📜 Related Legislation

The AI Act doesn't stand alone

The EU AI Act is the most visible AI law, but certainly not the only one. GDPR, DORA, NIS2 and DSA each impose additional obligations on organisations using AI. Many of those obligations overlap — and that calls for a coordinated approach.

On this page you will find an overview of legislation that is relevant for your AI systems alongside the AI Act. For each law we explain where the intersections lie and what you need to concretely arrange.

Laws that affect your AI systems

GDPR & AI

GDPR × AI Act

General Data Protection Regulation

Automated decision-making, transparency and data governance: GDPR and the AI Act overlap on five concrete points.

View intersections

DORA & AI

DORA × AI Act

Digital Operational Resilience Act

Financial institutions using AI must comply with DORA requirements for ICT risk management, third parties and incident reporting.

View intersections

NIS2 & AI

NIS2 × AI Act

Network and Information Security Directive 2

AI systems controlling critical infrastructure fall under NIS2. Security measures and reporting obligations apply doubly.

View intersections

DSA & AI

DSA × AI Act

Digital Services Act

Recommendation systems, content moderation and risk assessment: platforms with AI applications operate at the intersection of DSA and AI Act.

View intersections

How compliant are you already?

The AI Readiness Score tests your organisation against the AI Act and related legislation. You get a personalised score and concrete recommendations.

Take the AI Readiness Score →