annex I) apply from 2 August 2027.
Regulatory sandboxes
Every member state must have at least one operational AI sandbox by 2 August 2026 — a supervised testing environment for AI innovation. In Slovakia, MIRRI (Ministry of Investments, Regional Development and Informatization) coordinates AI Act implementation together with the Government Plenipotentiary for Artificial Intelligence.
Penalties for non-compliance
Fines are tiered by severity:
- Prohibited AI practices (social scoring, manipulation) — up to EUR 35 million or 7% of global annual turnover
- Violations of high-risk AI requirements — up to EUR 15 million or 3% of turnover
- Supplying incorrect information to regulators — up to EUR 7.5 million or 1% of turnover
For most undertakings, the higher of the two — the fixed amount or the percentage of turnover — applies. For SMEs and start-ups, Article 99(6) flips the rule: the lower of the two applies. Either way, the figures remain substantial.
What to do before August
- Inventory your AI systems — identify where AI is used across your organisation. Chatbots, auto-responses, LLM integrations, predictive analytics — document everything.
- Classify risk — for each system, determine whether it falls under minimal, limited, or high risk. Common ITSM tools typically land in the limited-risk category, but classify by actual use case, not by product label.
- Implement transparency — ensure users know when they are interacting with AI. Add clear labelling to chatbots and automated responses.
- Label AI outputs — if you generate content using AI (knowledge base answers, ticket summaries), implement machine-readable marking.
- Document — prepare technical documentation describing the purpose, operation, and risks of your AI systems. You will need it for audits.
Why act now
Fewer than a hundred days remain. Inventorying and classifying AI components takes time, especially when they are not centrally tracked. And the transparency changes — labelling chatbots, marking outputs — require code or configuration changes, not just a policy document in a drawer.
The regulation applies directly across the entire EU. Unlike NIS2, which required transposition into national law, the AI Act does not need a separate Slovak statute to be binding. From 2 August 2026, it applies.