TECH & AI
For years, compliance in the data centre sector was largely a matter of documentation – policies drafted, risk registers maintained, audits passed. That era is over. In 2026, the convergence of the EU AI Act’ s escalating enforcement schedule, a wave of US state-level AI legislation and a global tightening of data governance frameworks has fundamentally altered what it means to operate within the rules.
The shift is being felt most acutely in organisations managing AI workloads at scale. Data centres hosting large language models, agentic automation pipelines and real-time inference infrastructure are now operating under a compliance regime that was barely imaginable three years ago.
Regulators are no longer asking whether organisations have AI policies – they are demanding evidence that those policies are operationally embedded, continuously monitored and demonstrably effective.
The EU AI Act is the sharpest edge of this new environment. Full enforcement for high-risk AI systems is set for August 2026, covering critical infrastructure, employment and essential services. Fines for severe violations can reach € 35m( US $ 40.56m) or 7 % of global turnover.
Meanwhile, US states including California, Colorado and Texas are moving their own AI legislation into enforcement phases, creating a fragmented but increasingly real multijurisdictional compliance burden that no manual process can absorb efficiently.
140 April 2026