Skip to main content
Marsh logo

Solution

AI system risk analysis

To evaluate the potential risks associated with generative AI and remain compliant with regulatory requirements under the European Union AI Act, organizations should consider conducting an analysis of their artificial intelligence system risk. This analysis shows the risk classification of an AI system and any gaps in controls to meet regulatory requirements.

Contact us

The European Union AI Act is  comprehensive legislation issued by the European Commission aimed at regulating artificial intelligence within the European Union. It establishes a risk-based framework that categorizes AI systems into four levels — unacceptable, high, limited, and minimal risk — imposing strict requirements on high-risk systems to ensure safety, transparency, and accountability. 

Risk classification

Classifies AI system risk as unacceptable, high, limited, or minimal.

Controls assessment

Assesses the implemented controls versus the regulatory requirements, identifies potential gaps, and suggests remediations.

Other requirements

Optional analysis of additional requirements, such as general purpose AI and AI literacy.

Marsh helps organizations to analyze the risk classification requirements for their AI systems under the EU AI Act. The Act entered into force on 1 August 2024, and will be fully applicable 2 years later on 2 August 2026, with some exceptions:

  • prohibitions and AI literacy obligations entered into application from 2 February 2025
  • the governance rules and the obligations for general-purpose AI models become applicable on 2 August 2025
  • the rules for high-risk AI systems - embedded into regulated products - have an extended transition period until 2 August 2027

Depending on the risk classification, specific requirements will apply, Marsh specialists help organizations assess how well they meet these requirements, identify any gaps, and recommend appropriate remediation measures to address those gaps.

Benefits of an AI system risk analysis

Marsh uses specialized tools and structured questioning to identify, assess, and mitigate risks associated with AI system risks. The benefits for your organization include:

  • Classification of the AI system risk under the EU AI Act
  • Gap assessment of regulatory control requirements
  • Remediation suggestions to be included in the roadmap of AI-related activities
  • Documented processes through dedicated tooling and reporting
  • Optional analysis of other regulatory requirements such as those on general purpose AI or AI literacy

Contact us

For more information on our AI risk analysis service, contact your local Marsh representative or one of the colleagues below.

Gregory Van Den Top

Gregory van den Top

AI Practice Leader, Marsh Advisory Europe

  • Netherlands

Carlotta Jacomini

Carlotta Jacomini

Compliance Risk Advisory Managing Consultant, Marsh Advisory Europe

  • Italy

Valentina Laudiero

Valentina Laudiero

Compliance Risk Advisory Senior Consultant, Marsh Advisory Europe

  • Italy