Acuity AI Advisory

Legal Sector

EU AI Act Compliance Review for Solicitors

Enforcement begins in August 2026 — starting with AI literacy and transparency, with high-risk conformity following in December 2027 under the May 2026 Digital Omnibus. Irish law firms deploying AI have specific obligations under the Act — and the LSRA will have enforcement powers. This review maps what you are using, what applies, and what needs to change.

Request the review

TL;DR

A EU AI Act compliance review for solicitors maps every AI tool in use at the firm against the Act's risk tier framework, identifies obligations under LSRA oversight, and produces a gap analysis with prioritised remediation actions. For Irish law firms, August 2026 is when enforcement starts — AI literacy and transparency first, with high-risk conformity due by December 2027 — not a planning target.

What the EU AI Act means for Irish solicitors

The EU AI Act treats AI systems used in the administration of justice and in legal proceedings as high-risk. This is not a hypothetical classification — it means that AI tools used to assist in preparing court documents, analysing case law and litigation risk, recommending legal strategies, or performing automated review of legal materials carry specific obligations under the Act.

For Irish law firms, the compliance landscape has two layers that must be addressed simultaneously: the EU AI Act's deployer obligations, and the Law Society's December 2025 AI guidance which clarifies how existing professional obligations apply when AI tools are used. These are separate frameworks. Compliance with the Law Society guidance does not constitute compliance with the EU AI Act.

A compliance review maps the firm's current AI use across both frameworks, identifies the gaps, and produces an action plan that addresses both. The output is a written document — not a presentation — that the firm can act on and that serves as evidence of due diligence.

What the review produces

  • Complete AI systems inventory — every tool in use, including unapproved shadow AI
  • EU AI Act risk classification for each system
  • LSRA oversight obligations mapped to specific systems
  • Deployer obligations assessment — what the firm must do, and what it is currently missing
  • Human oversight gap analysis for high-risk legal AI
  • Law Society guidance alignment check alongside EU AI Act obligations
  • Prioritised remediation roadmap — 90-day action plan with accountability assigned

The timeline after the Omnibus: what it means for law firms

What changed in May 2026 (Digital Omnibus): EU lawmakers agreed to defer the high-risk obligations for standalone AI systems to 2 December 2027. What did not change: from 2 August 2026, supervision and enforcement of the Article 4 AI literacy obligation begin and Article 50 transparency rules apply, with the LSRA — as sectoral regulator for Irish law firms — among the authorities exercising enforcement powers. The practical question for law firm management is whether the firm can demonstrate, this August, that it has taken the steps the Act already requires.

The high-risk steps are not trivial, and December 2027 is closer than it sounds. Conformity assessments for high-risk AI systems must be conducted before deployment. Human oversight mechanisms must be in place and operational. Logging requirements must be implemented. Staff must be trained — and trained staff is the one obligation enforced from August 2026. Incident reporting procedures must exist. A firm that discovers late that it is using high-risk AI without meeting any of these requirements has very limited options.

The review should begin now, not in the months before each deadline. A gap analysis that takes four to six weeks to complete, followed by a remediation programme that takes three to six months to implement, requires that the work starts well ahead of the dates — with the literacy and transparency items closed before 2 August 2026.

Why Acuity AI Advisory

Acuity AI Advisory is a contributor to the Law Society of Ireland's AI governance toolkit and has direct familiarity with the profession's regulatory framework. The EU AI Act compliance review is grounded in both the Act's specific obligations and the Law Society's guidance — not a generic compliance checklist applied without adaptation.

Ger Perdisatt, who leads all engagements, is a former COO of Microsoft Western Europe with direct experience of AI deployment at enterprise scale. He holds non-executive directorships at DAA and Tailte Éireann and is vendor-neutral — the review output is shaped by what the regulatory framework requires, not by any commercial interest in the technology choices that follow.

The review is fixed-fee, confirmed within 48 hours of a scoping call. The output is a written action plan — not a slide deck. It is designed to be acted on, not presented.

Questions

Common questions

What EU AI Act obligations apply to Irish law firms?

Irish law firms are deployers under the EU AI Act. As deployers, they are required to: use only AI systems that have undergone conformity assessments (for high-risk systems); implement appropriate human oversight measures; ensure staff using AI systems have the necessary competence; maintain logs of AI system use where required; report serious incidents involving AI systems; and provide transparency to individuals affected by AI-assisted decisions. For high-risk AI — which may include AI used in legal proceedings or that significantly affects individuals — the obligations are specific and auditable, with conformity deadlines of 2 December 2027 (standalone systems) under the May 2026 Digital Omnibus. The LSRA as sectoral regulator will have enforcement powers from August 2026 — beginning with the AI literacy and transparency obligations.

Who regulates law firms under the EU AI Act in Ireland?

The Legal Services Regulatory Authority (LSRA) is the designated sectoral regulator for law firms under the EU AI Act in Ireland. The LSRA already regulates solicitors' professional conduct and law firm operations — the EU AI Act adds AI-specific oversight responsibilities to its existing remit. The LSRA's regulatory approach to AI Act compliance is still developing, but law firms should not wait for enforcement guidance before assessing their obligations. The August 2026 enforcement start — and the December 2027 high-risk conformity deadline — are set by EU law itself, not by the LSRA's implementation timeline.

What is the August 2026 deadline for Irish solicitors?

August 2026 is when EU AI Act enforcement begins in earnest — but not, after the May 2026 Digital Omnibus, for high-risk systems. What lands on 2 August 2026: supervision and enforcement of the Article 4 AI literacy obligation (per the European Commission's AI Literacy Q&A), Article 50 transparency rules (AI-interaction disclosure and deepfake labelling), and Commission enforcement of GPAI providers. The AI Office of Ireland must be operational from 1 August 2026. High-risk obligations — conformity assessments, human oversight, logging, incident reporting — become enforceable on 2 December 2027 for standalone systems. For Irish law firms the August items are enforceable legal obligations, not optional compliance targets.

Related

EU AI Act ComplianceEU AI Act Readiness Review

Request an EU AI Act Compliance Review for Your Firm

Fixed-fee. Written findings. August 2026 enforcement start in view.

Get in touch