AI Act: what really changes for a Belgian SME
The AI Act, the European regulation on artificial intelligence, is often framed as a big-company affair. That’s a misreading. As soon as an SME uses an AI system — a writing assistant, a scoring tool, a support chatbot — it falls within scope, to varying degrees. Here’s what really changes, without the drama.
The principle: risk-based regulation
The AI Act doesn’t treat all AI the same. It classifies systems by the risk they pose to people’s rights: unacceptable risk (banned), high risk (strong obligations), limited risk (transparency) and minimal risk (free). So the first useful question isn’t “are we concerned?” but “which category does each of our uses fall into?”.
What it means concretely
- Inventory. List the AI systems actually in use, including those that arrived through the back door (extensions, SaaS tools with an “AI” feature).
- Classification. Determine the risk level of each use. Most SME cases fall under limited or minimal risk — but not all.
- Transparency. Inform users when they interact with an AI or consume generated content.
- Traceability. Keep a record of decisions and data for sensitive uses.
Where to start without panicking
No need to lock everything down at once. An honest inventory and a quick classification are enough to know where you stand and what deserves attention. That’s exactly the point of an AI Express Diagnostic: separate the regulatory noise from the real risk, then prioritise. Compliance isn’t an obstacle to AI — it’s what lets you use it calmly, and pass an audit when the time comes.
Tell us about your use cases: we’ll give you a first read, no jargon.