Why Take Action Now?
The AI Act has major impact on energy and telecom
August 2025
First obligations for high-risk AI systems in critical infrastructure come into effect
Critical Infrastructure = High-risk
AI in energy and telecom networks automatically falls under the strictest AI Act rules (Annex III)
Fines up to €35 million
Or 7% of global annual turnover — ACM and sector regulators will enforce
Safety Components
AI as safety component in networks requires conformity assessment and CE marking
High-risk AI in Energy & Telecom
These AI applications fall under strict AI Act requirements (Annex III)
Smart Grid Management
AI systems managing energy networks, distributing load and predicting grid congestion — essential for supply security.
Predictive Maintenance Critical Infra
Systems predicting maintenance for power plants, transformer stations and telecom towers — outage can have societal impact.
Network Monitoring & Cybersecurity
AI for detecting cyber threats and anomalies in energy and telecom networks — crucial for national security.
Energy Pricing & Customer Decisions
Algorithms determining energy prices, assessing customers or applying dynamic tariffs — direct impact on consumers.
Specific Challenges for Energy & Telecom
The AI Act brings unique compliance questions for the sector
NIS2 and AI Act Overlap
How to combine NIS2 cybersecurity obligations with AI Act requirements? Where do they overlap and where do they conflict?
Real-time Decisions
Energy networks require millisecond decisions. How to comply with human oversight without compromising network stability?
Safety Component Classification
When is AI a safety component under the Machinery Regulation? And what does that mean for CE marking?
Legacy SCADA & OT Systems
Much operational technology is decades old. How to integrate AI Act compliance into existing industrial systems?
Supply Chain Complexity
Energy and telecom chains are complex. Who is provider, who is deployer in integrated AI solutions?
Sector-specific Supervision
ACM, RDI and State Supervision of Mines — how do these regulators interpret the AI Act for the sector?
AI Act Compliance Roadmap
Practical steps for energy and telecom companies
AI Inventory
2-4 weeksMap all AI systems. Which systems manage critical infrastructure or make customer decisions?
Risk Classification
1-2 weeksDetermine per system if it is high-risk due to critical infrastructure, safety component or consumer decision.
Gap Analysis
3-6 weeksCompare current documentation with AI Act, NIS2 and sector-specific requirements.
Remediation
3-12 monthsImplement technical documentation, risk management, human oversight and cybersecurity measures.
Ongoing Monitoring
OngoingSet up processes for continuous monitoring, incident reporting and periodic review.
What Makes Energy & Telecom AI Different?
Sector-specific considerations
Critical Infrastructure Status
Energy and telecom AI falls under both AI Act and NIS2 cybersecurity directive
Real-time Requirements
Networks require uninterrupted AI decisions — human oversight must be implemented differently
Societal Impact
Energy or telecom outage affects millions of people — reliability requirements are extremely high
Converging Regulation
AI Act, NIS2, Machinery Regulation and sector legislation require an integrated compliance approach