Tag
Articles on Compliance
22 posts in this tag.
AI Act Training: proving AI literacy under Art. 4 (funding and deadline 2026)
AI literacy under AI Act Art. 4: in force since 02.02.2025, enforcement from 02.08.2026. What Art. 4 requires, what the proof of competence looks like, who is liable, and how QCG funding works.
AI Board Agenda 2026: 8 Topics That Belong in Every Board Meeting
AI is a board responsibility in 2026, not an IT agenda footnote. 8 board agenda topics for every meeting in the DACH Mittelstand, 5 to 10 minutes each.
Human-in-the-Loop 2026: How Much Autonomy Should an AI Agent Have (Mittelstand Guide)
Fully autonomous AI agents are mostly a marketing claim in 2026. Here is the 4-stage autonomy spectrum, the 6 axes that drive the stage decision, and 4 anti-patterns that destroy trust.
Self-Hosting an LLM or Buying Managed: The CIO Decision 2026
Self-hosting sounds like data sovereignty and cost control, but for most Mittelstand companies in 2026 it is the more expensive and slower choice. The 4-axis framework for CIOs.
AI Strategy for the DACH Mittelstand: The 5-Phase Roadmap for 2026/2027
AI strategy in 2026 is not a PowerPoint slide. It is a 24-month roadmap with 5 phases and a hard deadline of August 2, 2026. Here is how 200-500-FTE Mittelstand companies execute it.
What employees secretly do with AI: the shadow-AI reality in the DACH Mittelstand (2026)
Bitkom 2026: 25% of Mittelstand companies know for certain employees use private AI, 17% suspect it. Why shadow AI is an adoption signal and which 3 data-leak paths really matter.
The Workforce Pyramid: 8%, 21%, 43%, where your Mittelstand sits in the AI training pyramid (2026)
Bitkom 2026: 8% train everyone, 21% train a majority, 43% train nobody. The 5-step pyramid and why steps 1+2 are not defensible after August 2026.
EU AI Act Art. 50: What Your UI Must Show From 02.08.2026 (or Pay 15M)
From 02.08.2026 every AI must out itself. Chatbot disclosure, watermark, deepfake label, emotion recognition notice. Breach: up to 15M EUR or 3%.
AI vendor lock-in: 3 contract clauses your Mittelstand AI deal will not survive without
Three clauses decide whether your AI contract becomes a cost trap or a lever in 2027. Portability, sub-processor transparency, exit notice. Without them, your Mittelstand pays the lock-in premium.
EU AI Act Fines: The 35 Million Number Is Usually Wrong. What Mittelstand CEOs Actually Risk in 2026
The 35 million figure only applies to Art. 5. Mittelstand companies face Tier 2 (15M/3%) or Tier 3 (7.5M/1%). Plus: § 43 GmbHG personal liability.
Who Is Liable When the AI Agent Hallucinates? The 2026 Liability Framework for DACH Mittelstand
AILD withdrawn, PLD applies from 09.12.2026, AI Act Art. 26 from 02.08.2026. Three liability layers, five contract clauses, five insurance levers.
AI Audit Readiness in 90 Days: what Mittelstand prepares for BfDI and BNetzA
From 02 Aug 2026 BNetzA audits with KoKIVO. Big4 sells 6-month programs at 250k. Mittelstand needs a lean path. Here is the 90-day plan.
GPAI Obligations from 2 August 2026: What Mittelstand Deployers Must Know Before the Commission Starts Enforcing
On 2 August 2026 the EU Commission's enforcement powers against GPAI providers come into force. What that means for Mittelstand deployers, and 4 provider obligations you must check.
GDPR and Agentic AI in Production: What German DPOs Audit in 2026, and What They Reject
AI Act and GDPR are complementary, for Agentic AI in production this means two duty catalogues at the same time. The critical pitfalls, with article references instead of gut feeling.
Prompt Injection Defence: OWASP LLM Top 10 for the German Mittelstand, What Actually Attacks in 2026
Prompt Injection has been OWASP risk #1 for LLM apps for three years, and is the most likely incident class for German Mittelstand pilots in 2026. What attacks and how to seal it.
Shadow AI in the German Mittelstand: What the 2025 Bitkom Data Really Shows, and an AI Policy That Actually Works
8% of German companies have shadow AI widely spread, doubled since 2024. What the Bitkom data really says, and an AI policy that actually fights the pattern.
AI Literacy Mandate from 2 August 2026: The Executive Checklist for DACH Mid-Market
AI Act Article 4: AI literacy mandate since 2.2.2025, enforcement from 2.8.2026. 3 training tiers, QCG funding up to 100%, almost nobody knows. What executives must do NOW.
EU AI Act August 2026: The 90-Day Compliance Plan That Holds Even If the Omnibus Slips
Trilogue on 28 April ended without agreement. Without the Omnibus, full AI Act high-risk obligations apply on 2 August 2026. 5-phase 90-day plan for CTOs and engineering leads.
Coding Agents in CI/CD 2026: claude exec, codex CLI, cursor CLI in the Pipeline
claude exec, codex CLI, cursor CLI in the pipeline 2026: headless agents as the differentiator. Tool comparison, 4 use cases, AI Act obligations in CI/CD.
Cursor vs GitHub Copilot vs Claude Code: The EU-Compliant CTO Comparison for 2026
Cursor hits 2bn USD ARR, Copilot is on 90% of Fortune 100, Claude Code is EU-hosted since 2025. Which tool can run in DACH engineering teams? GDPR matrix plus decision tree.
5 security questions every CTO must ask their coding agent vendor
Your devs are already using Cursor, Copilot or Claude Code, often without formal approval. These five questions decide whether your codebase is still safe.
Gartner: 40 percent of all agentic AI projects fail by 2027 — the five anti-patterns
Gartner predicts 40 percent pilot mortality by 2027. The five anti-patterns that kill mid-market agentic AI pilots, with counter-patterns from live engagements.