The European Union’s Artificial Intelligence Act came into effect on August 1, 2024, setting a new standard for how companies build and use AI.

Now, there is one consistent set of rules governing how AI should be designed, tested, and used. Any business that wants to operate in the EU must meet these standards, no matter where it’s based.

For sales teams, the impact of this law has been immediate because these rules directly affect the tools they use every day. AI has had an impact on almost every part of selling: from forecasting and lead scoring, to personalized outreach and customer engagement. The EU’s new rules set fresh expectations for how such systems operate and how data is managed.

In this post, we’ll break down what the Act covers, how it affects sales operations, and the steps sales leaders can take to stay compliant while still moving fast and staying competitive.

What Is the EU AI Act?

The EU AI Act is Europe’s big rulebook for how artificial intelligence should be built and used. The idea is to make AI safer, more transparent, and something people can actually trust, while still leaving room for new ideas and innovation.

The law doesn’t treat all AI equally, but instead sorts them into different levels of risk. Some systems, such as hiring software or lead scoring tools that judge people, are considered high risk and have to follow stricter rules. Others, like chatbots or AI that writes marketing copy, just need to be upfront about being AI so users know they’re not talking to a person. Most however, fly under the radar and are considered minimally risky. 

Some are harmless and help with everyday stuff, while others can have a big impact on people’s lives. The EU groups AI into four risk levels:

1. Unacceptable Risk

These are the types of AI systems the EU wants to keep out of the market because they are seen as harmful, deceptive, or manipulative. This includes:

• Tools that try to shape or influence people’s behavior without their knowledge
• Systems that exploit vulnerable groups such as children or the elderly
• Any form of social scoring that judges people based on their behavior or personal traits

Example 

If a marketing platform were to secretly track users’ emotions through their webcam or voice tone during sales calls, then adjusts prices or product offers based on how vulnerable or stressed someone appears. That kind of system would likely fall under “unacceptable risk,” since it manipulates behavior without informed consent and exploits personal traits.

The same rule applies to emotion recognition, especially in sensitive environments such as schools or workplaces. Unless it is used for safety or medical purposes, any AI that claims to detect emotions or mental states in these settings is not allowed. The EU views this kind of technology as invasive and potentially damaging to people’s privacy and autonomy.

2. High Risk

These systems are allowed under the EU AI Act but face strict oversight because they can directly impact people’s rights, opportunities, or livelihoods. 

This includes things like hiring tools, performance review software, credit scoring systems, or anything that helps decide who gets a loan or an insurance plan. Basically, if an AI could change someone’s job prospects or financial situation, the EU wants it heavily regulated. 

In the United States, Workday is facing a major lawsuit alleging that its AI-powered hiring tools discriminated against job applicants based on age, race, and disability. While this case falls under U.S. law rather than the EU AI Act, it highlights the same core issue: companies must ensure their AI systems are fair, transparent, and free from bias.

To meet the rules, developers and companies using high-risk AI need to:

• Train their systems on solid, fair data that isn’t full of bias
• Make sure there’s a real person keeping an eye on the decisions it makes
• Keep the system secure and reliable
• Document how it works and what steps are being taken to reduce risks

Example

Say there’s a hiring app that ranks candidates or a tool that rates sales reps for promotions. If that system favors one group over another because of the data it learned from, that’s a problem. 

In this scenario, both the company that built it and the one using it would need to prove it’s fair, as well as explain what checks and balances are in place to prevent it from doing so. 

The aim is to promote the fair and responsible use of AI, ensuring that human judgment remains at the center rather than allowing algorithms to act without oversight.

3. Limited risk

AI systems that present “limited risk” under the EU AI Act face fewer rules. However, transparency is still a must. 

The main idea is simple: people should always know when they are interacting with artificial intelligence instead of a human being.

This category includes many tools that people have become used to such as chatbots, virtual assistants, or programs that generate text, images, or videos. Companies that use these tools must clearly inform users that they are interacting with AI. The law aims to avoid confusion and help people understand what kind of technology they are dealing with.

There are plenty of simple ways to meet this requirement by being upfront at the right moment. 

Here are some examples:

A chatbot can show a quick message before the chat begins:

AI-generated images can include a small label so people know they’re not real photos:

Automated replies can mention that the response was written by AI instead of a person.

Example: 1up in Practice, A Real-World Example of Limited Risk AI

At 1up, our AI aligns closely with the EU AI Act’s “limited risk” standards. Our system doesn’t make open-ended or unpredictable calls. It delivers answers only from pre-approved, verified sources within your organization. That means no scraping the web, no guessing, and no exposure to unvetted data.

Our data and security principles go a step further. Personally identifiable information (PII) is automatically stripped before any response is generated, and strict content filters prevent sensitive data from slipping through. 

Every answer can also be reviewed, corrected, and permanently overridden by a human, ensuring accuracy and accountability stay in your hands, not the model’s.

In short, 1up is built to be transparent, controlled, and compliant by design. We aim to be an example of what responsible, limited-risk AI should look like under the EU AI Act. Learn more about 1up’s data security principles. 

<INSERT QUOTE FROM GEORGE>

What matters is that users are not misled or tricked into believing they are talking to a real person. Even small things like automated marketing emails or personalized follow-ups are included. If customers think they are getting a message from a salesperson when it was actually written by a machine, that could become a compliance issue. The purpose of the rule is to make sure that honesty and openness stay part of how businesses communicate.

1. Minimal risk

Most of the AI people use day-to-day falls under what the EU calls “minimal risk.” These are the simple tools that make life a little easier but don’t really touch things like safety, health, or basic rights. Because they’re considered unlikely to cause harm, they aren’t covered by heavy regulations in the AI Act.

Examples include:

• Spam filters that catch junk emails
  
• AI in video games that makes gameplay feel smarter
  
• Recommendation tools that tell you what to watch, buy, or listen to
  
• Little productivity helpers that fix typos, schedule meetings, or sort your inbox
  

Even though these tools aren’t regulated, the EU still wants companies to use them responsibly. The whole point of the law is to build trust in AI, not to slow down progress. The big rules are saved for high-risk systems, so lighter-use tools can keep evolving without a bunch of red tape.

Example

Say you’ve got an AI tool that helps a sales rep figure out what products to show someone based on what they’ve looked at online. It’s helpful, but it’s not making any life-changing calls or deciding who gets a job or a loan. That’s why it’s considered minimal risk. Still, the company using it should make sure the data is good and that the results don’t accidentally leave certain groups out or treat them unfairly.

For sales teams, that line between low and high risk actually matters. Even if most of their tools fall into the safer category, it’s still smart to:

• Know where and how AI is being used in their workflow
• Work with vendors that take data quality seriously
• Be honest with customers about how their info is being used

At the end of the day, the goal of the EU AI Act is to make sure innovation happens responsibly, with AI systems people can trust.

What Every Sales Leader Needs to Know

For sales leaders, the EU AI Act is changing how teams think about the tools they use and the data behind them. What used to be a conversation about speed and automation is now also about trust, fairness, and knowing exactly how your tech works.

AI is basically baked into how most sales teams work now. It helps find leads, predict deals, and track how everyone’s performing. But with these new rules, companies can’t just plug things in and hope for the best anymore. Leaders actually need to understand where the data’s coming from, how the system makes its calls, and whether those calls are fair to the people involved.

If you run a global sales team, this is something you can’t ignore. Tools that analyze reps’ performance, sort through job candidates, or score leads need to be checked for how they collect and process personal data. The law also expects companies to show that people are still involved in the decision-making process and that the data being used is accurate.

The financial risk alone is reason enough to pay attention. The EU can fine companies up to 7% of their global revenue for serious violations, which is even harsher than the 4% enforced by the General Data Protection Regulation (GDPR). Customers and employees are starting to care a lot more about how AI is used. Sales leaders who can explain how their tools work and prove they use data responsibly are going to stand out.

Responsible AI means leading a team that people can genuinely trust, not simply avoiding problems. The ones who figure that out early will have an easier time growing their business in a world where transparency matters just as much as results.

The 2025 Timeline: What’s Happening Now

The 2025 Timeline: What’s Happening Now

While the EU AI Act was signed off in 2024, the rules are being phased in gradually instead of hitting everyone at once. As 2025 passes, the first big wave of enforcement is starting to take shape.

Here’s how the rollout is expected to go:

Late 2024: The Act officially took effect across all EU member states.

Mid-2025: General-purpose AI models, such as ChatGPT and other large-scale systems, need to follow new transparency and reporting rules. Developers are required to explain how these models are trained and to share key information about how they function.

2026: High-risk AI systems, including tools commonly used in sales like hiring platforms, lead scoring software, and forecasting tools, must be fully compliant. These systems will need to show that they use accurate and fair data, include human oversight, and meet the EU’s standards for reliability.

2027: AI systems linked to broader safety categories, including medical or industrial applications, have extended deadlines listed under Annex I.

For sales teams, 2025 is the year to get organized. It is the time to take stock of every AI tool in use, look closely at how they process and store data, and start documenting how those systems make decisions. Teams that start now will have a much easier time meeting the EU’s new expectations once the tougher rules go into full effect.

Compliance Checklist for Sales Leaders

Step 1: Go through your sales tools

Start by figuring out which of your sales tools actually use AI. That means assessing everything from forecasting and lead scoring to hiring tools and email automation. The EU AI Act expects companies to know what kinds of AI systems they’re using, even if those systems come from vendors. If a vendor can’t tell you whether their product counts as “high risk” under the Act, that’s a sign to look into it yourself.

Step 2: Check where the data comes from

The Act makes it clear that AI should be trained on data that’s accurate and fair. Ask your vendors where their data comes from and how it’s being used. They should be able to show documentation about how the model was trained and tested. If they can’t explain it in simple terms, that’s a red flag. The goal is to make sure your AI isn’t running on biased or unreliable information.

Step 3: Keep people involved in decisions

Even with smarter tools, humans are supposed to stay in control. If your AI helps decide which leads to focus on or which reps get promoted, a person still needs to be part of the process. Someone should be able to review the AI’s output and step in if something feels off. The Act is really clear that human oversight matters, especially when decisions affect people’s jobs or opportunities.

Step 4: Be honest about when you’re using AI

If customers or prospects are talking to AI, they deserve to know it. The law says companies have to make it clear when people are interacting with a system instead of a human. So if you’re using chatbots or automated outreach, add a simple line explaining that it’s AI-powered. It sounds small, but it’s part of building trust and staying compliant.

Step 5: Get Legal and RevOps in the loop

You can’t handle AI compliance alone. Make sure your legal, RevOps, and IT teams are helping track which tools use AI, how they’re monitored, and what risks they might carry. The EU AI Act puts a lot of weight on documentation, so having good records of how your systems work and who’s responsible for them will save you headaches later.

Getting ahead on this stuff now is smart. The rules are only getting tighter, and the companies that take AI governance seriously will be the ones customers actually trust.

How to Future-Proof Sales AI in 2025 and Beyond

Preparing for the EU AI Act doesn’t mean that innovation slows down. A lot of sales teams are actually using this as a chance to get more organized about how they use AI and to build better habits around transparency and fairness. The goal of the law isn’t to stop progress but to make sure companies use AI responsibly and can explain how their systems work.

Here’s what sales leaders can do to stay ahead:

Work with vendors who can show their work

Select the tools and partners that provide transparency about how their AI functions. The EU AI Act requires developers to share key details about how their models are trained, what kind of data they use, and how they keep it accurate. If a vendor can’t explain that clearly, it might be time to find one who can.

Understand how your AI makes decisions

If an AI tool gives you a score, a forecast, or a recommendation, you should be able to tell how it arrived at it. That idea of being able to trace the reasoning behind an AI’s output is built into the law. For sales teams, that means choosing systems that let you see how the results are calculated and give you confidence that they’re fair.

Start following good practices early

The EU is creating voluntary “codes of practice” that are meant to guide companies before the tougher parts of the law take effect. Getting aligned with these early can make the shift to full compliance a lot smoother. Think of it as preparing now so you don’t get caught scrambling later.

Keep humans in control

Even when AI is handling parts of the workflow, people still need to be able to intervene. The Act requires human oversight, which means someone should always be able to review, question, or override AI-made decisions. In sales, that might mean checking that lead scoring tools or performance metrics aren’t biased or unfair.

1up’s “Improve Answer” modal is a great example of how AI can improve processes with humans still in charge: 

Build a culture of responsible AI

Train your sales team to really understand the tools they use. It’s important to educate them on how the technology works, what it’s good at, and where it can go wrong. The Act is big on fairness, transparency, and accountability, and those same values can make a sales team stronger and more trustworthy.

Sales leaders who start taking this seriously now will be in a much better position later. They’ll avoid compliance headaches, build customer trust, and create a smarter, more reliable approach to using AI in sales.

We work with a ton of sales teams who aren’t sure where to draw the line on AI. Some worry about doing too much and breaking the rules, while others worry about falling behind. The best place to start? Craft a set of guidelines for your team. What data are we using? Do we trust it? How do we maintain accuracy? What should (or shouldn’t) we be doing with AI? A simple framework will help you move a lot faster.

George Avetisov, Founder & CEO @ 1up

Turning Compliance Into a Competitive Edge

The EU AI Act is shaking things up for how companies use AI. Using technology today means focusing on fairness and transparency, and making sure it truly works for real people. For sales teams, that means knowing what your tools are doing, where the data comes from, and making sure the results actually hold up.

The smartest teams are getting ahead of it now. They’re checking their systems, asking tough questions, and keeping track of how everything works. 2025 is really the time to get your house in order. The companies that figure this out early won’t just stay compliant, they’ll earn more trust and probably sell better too.