EU AI Act compliance counsel.

The EU AI Act regulates artificial-intelligence systems placed on or used in the EU market. The firm advises providers and deployers, including life-sciences and ICT companies, on role and risk classification, high-risk-system obligations, and conformity-assessment documentation, and on how those duties interact with MDR/IVDR for AI medical devices. It provides the legal documentation and coordination, not the technical conformity assessment.

Who this is for

  • Providers and deployers of AI systems with EU market exposure.
  • Life-sciences and ICT companies placing AI/ML products on the EU market.
  • Manufacturers of AI medical devices navigating the AI Act alongside MDR/IVDR.

What's included

  • Role and risk classification: whether the client is a provider or a deployer (Art. 3(3)–(4)) and the system's risk category, including high-risk classification for products covered by Union harmonisation legislation (Art. 6(1), Annex I).
  • High-risk-system obligations: risk management (Art. 9), data governance (Art. 10), technical documentation (Art. 11), record-keeping (Art. 12), transparency (Art. 13), human oversight (Art. 14), accuracy and cybersecurity (Art. 15), the quality-management system (Art. 17) and post-market monitoring (Art. 72).
  • Deployer duties: obligations of deployers of high-risk systems (Art. 26) and, where applicable, the fundamental-rights impact assessment (Art. 27).
  • General-purpose-AI duties: obligations for providers of general-purpose AI models (Art. 53) and models with systemic risk (Art. 55).
  • MDR/IVDR interplay: how the AI Act's high-risk requirements sit alongside the medical-device conformity assessment for AI/ML devices that are high-risk under Art. 6(1), assessed within the existing notified-body route (Art. 43(3)).
  • Conformity-assessment documentation: legal documentation and governance support, delivered as fixed-fee modules.

How it works

  1. Scoping. The firm maps each AI system and the client's role (provider / deployer / importer) for each.
  2. Classification. The firm determines the risk category and the obligations that follow.
  3. Gap assessment. The firm compares current documentation and governance against those obligations.
  4. Documentation. The firm prepares the legal documentation and governance framework as fixed-fee modules.
  5. Ongoing advisory. Once the system is live, the firm supports model-change governance and post-market monitoring on a retainer.

Indicative pricing

from CHF 5,500 / month subscription, with fixed-fee modules. Gap-assessment from CHF 9,000; conformity-support CHF 18,000 to 40,000.

Indicative starting prices, net and exclusive of Swiss MWST (VAT) where applicable; final fee per written engagement letter.

Frequently asked questions

Does the EU AI Act apply to a company based outside the EU?
Yes, it can. The AI Act reaches providers and deployers established outside the Union where the output produced by the AI system is used in the Union (Art. 2(1)(c)), and it applies to providers placing an AI system on the EU market irrespective of where they are established (Art. 2(1)(a)). A Swiss or US company with no EU entity can therefore fall within scope through its EU-facing AI use.
What is the difference between a provider and a deployer?
A provider develops an AI system (or has one developed) and places it on the market or puts it into service under its own name or trademark (Art. 3(3)). A deployer uses an AI system under its own authority in a professional capacity (Art. 3(4)). The same company can be both (for different systems), and the two roles carry different obligations, so classification is the first step in any engagement.
How does the AI Act interact with MDR/IVDR for AI medical devices?
An AI system that is a medical device, or a safety component of one, is high-risk under the AI Act where the device must undergo third-party conformity assessment under the Union harmonisation legislation in Annex I, which lists the MDR (Regulation (EU) 2017/745) and the IVDR (Regulation (EU) 2017/746) in Section A (Art. 6(1), Annex I). The AI Act's high-risk requirements apply in addition to MDR/IVDR conformity assessment, and are intended to be assessed within the existing notified-body route rather than through a separate AI-only assessment (Art. 43(3)). AI medical devices are therefore dual-regulated, not exempt.
When do the AI Act's high-risk obligations take effect?
Under the AI Act as currently in force, the high-risk obligations for AI embedded in MDR/IVDR products (Annex I) apply from 2 August 2027, while most other provisions apply from 2 August 2026 (Art. 113). The Digital Omnibus on AI (COM(2025) 836), which the European Parliament endorsed on 16 June 2026 and the Council gave final approval on 29 June 2026, defers the Annex I product date to 2 August 2028 and streamlines the AI Act / MDR–IVDR conformity interface, while keeping medical devices high-risk. As of 6 July 2026 that reform is adopted and awaiting publication in the Official Journal; it enters into force on the third day after publication, at which point the 2 August 2028 date governs. The transparency obligations under Art. 50 are not deferred and still apply from 2 August 2026. The firm monitors this file and scopes engagements to whichever timeline governs.