Our corporate site Contact us

Article

From regulatory constraint to strategic compass: Why the EU AI Act can strengthen organisations and HR

Learn how EU AI Act can strengthen HR and organisations through AI governance, fairness, and strategic oversight.

When the EU AI Act came into force, many organisations viewed it as another compliance obligation — and that reaction is understandable.

The EU AI Act is the first broad legal framework for AI and classifies AI systems by their risk to fundamental rights. And it also touches on HR's responsibilities.

Many core AI use cases, including HR ones — recruiting, task allocation, and performance evaluation — can fall into the “high-risk” category, meaning tougher requirements on transparency, safety, fairness, and oversight.

But here’s the strategic reframe: What if the EU AI Act isn’t a roadblock — what if it’s the compass the organisation has been missing to ensure future fit?

From “AI-FOMO” to strategy

For much of the past few years, AI initiatives have been shaped by a simple anxiety: the fear of missing out (FOMO). Anything “AI-powered” sounded like progress. In many organisations, this led to fragmented tool landscapes, “black-box decisions” generated by AI that no one could explain, unclear business value, and inconsistent vendor oversight and contracting.

The EU AI Act forces a pause and a review of current practices, asking questions organisations should have answered from the start: What data is being used, and is it fit for purpose? Can outcomes be explained to affected individuals? Are the results fair, non-discriminatory, and auditable? Is there meaningful human oversight? And are controls in place across the full lifecycle — from design and deployment through to ongoing monitoring?

An HR perspective: The pay transparency parallel

We’ve seen this pattern before with the EU Pay Transparency Directive. Many organisations initially treated it as an administrative burden. But more forward-looking HR teams used it as a catalyst to review their foundational frameworks by:

Reviewing job architectures and skill frameworks to drive readiness for a skills-based organisation
Modernising compensation frameworks to ensure alignment of reward with business and people strategies
Strengthening internal equity to ensure fairness and attractiveness

The EU AI Act can play the same role for HR technology: a regulatory push that accelerates overdue modernisation. Used well, this becomes a blueprint for a robust HR IT strategy. There are four key aspects to consider:

Shifting from quick fixes to clear purpose: Too often, technology decisions begin with the question: “How do we roll out Tool X?” A more strategic approach starts elsewhere: “Which HR challenge are we trying to solve — and is AI the right solution?”
Making quality assurance the baseline: If a tool cannot meet transparency and non-discrimination standards, it’s not “innovation”— it’s risk. The Act becomes a natural filter for unethical or low-quality solutions.
Positioning HR as a strategic governance partner: AI brings HR to the strategy table, working alongside IT, legal, compliance, and (in many countries) the workers’ council to define governance. HR moves from “tool user” to architect of the digital workplace.
Making AI work design a core HR responsibility: AI is reshaping what skills employers need. It does not make human skills obsolete — it changes their nature. HR can play a leading role in redefining jobs, roles, and responsibilities, and in designing work that intentionally combines human and AI capabilities.

AI that truly serves humans — and HR

HR is about people. So, an algorithm that scales decisions while also scaling bias is not progress — it is a reputational, legal, and business risk. The EU AI Act strengthens HR’s mandate to ask more of vendors and internal teams alike: for transparency, evidence of fairness and performance, and strong human oversight.

Used well, this is how AI can genuinely help. It can reveal skills gaps instead of pigeonholing people, reduce administrative burden so HR can focus on leadership and development, and enable transparent, data-backed decisions rather than guesswork. It can also support the redesign of work and the reshaping of skills as AI continues to evolve.

The EU AI Act’s real impact: quality thinking

The EU AI Act is not just about compliance. It pushes organisations to think more rigorously about the quality of their AI estate and the controls around it. This translates into five priorities:

Inventory and mapping: Create a living view of AI systems and use cases (including embedded AI features), owners, purpose, data sources, and criticality.
Risk classification and prioritisation: Identify likely high-risk use cases and prioritise by materiality (people impact, customer impact, regulatory exposure, and operational dependency).
Control framework across the lifecycle: Define minimum controls: transparency, data quality, bias/fairness testing, human oversight, logging, incident handling, change management, and third-party assurance.
Clear governance and accountability: Define roles, approval processes, escalation paths, and decision rights across business, HR, IT, legal/compliance, security, and risk.
Ongoing monitoring and evidence: Use KPIs/KRIs, periodic reviews, audits, and documentation that stands up to scrutiny.

How Marsh can support clients

The best outcomes are achieved when strategy and risk governance are aligned. We can help clients build defensible EU AI Act readiness through:

EU AI Act preparedness/compliance assessment (gap analysis, evidence review, and roadmap definition)
AI governance and operating model implementation
AI management system design and implementation (compliant with ISO 42001, the international management system standard for AI)
Training and awareness for business owners and control functions
Mapping HR AI use cases and workforce impacts

Redesigning work, roles, skills, and job architecture for an AI-enabled workplace
Aligning HR policies and employee lifecycle processes with AI-enabled decisions

Together, this covers end-to-end needs: enterprise governance and HR execution, without leaving HR alone to solve what is fundamentally a cross-functional challenge.

Turning compliance into confidence

The EU AI Act is not only a legal obligation but also requires the development of trustworthy AI through mature enterprise governance. Organisations that treat it as a strategic compass won’t just be compliant: they will reduce uncertainty, protect people, and accelerate AI adoption with confidence. And HR is where this matters most and where strong governance becomes visible.

Please contact your Marsh risk advisor to discuss what the AI Act means for your organisation.

Mature financial agent showing new investment to young couple. Happy financial advisor discussing with a couple their mortgage loan. Happy couple consulting their bank agent about savings plan.

Video