EU Regulation for SaaS, AI and Software Companies in 2026: CRA, the AI Act and the Product Liability Directive in Practice

Q: How precisely must an AI model's training data be published?

Providers of general-purpose models must publish a sufficiently detailed summary of the training content, but it should be generally comprehensive rather than technically detailed. There is no need to list individual works or datasets.

7 days ago
6 min read

In 2026, three EU regulations will reshape the compliance requirements for software, SaaS and AI companies in Finland: the Cyber Resilience Act (CRA), the AI Act and the new Product Liability Directive (PLD). This guide explains what they mean in practice, whether they apply to your company, and what you should do along with the key dates.

In short: these three laws are best handled as a single whole rather than as three separate projects. Their shared core is transparency and documentation, and the same work serves all three. When a company developing an AI product documents its development and data in line with the AI Act, that same documentation also supports it in a product liability situation and cybersecurity handled to CRA standards reduces the risk that a security gap triggers product liability. Building transparency and documentation into product development therefore helps the entire compliance picture at once.

What is the CRA (Cyber Resilience Act), and does it apply to a SaaS company?

The Cyber Resilience Act (CRA) imposes a duty: if a company places a connected product on the market, it is responsible for the product's security throughout its entire lifecycle. In Finland, the complementary act on the cyber resilience of certain products (439/2026) entered into force on 1 June 2026, with Traficom's National Cyber Security Centre acting as the national supervisory authority.

Does the CRA apply to my product?

The CRA applies to a product if any one of the following is true: the product has a data connection to a network; the product has a downloadable or installable component; the product's operation depends on the manufacturer's own backend (server).

A pure browser-based SaaS service largely falls outside the CRA — it comes under the NIS2 cybersecurity directive instead. By contrast, a mobile app that needs the company's own API backend to function, for example, falls within the scope of the CRA.

CRA risk classes and conformity assessment

The majority of products fall into the so-called default category, for which the manufacturer's own self-assessment is sufficient, with no external audit. A stricter, third-party assessment applies to core security products such as password managers, VPN solutions, identity management and firewalls.

CRA vulnerability reporting: 24 h / 72 h / 14 days

The CRA's most imminent obligation is vulnerability reporting, which begins on 11 September 2026. When a company detects an actively exploited vulnerability, it must notify the EU cybersecurity agency (ENISA) with an early warning within 24 hours, a more detailed notification within 72 hours, and a final report within 14 days. This requires that the vulnerability management process be built and ready before September 2026.

The AI Act: when is an AI system a high-risk system?

The AI Act classifies AI systems according to risk. A political agreement reached in May 2026 (the Digital Omnibus) postponed the obligations for high-risk systems: standalone Annex III systems moved to 2 December 2027, and systems embedded in products to 2 August 2028. As of summer 2026 the agreement had not yet been finally confirmed.

Why you should do the risk assessment now

Despite the postponement, you should carry out the self-assessment of your AI system's risk level immediately, for three reasons. First, the transparency obligations were not postponed: chatbot and AI-content labelling take effect on 2 August 2026. Second, customers will ask — you need to be able to answer which risk class your product falls into in due diligence questions. Third, classification is the most labour-intensive stage, and doing it in advance gives you a head start.

Typical high-risk AI use cases

High risk is determined by the intended purpose, not the technology. The most common high-risk triggers for SaaS companies are recruitment and HR (CV screening, candidate scoring, performance evaluation), lending and insurance pricing, and education access and assessment systems.

A general-purpose language model on its own is not a high-risk system, but integrated into a recruitment tool it is. If a system profiles people, it is always a high-risk system.

How precisely must training data be described?

A common misconception is that the AI Act would require very detailed disclosure of training data. It does not. Providers of general-purpose AI models (GPAI) must publish a "sufficiently detailed summary" of the training content following the AI Office template, but according to the Commission's explanatory note the summary should be "generally comprehensive" rather than "technically detailed" — there is no need to list individual works or datasets. For high-risk systems, the issue is data governance and quality, plus technical documentation intended for the authorities, not public disclosure of the data. Practical advice: document carefully internally, but do not reveal trade secrets beyond what the law requires.

The Product Liability Directive (PLD): software is now a "product"

The new Product Liability Directive (PLD) explicitly defines software, SaaS and AI as products. This means strict liability: the injured party does not have to show that the manufacturer was negligent — it is enough that the product was defective, that damage occurred, and that there is a causal link between the two. This liability cannot be excluded through terms of use. In addition, the burden of proof is eased in the claimant's favour in situations where technical complexity (such as the AI "black box") makes proving the defect unreasonably difficult.

The situation in Finland: the development risk defence

A Ministry of Justice working group has proposed (report dated 2 February 2026) that Finland should not adopt the so-called development risk defence — a defence by which a manufacturer could escape liability by arguing that the defect could not have been detected when the product was placed on the market. The government bill has not yet been submitted to Parliament (expected in autumn 2026) and the law has not been adopted, so for now this remains a proposal.

The proposal would continue Finland's long-standing approach: Finland did not adopt this defence even in the 1990 Product Liability Act, and is, alongside Luxembourg, the only EU member state to have left it unapplied to all products. In practice, a Finnish software and AI company will continue to bear stricter liability than many of its European competitors. The deadline for national implementation of the directive is 9 December 2026.

How the laws connect and what it means for a company

These three regulations are not separate. Under the Product Liability Directive, a breach of the CRA or the AI Act can give rise to a presumption that the product is defective in a damages proceeding. In other words, neglecting one law can become costly through another. Conversely, good documentation and cybersecurity support your defence under all three.

This leads to the best strategy: build transparency and documentation into product development and the supply chain from the very start. The same work serves all three laws at once.

Practical steps: what your company should do now

Carry out a product inventory and answer the three CRA questions
Produce an SBOM (Software Bill of Materials), a machine-readable list of all software components
Build a vulnerability management process
Classify your AI systems by risk level now
Add chatbot and AI-content labelling before August 2026
Keep documentation and insurance in order.

Key dates 2026–2027

The key dates unfold as follows. Finland's cyber resilience act (439/2026) entered into force on 1 June 2026. The AI Act's transparency obligations take effect on 2 August 2026. CRA vulnerability reporting begins on 11 September 2026. AI-content watermarking and the new prohibited practices take effect on 2 December 2026. The deadline for national implementation of the Product Liability Directive is 9 December 2026. The AI Act's high-risk obligations (postponed) take effect on 2 December 2027, and the CRA's full requirements, including CE marking, on 11 December 2027.

Frequently asked questions (FAQ)

Does the CRA apply to a pure SaaS service? A pure, browser-only SaaS service largely falls outside the CRA and comes under the NIS2 directive. If the service involves a downloadable or installable component or app that depends on the manufacturer's backend, the CRA may apply.

When do the CRA obligations start? Finland's complementary act (439/2026) has been in force since 1 June 2026. Vulnerability reporting begins on 11 September 2026, and the full requirements, including CE marking, on 11 December 2027.

Is HR or recruitment SaaS a high-risk AI system? Typically yes. AI systems used for recruitment and workforce management (CV screening, candidate scoring, performance evaluation) fall into the AI Act's high-risk category. What matters is the intended purpose, not the technology.

Were the AI Act obligations postponed? The obligations for high-risk systems were postponed (standalone Annex III systems to 2 December 2027), but the transparency obligations and the AI literacy requirement were not — they remain in force on schedule.

Can a Finnish software company invoke a "we couldn't have known" defence in product liability? A Ministry of Justice working group has proposed that Finland should not adopt the development risk defence. If the proposal goes through, such a defence cannot be invoked. The matter will be settled when the government bill is submitted and the law is adopted (expected in late 2026).

How precisely must an AI model's training data be published? Providers of general-purpose models must publish a "sufficiently detailed summary" of the training content, but it should be generally comprehensive rather than technically detailed. There is no need to list individual works or datasets.

This article is a general overview of the situation in spring and summer 2026, not legal advice. Some of the regulations were still being finalised. Check product-specific details from official sources (EUR-Lex, Traficom, the Ministry of Justice) before making significant decisions.