The AI Act doesn't stand alone
The EU AI Act is the most visible AI law, but certainly not the only one. GDPR, DORA, NIS2 and DSA each impose additional obligations on organisations using AI. Many of those obligations overlap — and that calls for a coordinated approach.
On this page you will find an overview of legislation that is relevant for your AI systems alongside the AI Act. For each law we explain where the intersections lie and what you need to concretely arrange.
Laws that affect your AI systems
GDPR & AI
GDPR × AI ActGeneral Data Protection Regulation
Automated decision-making, transparency and data governance: GDPR and the AI Act overlap on five concrete points.
DORA & AI
DORA × AI ActDigital Operational Resilience Act
Financial institutions using AI must comply with DORA requirements for ICT risk management, third parties and incident reporting.
NIS2 & AI
NIS2 × AI ActNetwork and Information Security Directive 2
AI systems controlling critical infrastructure fall under NIS2. Security measures and reporting obligations apply doubly.
DSA & AI
DSA × AI ActDigital Services Act
Recommendation systems, content moderation and risk assessment: platforms with AI applications operate at the intersection of DSA and AI Act.
How compliant are you already?
The AI Readiness Score tests your organisation against the AI Act and related legislation. You get a personalised score and concrete recommendations.
Take the AI Readiness Score →