Regulated SaaS businesses have 62 days before the EU AI Act comes into force
The pressure is becoming real
2 August 2026 is no longer a distant regulatory date - it’s 62 days away.
For regulated SaaS leaders, that means the window for vague reassurances is closing fast. AI is already woven into internal processes, engineering teams, and customer operations.
Some of that activity is visible. A lot of it isn’t.
Microsoft and LinkedIn’s 2024 Work Trend Index found that 78% of AI users are bringing their own AI tools to work. AI experimentation is moving faster than governance - faster than most leadership teams can see.
The uncomfortable part is not that AI is being used. It’s that many leadership teams don’t know where risks are increasing, what’s blocking more value from being created, and which initiatives to stop, fix, or scale.
Boardrooms are understandably excited about AI – the opportunity is clear. There’s also anxiety because 2 August is looming and AI activity is everywhere, but control and evidence are lacking.
The issue is proof
AI governance, strategy and value creation need to be part of the same conversation. Many businesses are exposed because these discussions are currently separated.
Risk assessment sits in one room while product teams move ahead in another. Engineering experiment at speed but it’s only commercial teams talking about value. Operations teams are left to deal with whatever lands.
That’s not how to build AI capability - that’s organisational drift.
The 2 August deadline makes that drift a bigger threat. AI governance can’t be a policy document that nobody uses. Strategy shouldn’t be a board deck without operating model considerations. Measuring ROI can’t be left until weeks after new workflows have been implemented.
If leaders cannot see the full picture – of risk, value, ownership and evidence – before 2 August, they could be in trouble.
Capability has to be built as a system
The answer for regulated SaaS businesses is not more AI noise. Instead they need a joined-up way of measuring true AI capability across the organisation.
S&P Global Market Intelligence found that organisations scrap 46% of AI initiatives before they reach production. Too many start without clear ownership, value creation strategy, or adoption planning.
So the work has to start earlier in terms of understanding current maturity, and deciding where AI has the power to create the greatest commercial value. Practical workflows need to be designed with governance and adoption from the start. People need help adopting new skills and habits that build confidence.
Because even the best AI strategy fails if it doesn’t measurably improve how work actually happens. That requires an accurate assessment of the risk and value AI is currently creating inside your business.
The Scorecard makes the invisible visible
This is why Scail created the AI Risk & Value Scorecard.
It gives regulated SaaS leaders a structured way to continuously measure AI across the areas that actually determine performance:
Governance & Risk
Strategy & Prioritisation
Commercial Alignment & Value Design
Technology & Data
Culture & Capability
Execution & Delivery
Adoption & Integration
Measurement & Value Realisation
This isn’t a one-off assessment. It’s a board-level view of where risks are increasing, what’s blocking more value from being created, and which initiatives to stop, fix, or scale.
Read more about our AI Risk & Value Scorecard.
