EU AI Act High-Risk Classification Guidelines, CNIL €487M Fines, Basel ICT Risk & China Deepfake Enforcement — AI Regulation May 24, 2026 - podcast episode cover

EU AI Act High-Risk Classification Guidelines, CNIL €487M Fines, Basel ICT Risk & China Deepfake Enforcement — AI Regulation May 24, 2026

May 25, 20265 minEp. 17
--:--
--:--
Download Metacast podcast app
Listen to this episode in Metacast mobile app
Don't just listen to podcasts. Learn from them with transcripts, summaries, and chapters for every episode. Skim, search, and bookmark insights. Learn more

Episode description

This week's episode of This Week in AI Regulations 

Covers seven major regulatory developments across the EU, France, Germany, China, and global standard-setting bodies.
  • The European Commission released draft guidelines for classifying AI systems as high-risk under the EU AI Act — stakeholder feedback is open until June 23, 2026. The Commission also launched a review of EU copyright rules addressing AI's impact on creative industries, with contributions open until June 25, 2026. 
  • Separately, the EU mandated foreign investment screening across AI, defence, semiconductors, and financial services — extending to intra-EU transactions involving non-EU ownership.
  • In France, CNIL's 2025 annual report revealed a record €487 million in fines and confirmed progressive AI Act enforcement from 2025, with cybersecurity as the top priority for 2026. Organisations processing personal data in France must treat GDPR and AI Act compliance as a combined obligation.
  • In Germany, the Berlin State Government launched the TOP-Konzept plan for critical energy infrastructure — including mandatory AI-based attack detection, 24/7 security patrols, and updated crisis management protocols.
  • At the global level, the Basel Committee on Banking Supervision agreed to publish an ICT risk management report and is progressing a targeted review of prudential standards for cryptoasset exposures. 
  • IOSCO concluded its 2026 Annual Meeting approving five reports including an AI supervisory toolkit and a market liquidity report.
  • In China, authorities took enforcement action against the creator of an AI-generated deepfake video falsely depicting the collapse of the Zhangjiajie Glass Bridge — a landmark case under China's AI-generated content regulations.
Essential listening for CCOs, CISOs, heads of AI governance, legal counsel, and risk officers in financial services, MedTech, and any organisation deploying AI in EU-regulated markets.


Carver RegWatch delivers weekly regulatory intelligence across jurisdictions. Published May 24, 2026.

For more information, visit the Carver Agents website.

Also from Carver RegWatch this week:

  • ASEAN RegWatch — Bank Indonesia 50bps rate hike to 5.25%, MAS revokes Bsquared payment licence, Singapore insider trading convictions
  • USA Regulatory Updates — SEC novel ETF regulatory review, California Hermes Bitcoin kiosk enforcement, IOSCO AI supervisory toolkit
  • EU Regulatory Updates — EU AI Act high-risk classification consultation deadline June 23, CNIL €487M record fines, EU Solidarity Fund climate disaster allocation
  • Middle East RegWatch — OFAC Adani $275M Iran sanctions settlement, OFAC Amin Exchange designation, UAE Drupal CVE-2026-8495 cybersecurity alert
  • India Regulatory Updates — RBI restricts Nagar Sahakari Bank, RBI cancels Yashwant Co-operative Bank licence, SEBI Investor Onboarding Regulatory Sandbox launch
  • Global Regulatory Briefing — Bank of England CCP resolution paper, Malta tokenisation of financial instruments consultation, ASIC sustainability reporting focus 2026-27

Find all series at Carver Agents Podcast 


Articles referenced in this episode:

  1. Commission seeks feedback on the draft guidelines for the classification of high-risk artificial intelligence systems
  2. Annual report: CNIL's achievements and key actions in 2025
  3. Maßnahmenplan zum Schutz von neuralgischen Punkten der kritischen Infrastruktur: das TOP-Konzept für verstärkte technische, organisatorische und physische Maßnahmen im Bereich der Energieversorgung
  4. Basel Committee agrees to publish report on information and communication technology risk management, progresses cryptoasset targeted review, considers targeted updates on liquidity risk principles
  5. AI-Generated Fake Video of Zhangjiajie Glass Bridge Collapse Causes Public Panic and Legal Action
  6. IOSCO concludes 2026 Annual Meeting
  7. Targeted consultation on the draft guidelines for the classification of high-risk artificial intelligence systems
  8. See all public consultations
  9. Commission seeks views on the review of EU copyright rules
  10. Protecting EU strategic sectors from risky foreign investments

Transcript

Welcome to This Week in AI Regulations for May 24, 2026. The European Commission has released draft guidelines to assist AI providers and deployers in determining whether their artificial intelligence systems qualify as high-risk under the AI Act. These guidelines include practical examples and support tools to ensure clarity and consistency in classification. Stakeholders across the European Union are invited to assess their AI systems against these draft guidelines and submit feedback exclusively through the official online questionnaire by June 23, 2026. This initiative is critical for managing regulatory risks related to health, safety, and fundamental rights under the AI Act. In related news from the European Union, the Commission has launched a call for evidence to review the 2019 Directive on copyright rules. This review aims to address challenges posed by artificial intelligence, online piracy, remuneration for music performers and producers, and research access. Interested parties are encouraged to provide their contributions by June 25, 2026. The European Union is also strengthening its economic security by mandating the screening of foreign investments in strategic sectors, including artificial intelligence, defence, semiconductors, critical raw materials, and financial services. This measure extends to intra-European Union transactions involving non-European Union ownership. Member states are required to implement mandatory screening procedures, streamline and harmonize national processes, and enhance cooperation with the European Commission and among themselves. Turning to France, the Commission nationale de l’informatique et des libertés, or CNIL, reported significant regulatory enforcement in 2025, including a record €487 million in fines and a surge in data breach notifications. The agency is progressively applying the Artificial Intelligence Act starting in 2025, emphasizing cybersecurity as a top priority for 2026. Organizations processing personal data in France must comply with both the General Data Protection Regulation and the Artificial Intelligence Act, adopt robust security measures against hacking, and cooperate fully with CNIL investigations and enforcement actions. In Germany, the Berlin State Government has introduced the TOP-Konzept plan to protect critical energy infrastructure. This plan includes technical measures such as AI-based attack detection systems, video surveillance, underground cabling, and georedundancies. Organizational measures involve 24/7 security patrols, enhanced personnel resources, visitor access regulation, and updated crisis management plans. Physical measures include the installation of high fencing and cooperation with police and security services. On the global stage, the Basel Committee on Banking Supervision has agreed to publish a report on information and communication technology risk management practices. The committee is progressing with a targeted review of prudential standards for cryptoasset exposures and considering updates to liquidity risk principles. These efforts address emerging risks such as operational resilience to ICT incidents, cryptoasset exposures, liquidity risk, and financial risks from extreme weather events. Banks and supervisors worldwide are urged to maintain vigilance and enhance cross-border information sharing to uphold financial stability. The International Organization of Securities Commissions, or IOSCO, concluded its 2026 Annual Meeting with the re-election of its Board Chair and Vice-Chairs. The meeting approved five reports, including one on an AI supervisory toolkit and another on market liquidity. IOSCO welcomed a new signatory to its Multilateral Memorandum of Understanding framework and outlined plans for the 2027 Annual Meeting. Finally, in China, authorities responded to an incident involving an AI-generated fake video falsely depicting the collapse of the Zhangjiajie Glass Bridge. The dissemination of this video caused public panic and led to legal enforcement actions against its creator. Chinese regulators emphasize the importance of monitoring and controlling the spread of false AI-generated content and raising public and business awareness about the risks of AI misuse. That wraps up today's regulatory updates. Visit carveragents.ai for more information.
Transcript source: Provided by creator in RSS feed: download file
For the best experience, listen in Metacast app for iOS or Android