A regulator or your legal team flags that your AI feature may fall under high-risk AI rules like the EU AI Act. As the PM, how do you respond?

role-specific · Mid level · product-management

What the interviewer is really asking

Test whether the candidate can turn AI regulatory obligations into concrete product requirements — risk classification, documentation, human oversight, logging, transparency — and partner with legal rather than treating compliance as a blocker to route around.

What to say

What to avoid

Example answers

Strong: My first move was to nail the classification with legal rather than assume — our AI feature touched hiring screening, which is explicitly a high-risk use case, so the obligations were real. I then turned the requirements into backlog items: a human-oversight step so the model never auto-decided, decision logging with retention for auditability, a data-governance and bias review, technical documentation, and clear user disclosure that AI was involved. I sequenced these into the launch plan with legal as a co-owner so we shipped compliant on the first date, not retrofitted later.

Weak: Compliance is legal's job — I'd hand it to them and keep building, and we'd deal with the requirements if they actually become a problem.

Want questions matched to your role? Paste a job title, job description, or CV and get a personalized set, or go Pro to unlock the full bank.