It has been over a year since the EU AI Act officially entered into force in August 2024. If you are an AI engineer, compliance officer, or CTO building in or for Europe, you have likely spent the last 15 months navigating a complex map of compliance deadlines, risk assessments, and evolving governance structures.

While the landscape is still shifting - most notably with this week's "Digital Omnibus" proposal - the path forward for HR Tech is becoming clear. Here is where we are now.

Step 1: Understanding the stakes

First off, understanding the AI Act meant accepting a new reality: most AI applications in HR Tech fall squarely under the High-Risk category.

For enterprises and HR leaders, this designation isn't just red tape. It’s a mandate to manage risks explicitly. It means that if you are using AI to infer skills, match candidates, or analyze workforce data, you must have rigorous safeguards in place to ensure fairness, transparency, and accountability. The days of "move fast and break things" are over; the era of "move fast and prove it" has begun.

Step 2: Preparing (While others wait)

One of the biggest challenges has been the lack of finalized "harmonized standards" – the technical specifications that tell us exactly how to comply. Because of this delay, the European Commission has just proposed pushing the full enforcement deadline for high-risk systems back, potentially to late 2027.

But at TechWolf, we didn’t wait for the ink to dry on the final standards. We chose to prepare for full compliance now.

The AI Pact: In October 2024, TechWolf officially joined the EU AI Pact. This is a commitment alongside over 200 leading AI companies to pave the way for regulation, proactively sharing how we implement compliance rather than waiting to be told what to do.

ISO 42001 Certification: Crucially, we backed this commitment by achieving our ISO 42001 certification – becoming one of the very first companies in the HR Tech space globally to do so.

Why ISO 42001? It wasn't just for the badge. This standard focuses on the Artificial Intelligence Management System (AIMS), which has a massive overlap with the Quality Management System (QMS) requirements mandated by the EU AI Act. By aligning with ISO 42001 early, we effectively built the governance engine needed for the AI Act long before the law required it.

Step 3: The future is now

Last month, the Commission released the Digital Omnibus proposal, acknowledging that the industry needs more time to adopt standards. While the deadline for high-risk obligations might be moving to December 2027, the market expectation has already shifted.

Your customers and stakeholders don't want to wait another two years for "trustworthy AI." They want it today.

The last year has helped TechWolf uplevel our internal AI governance, refine our risk frameworks, and drastically improve the technical documentation we provide to our customers. Regardless of when the final regulatory buzzer sounds, we are ready.

‍