A quiet milestone slipped past while everyone was arguing about DeepSeek: on 2 February, the first provisions of the EU AI Act became applicable. The headlines went to the newly banned practices – social scoring, emotion recognition in workplaces, and the rest of Article 5's list. But the provision that touches the most organisations, including plenty of Australian ones, is the quieter Article 4.
In plain terms: providers and deployers of AI systems must take measures to ensure a sufficient level of AI literacy among staff and anyone else operating AI systems on their behalf – taking into account their technical knowledge, experience, education, and the context the AI is used in.
Read that again. Not providers of high-risk systems. Not AI companies. Deployers – which, under the Act, is essentially any organisation using AI systems in a professional capacity. And the obligation applies regardless of how the system is risk-classified.
"But we're in Australia"Link to this section
The AI Act has the same long arms the GDPR taught us to respect. You're in scope if you have an EU establishment, sell into the EU, or in some cases if your AI system's output is used in the EU. For an Australian exporter with a Rotterdam distributor, a SaaS company with Frankfurt customers, or anyone with a Dublin subsidiary, "that's a European problem" is not a defensible position.
And even for organisations with no EU nexus at all, Article 4 matters as a signal. Regulators write down what they've concluded, and the EU has concluded – in law – that untrained people operating AI systems are a risk in themselves. Expect that idea to travel.
What the obligation actually asks forLink to this section
Article 4 is deliberately un-prescriptive. There's no mandated curriculum, no certificate to buy, no minimum hours. "Sufficient" literacy depends on who the person is and what they're doing with AI. That flexibility is good news for organisations that engage with it honestly, and a trap for the ones hoping a single all-hands webinar will do.
A reading that would survive scrutiny looks something like this:
| Audience | Sufficient probably means |
|---|---|
| All staff using AI tools | Safe use: what data may be shared, verifying output, knowing the failure modes |
| Staff operating specific AI systems | The above, plus that system's limits, oversight duties, and escalation paths |
| Managers approving AI use | Risk context: where AI decisions affect people, what the Act restricts |
| Technical teams building with AI | Deeper coverage of testing, monitoring, and documentation duties |
Notice the shape: role-based, proportionate, and tied to what people actually do. That's not a compliance novelty – it's just good training design with a legal deadline attached.
The artefact that will matter: recordsLink to this section
Here's the practical bit most commentary skips. Enforcement machinery for the Act arrives in stages over the next eighteen months, but when a regulator, customer, or opposing counsel eventually asks about Article 4, the question won't be "did you care about AI literacy?" It will be:
Show us who was trained, on what content, and when.
If your answer lives in a spreadsheet someone updates when they remember, you have a records problem wearing a training costume. Completion tracking, content versioning, and dates are what turn "we ran some sessions" into evidence. This is the same lesson ISO 27001 audits teach about awareness training, now applied to AI.
What we'd put in place this quarterLink to this section
- Map your exposure. Do you provide or deploy AI systems with any EU touchpoint? Write the answer down, even if it's "no" – that analysis is itself worth having on file.
- Tier your people. Everyone, operators, approvers, builders. Four tiers is almost always enough.
- Run role-based training, not a broadcast. A warehouse team and a credit-decisioning team do not need the same hour.
- Keep evidence as you go. Names, dates, content versions, refreshers. Boring on purpose.
- Connect it to your AI policy. Training that references your actual acceptable-use rules and your actual approved tools sticks. Generic content about "the rise of AI" doesn't.
The bigger pictureLink to this section
We've argued for years that training is a security control, not a courtesy. Article 4 is the first time a major regulator has written that into binding law for AI specifically – and it won't be the last. Whether or not the EU can reach you, your customers, insurers, and auditors are all reading the same signal.
Getting ahead of it isn't onerous. It's one honest skills-mapping exercise, a tiered programme, and the discipline of keeping records. If you'd like a sounding board on any of those pieces, talk to us – this is precisely the work we do all day.