- The EU AI Act comes into force in February 2025 and sets requirements for AI expertise in companies.
- Sufficient AI expertise includes technical knowledge and understanding of the systems in the business context.
- The requirements vary depending on the risk classification of the AI systems used.
- The appointment of an AI officer is not mandatory, but recommended for AI compliance.
- Companies must continuously recognize, manage and document legal requirements.
- A structured approach to implementing AI expertise is required for successful implementation.
- Future training courses will support companies in implementing the AI Act.
As a lawyer in the digital sector and entrepreneur, I have been following the development of the EU AI Act since its inception. The requirement for “sufficient AI competence”, which will apply from February 2025, raises fundamental questions for many companies. This is not just about formal compliance with regulatory requirements, but also about strategic positioning in the rapidly developing field of artificial intelligence. The legal framework conditions offer both challenges and opportunities for future-oriented companies.
The legal basis of AI competence
The EU AI Act defines “sufficient AI competence” as a fundamental requirement for companies that use AI systems. This is not just about the technical expertise of individual employees, but about a comprehensive understanding of AI systems in the corporate context. The regulation stipulates that companies must demonstrate how they ensure and maintain this competence. This includes both the technical aspects of the AI systems used and an understanding of their impact on business processes and stakeholders.
Particularly important: The requirements vary depending on the risk classification of the AI systems used. While strict requirements apply to high-risk AI systems, the requirements for lower-risk AI systems are adapted accordingly. This differentiation is crucial for practical implementation in the company. The AI Act provides for a dynamic risk assessment that must be regularly reviewed and adapted. Companies must therefore establish processes that enable continuous evaluation and adaptation of their AI competence.
The AI Officer – compulsory or optional?
Contrary to common misconceptions, the appointment of a dedicated AI officer is not mandatory under the AI Act. Nevertheless, practice shows that a central coordination office for AI compliance makes sense. The necessary competencies can also be distributed among several people or departments, as long as the responsibilities are clearly defined and documented. The decisive factor is not the formal position, but the effective bundling and coordination of the necessary competencies within the company.
The key areas of expertise include far more than just technical understanding:
– In-depth knowledge of AI systems and how they work, including the ability to recognize risks and limitations
– Comprehensive legal expertise in AI regulation, data protection and industry-specific compliance requirements
– In-depth business process understanding and experience in implementing AI systems
– Professional risk management and continuous compliance monitoring
– Effective change management and systematic employee training
– Strategic communication skills for collaboration with various stakeholders
Specific requirements for AI expertise
The AI Act defines different levels of required competence that go well beyond technical understanding. Fundamentally, companies must be able to demonstrate that they:
– Fully understand how their AI systems work and can assess their impact on business processes
– Can systematically identify, assess and minimize potential risks
– Can not only implement compliance requirements, but also continuously monitor and adapt them
– Can meet comprehensive documentation requirements and ensure they are up to date
– Train employees regularly and as required and promote their skills development
These requirements must be implemented in practice through concrete, verifiable measures. It is particularly important that the competence is not only formally documented, but is actually practiced and continuously developed in day-to-day business.
Implementation in practice
Practical implementation requires a structured, multi-stage approach. Companies must:
– Conduct a comprehensive inventory of their AI systems, including a detailed risk analysis
– Precisely identify the required skills and match them with existing resources
– Systematically evaluate existing expertise and identify development potential
– Plan and implement targeted training measures and review their effectiveness
– Establish effective monitoring systems that enable continuous review and adaptation
– Implement documentation processes that enable proof of AI competence at all times
The continuous development of AI expertise is particularly important here, as both the technology and regulatory requirements are constantly evolving. Companies must therefore create flexible structures that enable agile adaptation to new developments.
Outlook and possible support services
Implementing the AI competence requirements will be a complex challenge for many companies. As a lawyer with many years of experience in the digital sector, I am currently in initial discussions on the possible development of training formats. These could support companies in the practical implementation of the AI Act requirements.
Whether and in what form such training courses will be realized is currently still in the conception phase. Consideration is being given to practice-oriented formats that could cover both the legal basis and concrete implementation in day-to-day business. Interested companies are welcome to contact me for further information.
The coming months will show how the practical implementation of the AI Act develops and what specific support needs arise from this. As a lawyer with my own entrepreneurial experience, I will closely monitor these developments and adapt my advisory services accordingly.
