How did we end up there? It started with good intentions – from sporadic and on-the-sly usage of AI solutions under the radar. Such an approach helps you in the short term to pluck some low-hanging fruit. Yet, instead of building a ladder to fully enjoy the abundant harvest and reach the highest branches of this tree, we dash away and rather promptly find ourselves in a situation where shadow IT has institutionalized itself. Now we have much larger problems on our hands than the ones the solutions were used to resolve in the first place. We face increased threats to IT and data security, internal organizational dynamics create barely controllable divergencies, and trust in management is undermined.

In this dark setting, it is reassuring that help and support will come from the direction you probably least expect – the EU AI Regulation. The EU AI Regulation (AI Act) is the world's first law to regulate artificial intelligence. You might not realize it at first glance, but you and this act have something in common: you share a very noble goal. That is, the integration of AI solutions into your organization. The AI Act aims to ensure the safety, transparency, and trustworthiness of AI applications. And what a coincidence – this is exactly what your organization needs to exit the downward spiral and start integrating AI technology in a constructive and sustainable way. The beauty of the AI Act is that it is a must: it forces companies to engage with the subject and establish sustainable processes.

Moreover, the EU Act provides not just the motivation but also the tools: it gives you internal structure and a timeframe. In terms of structure, it makes the first step of distinguishing between different risk profiles of AI technology and matching them to the requirements your organization has to fulfill, depending on the role you are playing. It also provides a clear time perspective. Between August 2024 and August 2026, your organization will have the opportunity to implement the outlined requirements in a structured manner. This includes key milestones such as forming interdisciplinary teams, creating an inventory of existing AI technologies, and gradually introducing AI governance and Plan-Do-Check-Act, PDCA, cycles. In the end of the day, The AI Act ensures that your AI systems are safe, reliable, and compliant – giving your organization a competitive edge and building trust with customers, employees and stakeholders.

However, to make the most out of this opportunity, it is necessary to have an eye on the bigger picture of your organizational context when integrating AI into your strategy:

• Start with the most pivotal questions: How does AI fit into your business strategy? How does it fit into your IT strategy? Where do you envisage the most leverage? Have you already taken care of the basics, like master data and processes?
• Avoid the temptation to create yet “another IT” or “another legal” project out of it. The AI topic lives, breathes, and flourishes from its innate interdisciplinarity and multi-dimensionality. Use this to your advantage;
• Leverage your change agents. Bring those people onto the AI Governance team who are eager to move it forward. How do you find them? Have the kick-off meeting as a voluntary fireside talk on a Friday afternoon and see who shows up. These are most likely going to be the people who have the energy, zeal, and motivation to propagate their spark for the topic within the organization;
• Identify those who need AI solutions the most in your organization and try to include them in the interdisciplinary team (they might not have come to the fireside talk on Friday because they were buried under a load of data that they were trying to crunch with a real nutcracker – as it is the only tool they have).

In a nutshell, the AI Act can help you create a structured timeline and framework for the implementation of the regulation and, with that, the integration of the technology into your strategy and operations.

On a closing note: There’s no way around the implementation of the AI Act (as Marcus Aurelius would say, 'the obstacle is the way'). The key is how you approach it. Will you make it a tedious and unnecessarily painful exercise, or an exciting and even fun journey for your organization? For that, you must breathe life and energy into it. Is this something you are struggling with and where you need help? Worry not! I would be delighted to support you on this journey and make it exciting!