TomatoBlue
Back to Services
Service Offering

AI Act Regulatory Compliance

The European AI Regulation

Regulation (EU) 2024/1689 — the AI Act — is the world's first regulatory framework dedicated to artificial intelligence. Effective since August 1, 2024, it introduces differentiated obligations based on the risk level of AI systems, with full applicability from August 2, 2026.

Obligations apply to providers, deployers and importers of AI systems, with requirements on transparency, risk management, data governance and human oversight. The AI Act also applies to non-EU companies whose systems produce effects in the European market.

Penalties

AI Act penalties are among the most severe in European regulation: up to €35 million or 7% of global annual turnover for the most serious violations (prohibited AI systems), up to €15 million or 3% for non-compliance with high-risk system requirements, and up to €7.5 million or 1.5% for incorrect or incomplete information to authorities.

Compliance Packages

Four service levels calibrated to the organization's size and maturity.

Tier 1

Micro enterprises / Startups

Service: Orientation / Readiness

Typical use: Tenders, grants, early governance

Request a quote →

Includes

  • Regulatory framing.
  • Reduced gap analysis.
  • 1 policy + 1 procedure.
  • Evidence pack.

Excludes

  • Complete risk assessment.
  • Audit, testing, simulations.
Tier 2

Small SMEs

Service: Structured compliance (base)

Typical use: B2B clients, first formal requirements

Request a quote →

Includes

  • Complete target regulation analysis.
  • Separate minimum policy set (3–4).
  • Incident procedure.
  • Training session.
  • 12-month roadmap.
Tier 3

Medium SMEs

Service: Compliance + Governance

Typical use: PA, enterprise clients, regulated contracts

Request a quote →

Includes

  • In-depth gap analysis.
  • Simplified risk assessment.
  • Complete policies.
  • Extended training.
  • Initial control evidence.
  • Management support.
Tier 4

Enterprise

Service: Governance, Risk & Audit readiness

Typical use: Inspectability, growth, investors

Request a quote →

Includes

  • Complete risk framework.
  • Critical supplier audits.
  • Simulations / tabletop.
  • Contractual integration.
  • Pre-inspection support.

Cross-tier Add-on

Annual Maintenance

Recurring package tailored to the company, calibrated to the specific needs of continuous updating and monitoring.

Contact us for a tailored plan →