The Roadmap to Regulation

A

rtificial intelligence (AI) is like a bullet train — now that it’s out of the station and barreling forward at top speed, there’s no easy way to stop it. And with China quickly gaining ground on the United States’ head start in AI development, the pressure is on for tech labs worldwide to deliver increasingly effective and efficient models.

Even if there’s no stopping AI, regulators aim to construct the early safety infrastructure — to follow the analogy, the railroad crossing gates, signals, and air horns. An early contributor to the public discourse is the European Union. With the passage of the European Union Artificial Intelligence Act (EU AI Act) in 2024, the EU is the first governing body to introduce a comprehensive regulatory framework for the technology.

But with the EU taking the lead in AI regulation, the question remains: Will the rest of the world follow its lead? With AI development leaders China and the United States expected to take a light regulatory hand as they compete for technological dominance, the world could be poised for wildly different regional compliance expectations.

There’s no mincing words: It’s a complicated time for language technology. But companies like TOPPAN Digital Language are taking a proactive approach, readying for August 2026 when the most impactful EU regulations come online. The EU AI Act aims to establish a “safe, transparent, traceable, non-discriminatory, and environmentally friendly” market for EU providers and consumers, a broad scope that TOPPAN Digital Language believes will “impact the development and deployment of AI in many ways, some of which may be currently unpredictable.”

“The key at the moment is readiness and adaptability,” TOPPAN Digital Language Chief Strategy Officer Alex Jarvis said. “While the Act is looming in the background, clients are also very keen to explore the benefits of a range of AI technologies, and we have to respond to that.”

So what exactly does the EU AI Act encompass? To simplify an incredibly complicated subject, it takes a risk-based approach, outright prohibiting certain “unacceptable” risk practices while establishing rules for general-purpose AI and standards for specialized AI systems across risk categories. Prohibitions include practices that might feel at home in a Black Mirror episode — social scoring systems that categorize people based on behavior, systems that target individual vulnerabilities like age, predictive policing, biometric identification systems, and more.

Other “high”-risk applications aren’t banned outright but rigorously policed. These include employment recruiting systems, medical device applications, education systems, critical-service access, and judicial or democratic process applications like election procedures.   

“The challenge is that the systems deemed as ‘high risk’ are heavily regulated, with non-compliance being sanctioned, including through costly fines,” Jarvis said. “The very broad definition of what could constitute ‘high risk’ is what is causing concern and could conceivably cover the use of AI in language services in some circumstances.”

Central to the Act is the role of the AI model’s “provider” versus that of the “deployer.” According to TOPPAN Digital Language, the initial developer, or provider, of the large language model (LLM) is responsible for managing risk and compliance in most cases. Meanwhile, the deployer — in this case, language service providers (LSPs) — licenses the technology for use in its products and services.

However, if the LSP makes substantial LLM alterations through additional training or adaptation to new use cases, it can assume the provider’s responsibility under the law’s terms. And that means being on the hook for data quality governance and accuracy, system documentation and performance, and cybersecurity and risk management, just to name a few. Under those terms, TOPPAN Digital Language says it’s unclear whether “machine translation (MT) and linguistic AI providers will be able to comply with these requirements, which include proving that the original data used to train the model is up to the standards required by the Act.”

“To sum up, the advent of the EU AI Act will bring substantive change to the way the language service industry deploys MT and AI in that region,” Jarvis said.

That opens the possibility of providers restricting their technology to low-risk applications. The upshot is that deployers will be forced to assume compliance responsibility for more sophisticated or riskier applications, an ecosystem TOPPAN Digital Language believes could be fundamentally impractical.

“From a client perspective, owing to the complexity of interpreting the Act and what might constitute ‘high risk’ and the hefty fines for non-compliance, we believe the most rational response for end-clients will be to require providers to comply with complex AI policies in order to put a moat around their own risk,” Jarvis said. 

“This is likely to include compliance with independent certification standards, albeit currently, none of these standards completely maps to the Act itself,” she added. “In some cases, we have already seen contracts that include clauses forbidding the use of AI.”

To be sure, it’s not easy ground for a company to find its footing. But TOPPAN Digital Language is nevertheless taking a firm stance. Company associates started by poring over the law line by line, understanding every nuance and potential vagary to establish a compliance structure. That also included examining various ISO and HITRUST standards. Another essential step was building the capability for flexible deployment — a dexterous position allowing for swappable models, options for model adaptation, and georestricted operations.   

Given the EU AI Act’s penalty framework with significant consequences, which include large fines, TOPPAN Digital Language believes that every hour of regulatory preparation is an hour well spent. That’s especially true when the legislation and its interpretations are going to continue to change.

“It is also important to note that the Act will likely be subject to further updates and that each EU state may wrap the Act with its own national legislation (as is the case with GDPR [General Data Protection Regulation]), which could have its own requirements, including its interpretation of what constitutes high risk,” said Jarvis.

That patchwork regulation environment could well be applied across the globe, too. With the recently inaugurated Trump Administration adopting a cozy relationship with AI pioneers in the United States, it’s unlikely that the global superpower will prioritize tech regulations — a view that TOPPAN Digital Language sees echoed by recent United Kingdom overtures.

“When the EU AI Act was first being designed, there was a lot of discussion about whether it would set a gold standard that others would follow. That does not now appear to be the direction of travel,” said Jarvis.

“It appears that the EU may be an outlier in terms of its level of AI regulation, meaning that distinct operating models would emerge for this region only,” she added.

That’s why the time is now for any AI-adjacent business to plan and initiate conversations about compliance with its providers. A confident understanding of both the laws and business partners’ planned responses to those laws could mean the difference between success and failure in an emerging new world.

“Our own approach in this area is to build a service offering that we call “Managed AI,” which will incorporate compliance-as-a-service and will need to be bespoke depending on the context of each buying organization,” Jarvis said.

After all, as AI technologies advance and broaden their applicative and automative power, the complexity will only increase. That’s a challenge for businesses and regulators alike as they seek to find the balance between minimizing public risk and maximizing innovation.

“This is a particularly complex area of risk management that gets incredibly technical, and both over- and under-regulation are likely over the next few years,” said Jarvis.

However the regulatory environment evolves, TOPPAN Digital Language believes that the era of intensive AI experimentation could be slowing in the language technology sector. With a further emphasis on risk management and compliance likely to materialize, the onus is on companies to adapt.

“We expect the main impacts for the industry in relation to the deployment of MT and AI to be increased transparency requirements, significantly higher levels of risk assessment and risk management, new standards, policies, and deployment models,” Jarvis said.

As world events continue to demonstrate, there’s no telling what the future might hold. That’s why TOPPAN Digital Language is putting so much effort into imagining plausible outcomes and preparing contingency plans for every eventuality. 

“With just over a year to go before the Act comes fully into effect, now is the time to concentrate on planning for its impacts,” Jarvis added.