The EU AI Act: Advanced

Technology & AI - Regulatory compliance
This is the leadership course. It is for senior managers, Data Protection Officers, general counsel, heads of compliance, and board members who carry the legal and personal risk under the EU AI Act. It covers what the most senior people have to own: the Article 99 penalty regime, personal liability for senior managers and DPOs, the four regimes running in parallel (the AI Act, the GDPR, the DSA, and sector law), regulator playbooks, the board AI risk agenda, M&A and procurement due diligence, and standing up an AI governance committee.

By the end, you'll be able to size exposure under the Article 99 penalty regime, locate personal liability for senior managers and DPOs, map the AI Act against the GDPR, the DSA, and sector law where they overlap, anticipate how regulators will act, set the board's AI risk agenda, run AI due diligence in M&A and procurement, and stand up an AI governance committee that holds.

Also in the EU AI Act series:
← Foundations: What the AI Act means at your desk
← Intermediate: Running high-risk AI without breaking the rules

Access

Self-Paced Learning

Lessons

10 Lessons

Certification

Certificate of Completion

Price

€450
Learning Objectives
Course Benefits
Modules
By the end of this course, learners will be able to:

  • Size exposure under the Article 99 penalty regime, including how administrative fines are calculated and which breaches attract the highest tiers
  • Locate personal liability for senior managers and DPOs, and the decisions that move legal risk onto named individuals
  • Map the four regimes running in parallel - the AI Act, the GDPR, the DSA, and sector law - and resolve them where they overlap
  • Anticipate regulator playbooks and the enforcement ladder, and prepare the organisation to respond
  • Run AI due diligence in M&A and procurement, including the contractual and warranty positions that protect the organisation
  • Set the board AI risk agenda and stand up an AI governance committee, with assurance frameworks, reporting, and third-party audit
Benefits for the Organisation

• Reduce the personal and corporate liability that comes with the Accountable Person duties, by getting the safety case strategy, certification, and governance right
• Own the organisation's AI risk position, with a defensible methodology, evidence standards, and a clear governance sign-off
• Evidence completed EU AI Act training to regulators, auditors, insurers, and customers with timestamped records
• Build a board-level AI assurance framework, with three-lines governance and third-party audit
• Prepare the organisation to respond to enforcement - compliance notices, stop notices, special measures, injunctions, and prosecution

Benefits for Learners

• Know exactly what to do in the first 48 hours when a regulator issues a notice or announces an investigation
• Keep a live AI risk register and audit trail that stand up to a regulator's request for information
• Take a portfolio of high-risk AI systems through conformity assessment and registration with confidence
• Govern AI documentation at scale, across multiple systems and teams, so it stays reliable
• Pass the assessment knowing every answer traces to the EU AI Act, its delegated acts, or regulator guidance, not a study guide

Lesson 1: Welcome and how this works
Meet the people this course is for, see how the lessons fit together, and set out what you will be able to do by the end. Includes the training disclaimer, the EU scope, and the as-of date.

Lesson 2: The Accountable Person and Principal Accountable Person in law
Article 99 of the EU AI Act: how administrative fines are structured, which breaches sit in the highest penalty tier, how the turnover-based maximums are calculated, and how exposure is sized. Work through a fine letter landing on the deployer of a high-risk system.

Lesson 3: Owning the safety case strategy
Personal liability for senior managers and DPOs: where the AI Act, the GDPR, and company law place duties on named individuals, how decisions move risk onto people, and how to protect them. Work through allocating accountability across a leadership team.

Lesson 4: Registration, certification, and the regulator relationship
The four regimes running in parallel - the AI Act, the GDPR, the DSA, and sector law - where they overlap, where they conflict, and how to resolve them into a single position. Work through a system caught by all four and certificate programme.

Lesson 5: Criminal liability and the enforcement ladder
How regulators act: market surveillance authorities, the AI Office, and data protection authorities, their powers and the enforcement ladder - requests for information, corrective measures, restrictions, withdrawal, and fines. Anchored to a real enforcement action, with an organisation's response plan.

Lesson 6: The Gateway regime for works and developers
What the board needs on its agenda: the AI risk appetite, the systems inventory, the high-risk classifications, the decisions reserved to the board, and the reporting that keeps directors informed. Work through building a board-level AI risk dashboard.

Lesson 7: Portfolio governance and the golden thread at scale
Standing up an AI governance committee: its mandate, membership, reporting lines, assurance frameworks, and third-party audit, and how it holds across multiple systems and teams. Work through chartering an AI governance committee.

Lesson 8: Resources
A working reference library: the verified EU AI Act articles, the delegated and implementing acts, European Commission and AI Office guidance, the GDPR and DSA where they intersect, and relevant regulator decisions. All links verified at build.

Lesson 9: Final assessment
Ten multiple-choice questions across the Article 99 penalty regime, personal liability, the four parallel regimes, regulator playbooks, the board agenda, due diligence, and AI governance. Eighty per cent to pass, two attempts, and a certificate on completion.

Lesson 10: Provide Feedback and Claim Certificate
Share your feedback on the course and download your certificate of completion.

CORPORATE TRAINING

We Can Train Your Employees

Every organisation is different - and so are its learning needs.

Request a call back to talk through:


  • Your current onboarding or training challenges
  • Skills gaps across teams or roles
  • Compliance, wellbeing, or development priorities
  • How digital learning can support performance and retention
  • Special pricing options for multiple seats or team-wide access


We’ll help you explore practical, people-first solutions that fit your organisation.

Course FAQ's

Who is this course for?

Accountable Persons, Principal Accountable Persons, heads of compliance, general counsel, and owner-operator and developer compliance leads - the people who hold the legal duty and can be prosecuted personally. It assumes Intermediate-level operating knowledge of the Building Safety Act.

This is an advanced course. It assumes Intermediate-level operating knowledge of the EU AI Act; no other prior knowledge is needed.

Where and when can I take this course?

The course can be taken at any time and from any internet-connected device.

Do I need prior knowledge or experience?

This is a foundation-level course, and all concepts are explained in a clear, simple, and practical way. Learners, do not require any previous training or background knowledge.

Can this course be used for company-wide training?

Yes. It is built for the senior managers, DPOs, and compliance leads who carry the legal and personal risk, and can be rolled out across the people who hold or support AI governance duties.

Do I get a discount if I buy multiple seats for this course?

Yes. Please contact us and we will issue a quote according to your needs.

Will managers be able to track progress and completion?

Yes. Managers and administrators can track learner progress, completion rates, and assessment performance across the course.

This gives clear visibility on engagement and outcomes, making it easier to monitor participation, support staff where needed, and evidence completed EU AI Act training to regulators and your insurers.

Is this course part of a larger EU AI Act programme?

Yes. This is Course 3 (Advanced) of the Auren UK Building Safety Act 2022 bundle - the duty-holder's course for the people who carry the legal risk. It follows Course 1 (Foundation), the awareness floor for all building staff, and Course 2 (Intermediate), the operating course for the managers who run a higher-risk building day to day.

All three courses in the bundle can be taken as stand-alone courses.