Table of Contents
- 1.What the EU AI Act is and why it matters now
- 2.The four risk tiers at a glance
- 3.Who is affected: six roles across the AI value chain
- 4.What high-risk systems must do (Art. 9–15)
- 5.The implementation timeline: what applies when
- 6.GPAI: special rules for foundation models
- 7.Penalties and enforcement
- 8.10-step compliance roadmap
- 9.Common pitfalls in practice
- 10.The EU AI Act in global context
What the EU AI Act is and why it matters now
As of June 2026: This guide describes the original, legally binding phase-in plan. The Digital Omnibus proposed by the European Commission on November 19, 2025 would shift the high-risk obligations under Annex III from August 2, 2026 to December 2, 2027 — but until it is formally adopted by the Council and Parliament, the original timeline remains authoritative. The prohibitions in force since February 2025 and the GPAI obligations effective since August 2025 are unaffected by the proposal. For the full picture, see our update "EU AI Act 2026: What the Digital Omnibus Delay Really Changes."
The EU AI Act — formally Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 — is the world's first comprehensive, legally binding regulation of artificial intelligence. Published in the Official Journal on July 12, 2024, it entered into force on August 1, 2024. Its most consequential obligations, however, phase in across four stages — and the decisive stage begins on August 2, 2026.
Unlike other EU regulations, the AI Act is not sector-specific. It is horizontal in scope, covering any organization that develops, distributes, imports, or deploys AI systems in the EU — regardless of where the organization is headquartered. Its legal basis rests on Articles 114 and 16 TFEU: internal market harmonization and personal data protection. Maximum fines reach €35 million or 7% of global annual turnover — exceeding the maximum penalties under the GDPR.
The extraterritorial reach is remarkably broad. Under Article 2(1)(c), providers and deployers outside the EU fall within scope whenever the output of their AI system is used within the EU — even without intentionally targeting the EU market. That is stricter than the GDPR, which requires deliberate offering of services to EU residents. A US SaaS company whose AI feature is consumed by a German customer is in scope.
The AI Act does not replace the GDPR, the Digital Services Act, or sector-specific product safety legislation. It operates alongside them. Where a violation infringes both the AI Act and another regulation, Article 99(8) applies only the higher fine — no stacking.
What of this concretely applies to your organization is clarified by our free EU AI Act readiness check — including the deadlines that actually apply after the Digital Omnibus.
The EU AI Act is the world's first horizontal AI regulation. With penalties of up to €35 million or 7% of global turnover, fines exceed the GDPR's. Core obligations apply from August 2, 2026.
The four risk tiers at a glance
The entire architecture of the AI Act rests on a risk-based classification system. Every AI system is assigned a tier, and obligations scale with it. Correct classification is the first and most important compliance step — misclassified systems either produce unnecessary work or lead to violations.
Unacceptable risk refers to practices banned entirely since February 2, 2025. Eight categories fall into this tier with no compliance pathway: subliminal or manipulative techniques distorting behavior; exploitation of vulnerabilities based on age, disability, or socioeconomic situation; social scoring by public authorities; criminal risk prediction based solely on profiling; untargeted scraping of facial images from the internet or CCTV; emotion recognition in workplaces and educational institutions (with exceptions for medical and safety reasons); biometric categorization to infer sensitive attributes like race or political views; and real-time remote biometric identification in public spaces for law enforcement.
High-risk AI systems form the regulatory core. Two paths lead to high-risk classification. Under Article 6(1), a system is high-risk if it is a safety component of — or itself is — a product covered by EU harmonization legislation in Annex I (medical devices, machinery, toys, vehicles, aviation, and others) that requires third-party conformity assessment. Under Article 6(2), a system is high-risk if it falls within one of eight domains in Annex III.
Limited or transparency risk applies to systems that interact directly with people or generate synthetic content. Chatbots must disclose that users are interacting with AI. Deepfakes must be labeled as artificially generated. Emotion recognition and biometric categorization systems must inform affected persons. These obligations apply from August 2, 2026.
Minimal risk covers the majority of AI systems — spam filters, recommendation engines, search tools. No mandatory obligations. The AI Office encourages voluntary codes of conduct under Article 95, but legal duties do not apply.
The Article 6(3) exception
An important caveat: a system listed in Annex III is not high-risk if it performs only a narrow procedural task, improves a previously completed human activity, detects decision-making patterns without replacing human assessment, or performs preparatory work.
However: AI systems that profile natural persons are always high-risk, regardless of this exception. In practice, the exception is often misapplied — with the risk that a system is incorrectly classified and the corresponding obligations are not met.
| Tier | Label | Examples | Obligations | Effective |
|---|---|---|---|---|
| 1 | Unacceptable | Social scoring, Clearview-style scraping, workplace emotion recognition | Banned | Since 2.2.2025 |
| 2 | High-Risk | Recruitment AI, credit scoring, biometrics, education AI, critical infrastructure | Full provider duties (Art. 9–15), conformity assessment, CE marking, EU database | 2.8.2026 |
| 3 | Limited / Transparency | Chatbots, deepfakes, AI-generated content, emotion recognition outside workplace | Labeling and disclosure obligations | 2.8.2026 |
| 4 | Minimal | Spam filters, game mechanics AI, simple recommendation engines | No mandatory obligations | — |
Who is affected: six roles across the AI value chain
The AI Act assigns obligations to six roles. Who bears which obligations depends not on the company name but on the functional position in the AI system's lifecycle. Organizations can simultaneously hold multiple roles — for example, as deployer of a pre-built AI and provider of a self-developed component.
Article 25 is the biggest compliance trap for organizations buying pre-built AI systems. Once you substantially modify or change the intended purpose, full provider obligations apply — including conformity assessment and technical documentation.
Providers — the heaviest burden
Providers under Article 3(3) carry by far the heaviest burden. A provider is any entity that develops or has an AI system developed and places it on the EU market under its own name or trademark — whether for payment or free of charge.
Providers must conduct conformity assessment, produce technical documentation, operate a quality management system, apply CE marking, and register the system in the EU database. All obligations of Articles 9–15 apply to high-risk systems.
Deployers — users under their own authority
Deployers under Article 3(4) are organizations using AI systems under their authority — not for private purposes. Deployers must follow provider instructions, ensure qualified human oversight, retain logs for at least six months, and — where required — conduct a Fundamental Rights Impact Assessment (FRIA) under Article 27.
Before deploying high-risk AI in the workplace, employees and worker representatives must be informed. This is not negotiable and also affects organizations that have so far treated AI as a pure productivity tool.
Importers, distributors, product manufacturers
Importers under Article 23 must verify, before placing the system on the market, that the third-country AI system has valid conformity assessment, CE marking, and proper documentation. Distributors under Article 24 must verify CE marking and documentation before making the system available.
Product manufacturers integrating high-risk AI into their products fully assume provider obligations. This is particularly relevant for machinery builders, medical device manufacturers, and vehicle manufacturers sourcing AI components from suppliers.
Authorized Representative for non-EU providers
For non-EU providers, the Authorized Representative role under Article 22 is central: before placing an AI system on the EU market, a mandated representative established in the EU must be appointed. They hold documentation, cooperate with authorities, and may terminate the mandate if the provider fails to comply.
The Article 25 trap
One of the most consequential provisions hides in Article 25: a deployer automatically becomes a provider if they (a) place their name or trademark on an existing high-risk system, (b) make a substantial modification, or (c) change the system's intended purpose so that it becomes high-risk.
This captures anyone who substantially customizes a pre-built AI system — fine-tuning a foundation model with proprietary data, integrating custom rules into a third-party recruiting tool. Companies that think of themselves as just deployers must test this for each use case.
What high-risk systems must do (Art. 9–15)
Providers of high-risk systems sit at the center of the regulatory architecture. Articles 9 through 15 describe the operational core obligations that must be met across the entire lifecycle — from design to post-market monitoring. Taking these articles seriously means building substantial engineering, documentation, and governance practices.
Technical documentation must be retained for ten years — and for biometric identification, decisions may only be acted upon after at least two humans have verified the result. These have direct staffing and process design implications.
Risk management (Art. 9)
Risk management is not a one-time exercise but a continuous, iterative cycle. Providers must identify known and reasonably foreseeable risks to health, safety, and fundamental rights — both from intended use and reasonably foreseeable misuse.
Residual risk must be judged acceptable individually for each hazard and in aggregate. Testing must occur under real-world conditions with predefined metrics and probabilistic thresholds, with special consideration for minors and other vulnerable groups.
Data governance (Art. 10)
Data governance demands rigorous quality standards for training, validation, and test datasets. Providers must document data origin, make preprocessing steps (annotation, labeling, cleaning) traceable, state assumptions about what the data represents, examine biases for fundamental rights impact, and identify data gaps.
Datasets must be representative, as error-free as possible, and statistically appropriate for the geographic, contextual, and functional deployment setting. Exceptionally, providers may process special categories of personal data (such as race or health data) only for bias detection — under strict safeguards including pseudonymization.
Technical documentation (Art. 11, Annex IV)
Technical documentation must be complete before market placement and retained for ten years after placement. Annex IV defines the minimum content: general system description, detailed design choices, architecture, data requirements and training methods, human oversight assessment, anticipated changes across the lifecycle, applied harmonized standards, EU declaration of conformity, and post-market monitoring plan.
SMEs and startups may use simplified formats. This is practically relevant but should not be understood as an invitation to significantly reduce documentation depth — the burden of proof in case of dispute lies with the provider.
Record-keeping, logging, and transparency (Art. 12–13)
Automatic logging is mandatory for traceability and operational monitoring. For biometric identification systems, every use instance must be documented with timestamp, reference databases, input data, and results.
Transparency obligations to deployers under Article 13 require comprehensive instructions: provider identity, system capabilities and limitations, intended purpose and foreseeable misuse risks, accuracy and robustness levels, human oversight measures, computational requirements, and expected system lifetime.
Human oversight (Art. 14)
Human oversight is the most practically significant requirement. Systems must be designed so that natural persons can fully understand capabilities and limitations, monitor operation and detect anomalies, stay aware of automation bias risks, correctly interpret outputs, decline use or override results, and interrupt operation via a stop mechanism.
For biometric identification: no action may be taken based on system output until at least two natural persons have verified the result. This has direct staffing and process design implications — 24/7 biometric identification operations require correspondingly doubled staffing.
Accuracy, robustness, and cybersecurity (Art. 15)
Systems must be resilient against errors, faults, and targeted attacks — including data poisoning, adversarial examples, model flaws, and backdoors. Systems using continuous learning must actively mitigate feedback-loop biases.
Beyond these technical requirements, providers must establish a quality management system (Art. 17), complete conformity assessment (Art. 43), apply CE marking (Art. 48), issue an EU declaration of conformity (Art. 47), and register the system in the EU database (Art. 49). Most Annex III systems may use internal self-assessment (Annex VI). Biometric identification systems and cases where harmonized standards have not been applied require assessment by a notified body (Annex VII).
The implementation timeline: what applies when
The AI Act does not apply all at once. Under Article 113, obligations phase in across four stages. Compliance projects planning against the wrong deadline fail at the wrong time. Important: August 2, 2026 is the reference deadline for most obligations — less than four months away at the time of this article's publication.
Special deadlines and exemptions
Two specifics matter: Large-scale IT systems under Annex X have a deadline of December 31, 2030. High-risk systems already placed into service by public authorities before August 2026 must comply by August 2, 2030.
Digital Omnibus Package — timeline uncertainty
In November 2025, the Commission proposed a Digital Omnibus Package that would link application of high-risk rules to the availability of harmonized standards. The Council adopted its negotiating position in March 2026. If passed, standalone high-risk system deadlines could shift to December 2, 2027, and product-embedded systems to August 2, 2028. Negotiations with the European Parliament are ongoing.
Our recommendation: Do not plan against this potential shift. Prohibitions and GPAI rules are already in effect, and August 2, 2026 remains the baseline for responsible planning. Organizations waiting for a delay gain at best a few months — and lose the time needed to build solid governance.
| Phase | Date | What becomes effective |
|---|---|---|
| Phase 1 | February 2, 2025 (in effect) | General provisions (Ch. I), AI literacy obligation (Art. 4), all eight categories of prohibited practices (Art. 5) |
| Phase 2 | August 2, 2025 (in effect) | GPAI model obligations (Ch. V), governance structures (AI Board, Advisory Forum, Scientific Panel), designation of national authorities, penalty framework (Art. 99–100) |
| Phase 3 | August 2, 2026 | All high-risk requirements for Annex III systems, transparency rules (Art. 50), regulatory sandboxes, deployer obligations, Article 101 (GPAI fines) |
| Phase 4 | August 2, 2027 | High-risk systems under Annex I (product safety), full compliance for GPAI models placed on the market before 2.8.2025 |
GPAI: special rules for foundation models
General-purpose AI models — defined under Article 3(63) as models displaying significant generality capable of competently performing a wide range of tasks — are subject to a dedicated regime that has been applicable since August 2, 2025. GPAI models include the large language models from OpenAI, Anthropic, Google, Meta, and others.
All GPAI model providers must meet four core obligations under Article 53: technical documentation covering training and testing processes (Annex XI); information for downstream AI system providers about model capabilities and limitations (Annex XII); a copyright compliance policy in line with the Copyright Directive (EU) 2019/790; and publication of a sufficiently detailed summary of training data content, for which the Commission published a template in July 2025.
Models released under free and open-source licenses where parameters, architecture, and usage information are publicly available are exempt from documentation and downstream information obligations — but must still comply with copyright and training data summary requirements.
Systemic risk — the additional category
Under Article 51, a GPAI model is deemed systemically important if it has high-impact capabilities. The regulation establishes a rebuttable presumption: if cumulative training compute exceeds 10^25 FLOPs, the model is presumed to have high-impact capabilities. This threshold currently captures frontier models from OpenAI, Google, Anthropic, and others. By January 2026, 15 GPAI models had been notified as systemically important.
Systemic-risk models face additional obligations under Article 55: standardized model evaluations including adversarial testing (red teaming); assessment and mitigation of systemic risks at EU level (including chemical/biological weapon development risks, loss of control over autonomous systems, and societal-scale harms); prompt incident reporting to the AI Office; and adequate cybersecurity for model and infrastructure.
The GPAI Code of Practice
As a voluntary instrument for demonstrating compliance, the Commission published the GPAI Code of Practice on July 10, 2025. Amazon, Google, Microsoft, OpenAI, and Anthropic signed. Meta declined, arguing the Code introduces legal uncertainties beyond the scope of the regulation. xAI signed only the safety and security chapter.
Non-signatories must demonstrate compliance independently and face increased scrutiny from the AI Office. Full enforcement powers including fines of up to €15 million or 3% of global turnover commence on August 2, 2026.
What this means for deployers
Organizations using GPAI models via API — ChatGPT, Gemini, Claude, Mistral — are not providers of those models. They are deployers of the AI applications they build on top. But: if the application is high-risk (for example CV screening on a fine-tuned GPT-4), full high-risk obligations apply. And Article 25 may trigger if the model is substantially modified.
Penalties and enforcement
The fine structure of the AI Act is three-tiered and exceeds the GDPR's maximum penalties in the top tier. Enforcement operates at two levels: EU-wide through the AI Office in Brussels, and nationally through each member state's market surveillance authority.
The SME cap and the still-full compliance burden
For SMEs and startups, the lower value applies — meaning a startup with €2 million turnover faces a maximum Tier 1 fine of €140,000 rather than €35 million. That reduces the absolute penalty, but not the operational burden: an SME must document a high-risk system as comprehensively as a large enterprise.
The dual-level enforcement architecture
The AI Office — housed in DG CONNECT of the European Commission, led by Lucilla Sioli and staffed by approximately 140 people across five operational units — has exclusive competence over GPAI model providers. It can request documentation, conduct model evaluations (including via API or source code access), require corrective measures up to and including recalls, and impose fines.
At the national level, each member state's market surveillance authority supervises all other AI systems (i.e., all non-GPAI provisions). They conduct inspections, request information, order corrective actions, and remove non-compliant systems from the market.
The governance structure also includes the European AI Board (27 member state representatives), the Advisory Forum (balanced stakeholder body), and the Scientific Panel of Independent Experts for systemic risks. Individuals have three rights: the right to complain to the market surveillance authority (Art. 85), the right to meaningful explanation of high-risk decisions (Art. 86), and whistleblower protection (Art. 87).
Current state (April 2026)
There have been no formal enforcement actions yet. The AI Office is pursuing a collaborative, staged approach in the initial period. Full GPAI enforcement powers begin on August 2, 2026. Spain's AESIA is the most developed national authority, having published sixteen guidance documents on core high-risk obligations in December 2025. Italy was the first member state to adopt a comprehensive national AI framework law, in September 2025.
| Tier | Violation | Maximum fine |
|---|---|---|
| Tier 1 | Prohibited AI practices (Art. 5) | €35 million or 7% of global annual turnover |
| Tier 2 | Other obligation violations (provider, transparency, deployer duties) | €15 million or 3% of global annual turnover |
| Tier 3 | Incorrect or misleading information to authorities | €7.5 million or 1% of global annual turnover |
10-step compliance roadmap
EU AI Act compliance is not a project with a start and end date — it is a continuous program. Organizations starting now have less than four months until the Phase 3 deadline. This roadmap synthesizes guidance from the EU AI Office, leading law firms, and consulting practice into a staged approach.
A note on ordering: steps are not randomly sequenced. No classification without inventory. No gap analysis without classification. No meaningful prioritization without gap analysis. Starting at step 5 produces documents that do not reflect reality.
- 1Build an AI system inventory. Catalogue every AI system in use, under development, or sourced from vendors — including embedded AI in SaaS tools like CRM systems, HR platforms, or code editors. For each system: purpose, provider, geographic deployment, and your own role (provider, deployer, importer, distributor). Result: a centralized AI registry as part of the quality management system under Article 17.
- 2Perform risk classification. Map each inventoried system against prohibited practices, Annex I, Annex III, and the transparency rules in Article 50. Document the classification rationale for every system, especially when relying on Article 6(3). Remember: profiling is always high-risk.
- 3Conduct gap analysis for high-risk systems. For each high-risk system, compare current practice against Articles 9–15 requirements. Assess documentation, logging, human oversight, bias monitoring, data governance, and vendor contract provisions. ISO/IEC 42001:2023 and the NIST AI Risk Management Framework are proven crosswalk benchmarks.
- 4Set up the governance structure. Establish a cross-functional AI governance committee with legal, compliance, engineering, risk management, and data protection. Designate an AI Risk Officer. Build the quality management system under Article 17: regulatory strategy, design processes, testing, data management, risk management, monitoring, incident reporting, accountability.
- 5Prepare technical documentation. For each high-risk system, prepare documentation per Annex IV: system description, design choices, architecture, data requirements, training methodology, human oversight assessment, anticipated changes, applied standards, post-market monitoring plan. Must be complete before market placement.
- 6Operationalize data governance. Document data lineage end-to-end, establish active bias monitoring, conduct data quality audits, and define policies for sourcing, cleaning, annotation, and validation. Ensure datasets are representative of the actual deployment context.
- 7Establish a risk management system. Continuous risk identification covering both intended use and foreseeable misuse, with defined risk appetite, regular reviews, and documented mitigation decisions.
- 8Operationalize human oversight and transparency. Design human-in-the-loop or human-on-the-loop mechanisms with clear escalation paths and override functions. Implement labeling, disclosures, and watermarking for transparency obligations.
- 9Post-market monitoring and incident reporting. Establish proportionate monitoring systems collecting performance data across the system's lifetime. Register the system in the EU database before market placement. Observe incident reporting timelines: 15 days generally, 2 days for widespread or critical infrastructure incidents, 10 days for incidents involving death.
- 10Ensure AI literacy. The Article 4 obligation has been in effect since February 2025. Develop tiered training programs for executives, developers, and operational staff. This is not a nice-to-have — it is already applicable law.
Common pitfalls in practice
In consulting practice, we see recurring patterns in EU AI Act projects. The following seven pitfalls arise not from negligence but from structural misreadings of the regulation. Knowing them allows systematic avoidance.
In consulting practice, Article 25 is the most underestimated trap: as soon as a pre-built AI system is substantially customized, full provider obligations apply — even if your organization never intended to be an AI developer.
- 1We are just deployers — ignoring Article 25. The most common misconception: organizations believe that buying pre-built AI systems exempts them from the provider role. But the moment the system is substantially modified — fine-tuning an LLM with proprietary data, integrating custom rules into a recruiting tool, changing the intended purpose — Article 25 kicks in and full provider obligations apply. This reclassification is the single largest source of underestimated compliance burden.
- 2ChatGPT and Copilot rollouts without risk assessment. Many organizations roll out generative AI broadly without checking whether specific use cases are high-risk. An HR team using Copilot to pre-screen applications is no longer in productivity tool mode — it is operating a high-risk system for candidate pre-selection under Annex III point 4. The Article 4 AI literacy obligation applies regardless.
- 3Treating AI literacy as a formality. The training obligation under Article 4 has been in effect since February 2025 and applies to every provider and deployer. Many organizations interpret this as a one-off e-learning. The regulation requires sufficient competence among staff — meaning role-specific training tied to the actual systems in use and their risk classification.
- 4Waiting for harmonized standards. Harmonized standards under CEN-CENELEC JTC 21 are delayed. Many compliance projects wait until the standards are clear. This is a mistake: internal self-assessment under Annex VI is available for most Annex III systems without harmonized standards. Waiting costs preparation time and risks unpreparedness on August 2, 2026.
- 5Equating GDPR compliance with AI Act compliance. GDPR and the AI Act overlap on personal data but regulate different things. The AI Act requires documentation of the entire development process, risk assessment for fundamental rights (not only data protection), and specific artifacts like the Fundamental Rights Impact Assessment. Saying we are GDPR-compliant, that covers it, underestimates the requirements.
- 6Overlooking output-based extraterritoriality. Companies outside the EU often assume they are not affected. But Article 2(1)(c) rules: as soon as the output of an AI system is used in the EU, the regulation applies — whether or not the company actively targets the EU market. A US SaaS provider with German customers is in scope. The Brussels Effect will strengthen over time.
- 7Delaying the Fundamental Rights Impact Assessment. The FRIA under Article 27 is mandatory for public bodies and deployers of certain high-risk systems. It is more than a data protection impact assessment: it requires analysis of fundamental rights impacts, affected groups, mitigation measures, and monitoring. Equating it with an existing DPIA produces insufficient documents.
The EU AI Act in global context
The EU AI Act stands alone internationally as the only comprehensive, horizontally applicable, legally binding AI regulation. Even globally operating organizations should understand how other jurisdictions shape the space — not least because the Brussels Effect may drive convergence over time.
The United States has no federal AI legislation. President Biden's Executive Order 14110 from October 2023 was rescinded by President Trump on January 20, 2025. The current line prioritizes deregulation and innovation promotion under EO 14179. A December 2025 executive order signals intent to preempt the growing patchwork of state AI laws. Individual states act independently: Colorado AI Act (effective February 2026), California AI Transparency Act (January 2026), Texas TRAIGA (September 2025). The NIST AI Risk Management Framework remains a voluntary tool without binding obligations.
China follows a technology-specific, vertically segmented approach. Rather than one comprehensive law, separate binding regulations exist for algorithm recommendations (March 2022), deep synthesis/deepfakes (January 2023), and generative AI services (August 2023 — making China the first country with binding GenAI rules). Content must align with core socialist values. Mandatory labeling requirements for AI-generated content took effect in September 2025.
The United Kingdom pursues a principles-based, sector-specific approach with no comprehensive AI legislation. Five cross-sector principles (safety, transparency, fairness, accountability, contestability) guide existing regulators. The AI Safety Institute was renamed AI Security Institute in February 2025. A comprehensive AI bill is expected in the second half of 2026 at the earliest.
The Brussels Effect in AI regulation
Even non-EU organizations will increasingly need to demonstrate compliance, as global regulation slowly converges toward the EU model. Brazil's Bill 2338/2023 closely follows the EU risk model. Singapore publishes Model AI Governance Frameworks that adopt core EU concepts.
For IT leaders and compliance officers, this means: early investment in EU AI Act conformity pays off as a competitive advantage beyond the EU as well. Whoever builds governance and documentation now saves double work for future regulatory regions.
| Dimension | EU | US | China | UK |
|---|---|---|---|---|
| Regulation type | Comprehensive binding law | No federal law, patchwork | Technology-specific rules | Principles-based, voluntary |
| Risk tiers | Four explicit tiers | None standardized | By technology type | Context-specific |
| Extraterritorial | Yes (output used in EU) | Limited | Limited | No |
| Max penalties | €35M / 7% turnover | Varies by agency/state | High (Cybersecurity Law) | Sector-specific |
| Main effective date | 2.8.2026 | — | 2022–2025 (staged) | Not planned |
Key Takeaways
- The EU AI Act has been in force since August 1, 2024 — the decisive phase with high-risk obligations and transparency rules takes effect on August 2, 2026, less than four months after this article's publication.
- The four risk tiers (unacceptable, high, limited, minimal) determine obligations. Profiling systems are always high-risk, regardless of the Article 6(3) exception.
- Article 25 automatically turns deployers into providers once they substantially modify a system or change its intended purpose — the most underestimated trap in the regulation.
- Penalties reach up to €35 million or 7% of global annual turnover — higher than under the GDPR. Extraterritorial reach also captures non-EU organizations.
- The AI literacy obligation (Art. 4) has been in effect since February 2025 — many organizations still fail to treat it with the necessary seriousness.
- For standalone high-risk systems, internal self-assessment under Annex VI is available — waiting for harmonized standards is not a strategy, it is a risk.
Related Assessment Templates
Continue Reading
COBIT vs. ITIL — Which Framework for IT Governance?
Read articleEU AI Act 2026 Update: What the Digital Omnibus Deferral Really Means
Read articleThree AI Breaches in Five Weeks — and Why It's Not a Security Problem
Read articleAI Readiness Assessment: How Organizations Measure Their AI Preparedness
Read articleFrequently Asked Questions
The AI literacy obligation (Art. 4) and prohibited practices (Art. 5) have applied since February 2, 2025. GPAI rules have applied since August 2, 2025. The key date is August 2, 2026: all obligations for Annex III high-risk systems, transparency rules, and deployer obligations apply from that date. For high-risk systems embedded in regulated products (Annex I), the deadline is August 2, 2027.
Most likely yes. Article 2(1)(c) covers providers and deployers outside the EU once the output of their AI system is used within the EU — even without intentional market targeting. If you have an EU customer or your service reaches EU users, conduct a case-by-case assessment. When in doubt: appoint an authorized representative under Article 22.
It depends on the use case. Generative AI tools as productivity aids (drafting emails, research) are typically minimal risk with no specific obligations. But once a use case falls into the high-risk space — automated pre-selection in recruiting, credit decisions, evaluation of employees — full high-risk obligations apply. The Art. 4 AI literacy obligation applies regardless, from now.
The FRIA under Article 27 is broader than a DPIA. It assesses impacts on all fundamental rights — dignity, non-discrimination, freedom, fairness, equal treatment — not just data protection. A DPIA can serve as a building block but is not sufficient. The FRIA is mandatory for public bodies and deployers of certain high-risk systems under Annex III.
Article 4 requires providers and deployers to ensure sufficient competence among staff working with AI systems. The concept is deliberately broad. In practice: role-specific training tied to the systems in use, their risk classification, and relevant compliance obligations. Document curricula, attendee lists, and knowledge checks. It is not a one-off e-learning but an ongoing program.
Potentially yes, but it is not plannable. The Commission's proposal from November 2025 would link application of high-risk rules to the availability of harmonized standards. The Council negotiated in March 2026, and the Parliament is still reviewing. Even if it passes, prohibitions and GPAI rules would still apply. Our recommendation: plan against August 2, 2026, not against a potential postponement.
Costs vary strongly with the AI portfolio. Industry studies for regulated financial services estimate average compliance costs at roughly €300,000 per organization. For mid-size organizations with few high-risk systems and solid IT governance, €50,000 to €150,000 for gap analysis, governance setup, documentation, and AI literacy is realistic. Timing is decisive: starting now spreads costs across four months. Waiting means express premiums or fines.