en flag
Nutri-AI on LinkedIn
en flag
Nutri-AI on LinkedIn

AI in Food Compliance: Are we asking the right questions?

There is growing consensus that Regulatory Affairs, like many other functions involved in food product development, will benefit from AI, but how we frame this conversation will determine whether those benefits are real or merely superficial. Most discussions still focus on how to adopt tools, without genuinely addressing the awareness and governance needed to manage the specific risks associated with each AI use case.

Alessandro Drago and Antonella Francesca Mascali

From the Efficiency Narrative to the Strategic Role

The most common narrative around AI in food compliance starts from efficiency: expectations of faster navigation through complex regulatory texts, quicker access to standards and guidance documents, and greater capacity to review formulations, labels, and claims. A practical example might involve using AI to run a series of checklist validations and keyword matches, under the assumption that humans retain full control over the final reasoning. In theory, all of this should free Regulatory Affairs from more repetitive tasks and create space for strategic work, from defining product positioning to anticipating regulatory trends.

The risk, though, is treating AI as a shortcut to "automate compliance," reducing a nuanced reasoning process to a set of checklists and keyword matches. Those who work in Regulatory Affairs know that a compliant product results from an evaluation pathway that integrates regulations, scientific evidence, market context, and consumer perception, not from a single software-generated output.

The Same Opening Question

Most internal discussions start with the same question: "How should we use AI?" Teams compare tools, debate accuracy, and define how far "human judgment" must remain involved to validate the output. It's a worthwhile conversation, but it often stays at the surface, focusing on tool capabilities rather than on the implications of embedding those tools within the product development workflow.

When AI becomes part of the reasoning path that leads to a formulation, a label, or a claim, the key question is not just how to use AI, but under which governance model, with what level of transparency, and with what accountability for decisions made on the basis of AI-assisted outputs.

The EU AI Act as a Shared Reference

In Europe, the AI Act has become a central reference point in any discussion about the responsible use of artificial intelligence, and the food sector is no exception. The regulation introduces a harmonized framework that classifies AI systems according to their risk to health, safety, and fundamental rights, linking each tier to specific obligations for providers and deployers.commission.

Broadly, the AI Act distinguishes between AI practices considered "unacceptable risk" (which are prohibited), "high-risk" systems, "general-purpose AI," and limited or minimal risk uses subject to lighter obligations. The most stringent requirements apply to high-risk systems, which must comply with conditions covering risk management, data quality and governance, technical documentation, transparency to users, logging and traceability, effective human oversight, and robustness, including cybersecurity and accuracy.

The Medical Device Analogy

The medical device sector offers a clear illustration of how the AI Act frames high-risk use cases. AI-enabled medical devices, or in vitro diagnostic systems integrating AI, are generally classified as high-risk when they are themselves medical devices or safety components thereof and when they fall within product categories requiring conformity assessment by a notified body under MDR or IVDR.

Predictive continuous glucose monitoring (CGM) systems, which analyze real-time data to anticipate hypoglycemic episodes and alert patients, illustrate well why the combination of medical purpose, safety relevance, and direct health impact leads to a high-risk classification. In such cases, AI Act obligations layer on top of medical device regulatory requirements, with particular emphasis on AI-specific elements such as data governance, human oversight, and post-market monitoring.

Where Food Sector AI Looks Different

In food and nutrition, many AI tools appear less critical than in the medical domain, because they operate "behind the scenes" and do not interact directly with consumers. These include, for example, systems that support ingredient screening against regulatory lists, checking formulations against compositional limits, proposing label structures, or helping synthesize scientific evidence to underpin claims.

These uses are often perceived as lower risk because Regulatory Affairs retains the final say on product, label, and claim suitability, and because AI output does not reach consumers independently. That perception can be misleading if it leads teams to underestimate how deeply AI-assisted reasoning can shape the underlying evidence base, the options being considered, and the order in which they are evaluated.

Internal AI Tools and Their Impact

When AI supports activities such as ingredient pre-screening, initial label drafting, or prioritizing studies in an evidence review, it can readily influence what Regulatory Affairs professionals see first, how a problem is framed, and which alternatives surface. Even when AI-generated content is subsequently approved, revised, or rejected by human experts, part of the cognitive pathway is co-designed with a system whose internal logic and training data are not always fully transparent.

An AI assistant might, for example, flag only a subset of regulatory issues for a given formulation, based on patterns learned from previous products and markets. If the underlying data are incomplete or skewed, relevant constraints or interpretations may remain out of view, even when the human reviewer is experienced and attentive. The central question is not whether the final decision is "human," but whether the decision-maker has a clear enough picture of where and how AI influenced the process.

How the AI Act Treats Preparatory Tasks

The AI Act acknowledges that some AI systems perform limited or preparatory tasks in support of human decision-making, without materially shaping the final outcome. Article 6 and Annex III specify that certain systems listed as potentially high-risk can avoid that classification when they perform only narrow procedural tasks, improve results already obtained through prior human activity, or detect patterns without replacing human judgment, provided their impact on health, safety, and fundamental rights remains limited.

This distinction matters for food companies using AI internally within Regulatory Affairs. A tool that simply formats already validated data or facilitates document retrieval is different from one that pre-filters evidence, suggests regulatory interpretations, or ranks formulation options based on its own embedded criteria. The more a system shapes the substance of reasoning rather than its presentation, the more governance, transparency, and risk management considerations become relevant.

Governance Pillars for AI in Regulatory Affairs

In food compliance, the main challenge with AI is not simply tool adoption, but building governance models that fit the specific tasks AI performs and the decisions that follow from them. Several pillars are particularly relevant for Regulatory Affairs:

  • Clarity of purpose and scope: documenting which questions the AI system is designed to address, which inputs it uses, and which outputs it produces, with an explicit distinction between support functions and evaluative ones.

  • Data quality and provenance: understanding the origin, management, and update processes for the regulatory data, scientific evidence, and internal information feeding the system, and tracing how these sources are combined.commission.

  • Human oversight design: defining when and how Regulatory Affairs reviews AI outputs, which signals warrant deeper investigation, and how disagreements between AI recommendations and expert judgment are handled, documented, and fed back into organizational learning.

These elements echo the requirements set out for high-risk systems under the AI Act, even when internal tools used by food companies do not formally fall within that category. Adopting analogous practices helps strengthen traceability and accountability, and makes it easier to demonstrate responsible AI use to regulatory authorities and auditors.

Scientific Evidence, Interpretation, and AI Assistance

The food sector is one where decisions rarely reduce to a clear-cut yes or no. Scientific understanding evolves, regulation can be fragmented across international, EU, and national levels, and interpretation often depends on context of use and communication channels. Evidence supporting a claim may be suggestive rather than definitive, and regulatory authorities or consumer organizations may apply more conservative readings than companies do.

AI tools that support evidence gathering or synthesis can be valuable, for instance by identifying relevant studies or mapping outcomes to endpoints referenced in regulations or guidelines. At the same time, they risk oversimplifying nuanced scientific discussions, prioritizing easily retrievable literature, and masking uncertainty behind polished summaries. For this reason, Regulatory Affairs review processes should look not only at what the AI retrieved but also at what it may not have captured.

Awareness as a Core Competency

As AI becomes embedded in daily workflows, awareness turns into a competency, not a training module to check off. Those working in Regulatory Affairs should have at least a working understanding of how the AI systems they rely on are built, what data they use, how they are updated, and how their performance is evaluated over time.

This awareness supports more targeted questioning of AI outputs. Rather than asking only whether a given answer is "correct," the expert can ask what data it is based on, which alternatives were considered, and how the system behaves in borderline cases. Combined with solid documentation and appropriate logging, this mindset helps maintain scientific rigor and regulatory reliability in an environment where automation can easily obscure the real complexity of the decision-making process.

Practical Questions for Regulatory Affairs Teams

Regulatory Affairs teams can begin by asking a different set of questions when introducing AI into their processes:

  • For each AI-assisted task, how does the system influence what experts see, in which order, and with what emphasis?

  • Which assumptions about regulation, risk, or scientific evidence are embedded in the model or its training data, and who validated them?

  • How are disagreements between AI suggestions and Regulatory Affairs judgment managed, documented, and used over time, both to improve system performance and to strengthen organizational learning?

Framing the debate around these questions shifts the focus from tool selection to governance design. It means acknowledging that AI does not remove regulatory responsibility but raises the bar on how companies structure, monitor, and evolve their decision-making frameworks as technology and regulatory expectations advance together.

#NutriAI #NutriAINewsletter #ArtificialIntelligence #AI #Nutrition #ScientificCommunication #FoodTech #FoodSafety #AIRegulation #EFSA #RegulatoryCompliance #ISO42001 #HealthClaims #DigitalInnovation #ResponsibleAI #AITransparency #Governance #DataScience #FoodCompliance #DigitalNutrition #FoodLaw #HighRiskAI #TrustInAI #AINews #ScientificCommunication #EUAIAct #MedicalEducation #AIliteracy #ContinuingEducation #Dietitians #Nutritionists #LargeLanguageModels #AIAct #ClinicalDecisionSupport #DigitalHealth #Nutrition

Disclaimer: All rights to images and content used belong to their respective owners. This article is provided for educational and informational purposes only. It does not constitute legal or regulatory advice. Organizations should consult qualified legal and regulatory experts before implementing AI systems in the nutrition sector.

--------------------------------------------------------------------------

Bibliographic and Regulatory References

  1. Artificial Intelligence in healthcare. European Commission, 2026. https://health.ec.europa.eu/ehealth-digital-health-and-care/artificial-intelligence-healthcare_en

  2. Understanding EU AI Act Risk Categories. Security Compass, 2024. https://www.securitycompass.com/blog/understanding-eu-ai-act-risk-categories/

  3. Guidelines for providers and deployers of AI high-risk systems. European Commission, 2026. https://digital-strategy.ec.europa.eu/en/policies/guidelines-ai-high-risk-systems

  4. MDCG 2025-6: Interplay between the Medical Devices Regulations and the AI Act. Medical Device Coordination Group / European Commission, 2025. https://health.ec.europa.eu/document/download/b78a17d7-e3cd-4943-851d-e02a2f22bbb4_en?filename=mdcg_2025-6_en.pdf

  5. Article 6: Classification Rules for High-Risk AI Systems. EU Artificial Intelligence Act. https://artificialintelligenceact.eu/article/6/

  6. High-level summary of the AI Act, 2024. https://artificialintelligenceact.eu/high-level-summary/

  7. Risk-Based Monitoring for AI-Enabled Medical Devices. DIA Global Forum, 2025. https://globalforum.diaglobal.org/issue/september-2025/risk-based-monitoring-for-ai-enabled-medical-devices/

  8. AI Act and Medical Devices: What you need to know. CMC Medical Devices, 2025. https://cmcmedicaldevices.com/when-does-the-ai-act-apply-to-medical-device-software/

  9. AI Act | Shaping Europe's digital future. European Commission, 2026. https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai

  10. Risk Categorization per the European AI Act. Emergo by UL, 2024. https://www.emergobyul.com/news/risk-categorization-european-ai-act

  11. Key Issue 3: Risk-Based Approach. EUAIAct.com. https://www.euaiact.com/key-issue/3

  12. Article 26: Obligations of deployers of high-risk AI systems. European Commission AI Act Service Desk. https://ai-act-service-desk.ec.europa.eu/en/ai-act/article-26

  13. Article 14: Human Oversight. EU Artificial Intelligence Act. https://artificialintelligenceact.eu/article/14/

  14. EU AI Act - EU Artificial Intelligence Act, 2025. https://www.euaiact.com

  15. Article 10: Data and Data Governance. EU Artificial Intelligence Act. https://artificialintelligenceact.eu/article/10/

  16. The Act Texts. EU Artificial Intelligence Act. https://artificialintelligenceact.eu/the-act/

  17. Assessing High-Risk AI Systems under the EU AI Act. arXiv, 2024. https://arxiv.org/html/2512.13907v3

  18. AI Act enters into force. European Commission, 2024. https://commission.europa.eu/news-and-media/news/ai-act-enters-force-2024-08-01_en

  19. EU AI Act: first regulation on artificial intelligence. European Parliament, 2025. https://www.europarl.europa.eu/topics/en/article/20230601STO93804/eu-ai-act-first-regulation-on-artificial-intelligence

  20. Artificial intelligence act. European Parliamentary Research Service, 2024. https://www.europarl.europa.eu/thinktank/ga/document/EPRS_BRI(2021)698792

  21. The EU Artificial Intelligence Act, 2026. https://artificialintelligenceact.eu

Contact details

Follow me on LinkedIn

Nutri-AI 2025 - Alessandro Drago. All rights reserved.

LinkedIn

e-mail: info@nutri-ai.net

Nutri-AI on LinkedIn