AI Act Obligations for Providers
A complete, article-by-article reference for AI Act providers — generated from the RuleMesh knowledge graph (CELEX 32024R1689). Covers all 134 obligation paragraphs sourced from the regulation, with relevant annexes and GDPR cross-references quoted verbatim.
This page is generated from the RuleMesh knowledge graph — every obligation, annex block, and cross-reference is pulled from the structured graph representation of CELEX 32024R1689, not recalled from memory.
Pending change — the Digital Omnibus on AI. An amendment approved in June 2026 is set to move stand-alone high-risk deadlines (Annex III) to 2 December 2027, while transparency, content-marking, and two new prohibitions still apply in 2026. The dates on this page remain the currently-binding Regulation 2024/1689 dates until the amendment is published in the Official Journal. Read the briefing.
Regulation (EU) 2024/1689 — CELEX 32024R1689
This page is generated from the RuleMesh knowledge graph — every obligation, annex block, and cross-reference below is pulled from the structured graph representation of the regulation, not recalled from memory.
Who is a provider?
A provider is any natural or legal person, public authority, agency, or other body that develops an AI system or general-purpose AI model, or has one developed on its behalf, and places it on the market or puts it into service under its own name or trademark, whether for payment or free of charge.
134 obligation paragraphs in the AI Act are addressed to the Provider role. Most obligations for high-risk AI systems apply from 2 August 2026; obligations for general-purpose AI model providers and the AI Act's governance bodies apply from 2 August 2025.
Jump to an article
- Article 2 - Scope
- Article 4 - AI literacy
- Article 5 - Prohibited AI practices
- Article 6 - Classification rules for high-risk AI systems
- Article 8 - Compliance with the requirements
- Article 9 - Risk management system
- Article 10 - Data and data governance
- Article 11 - Technical documentation
- Article 12 - Record-keeping
- Article 13 - Transparency and provision of information to deployers
- Article 14 - Human oversight
- Article 15 - Accuracy, robustness and cybersecurity
- Article 16 - Obligations of providers of high-risk AI systems
- Article 17 - Quality management system
- Article 18 - Documentation keeping
- Article 19 - Automatically generated logs
- Article 20 - Corrective actions and duty of information
- Article 21 - Cooperation with competent authorities
- Article 22 - Authorised representatives of providers of high-risk AI systems
- Article 25 - Responsibilities along the AI value chain
- Article 36 - Changes to notifications
- Article 41 - Common specifications
- Article 43 - Conformity assessment
- Article 44 - Certificates
- Article 46 - Derogation from conformity assessment procedure
- Article 47 - EU declaration of conformity
- Article 48 - CE marking
- Article 49 - Registration
- Article 50 - Transparency obligations for providers and deployers of certain AI systems
- Article 51 - Classification of general-purpose AI models as general-purpose AI models with systemic risk
- Article 52 - Procedure
- Article 53 - Obligations for providers of general-purpose AI models
- Article 54 - Authorised representatives of providers of general-purpose AI models
- Article 55 - Obligations of providers of general-purpose AI models with systemic risk
- Article 56 - Codes of practice
- Article 57 - AI regulatory sandboxes
- Article 59 - Further processing of personal data for developing certain AI systems in the public interest in the AI regulatory sandbox
- Article 60 - Testing of high-risk AI systems in real world conditions outside AI regulatory sandboxes
- Article 61 - Informed consent to participate in testing in real world conditions outside AI regulatory sandboxes
- Article 63 - Derogations for specific operators
- Article 72 - Post-market monitoring by providers and post-market monitoring plan for high-risk AI systems
- Article 73 - Reporting of serious incidents
- Article 74 - Market surveillance and control of AI systems in the Union market
- Article 80 - Procedure for dealing with AI systems classified by the provider as non-high-risk in application of Annex III
- Article 82 - Compliant AI systems which present a risk
- Bridge to product
- Frequently asked questions
Article 2 - Scope
Art. 2(1). This paragraph defines who is subject to the AI Act: providers placing AI systems or general-purpose AI models on the EU market, deployers established or located in the EU, and providers/deployers in third countries whose AI outputs are used in the EU.
chevron_rightSource text
Source text: “This Regulation applies to:”
In practice: Map your organisation's role (provider or deployer) and determine whether your AI systems or their outputs reach EU users. Even if your company is based outside the EU, if your AI system's output is used in the EU, you must comply. Conduct a territorial scope assessment as a first compliance step.
Art. 2(2). For high-risk AI systems related to products covered by specific Union harmonisation legislation (Annex I, Section B), only a limited set of AI Act articles apply, and Article 57 applies only where AI Act requirements have been integrated into that sectoral legislation.
chevron_rightSource text
Source text: “For AI systems classified as high-risk AI systems in accordance with Article 6(1) related to products covered by the Union harmonisation legislation listed in Section B of Annex I, only Article 6(1), Articles 102 to 109 and Article 112 apply. Article 57 applies only in so far as the requirements for high-risk AI systems under this Regulation have been integrated in that Union harmonisation legislation.”
In practice: If your AI system is a safety component of a product covered by Union harmonisation legislation listed in Annex I Section B (e.g., machinery, medical devices), identify which specific AI Act articles apply to your product and check whether the sectoral legislation has integrated AI Act requirements before applying Article 57.
Art. 2(8). (effective 1 August 2024) The AI Act does not apply to research, testing, or development activities on AI systems or models before they are placed on the market or put into service, but such activities must comply with applicable Union law. Testing in real-world conditions is explicitly not covered by this exclusion.
chevron_rightSource text
Source text: “This Regulation does not apply to any research, testing or development activity regarding AI systems or AI models prior to their being placed on the market or put into service. Such activities shall be conducted in accordance with applicable Union law. Testing in real world conditions shall not be covered by that exclusion.”
In practice: Organisations conducting pre-market AI research and development should ensure compliance with other applicable Union law (e.g., GDPR, product safety law) even if the AI Act does not yet apply. Once real-world testing begins, the AI Act's provisions on testing in real-world conditions apply and must be followed.
Article 4 - AI literacy
Art. 4. Providers and deployers of AI systems must take reasonable measures to ensure that their staff and other persons involved in operating or using AI systems on their behalf have a sufficient level of AI literacy, taking into account their technical background and the context of use. This obligation is proportionate to the individuals' existing knowledge and the specific AI systems involved.
chevron_rightSource text
Source text: “Providers and deployers of AI systems shall take measures to ensure, to their best extent, a sufficient level of AI literacy of their staff and other persons dealing with the operation and use of AI systems on their behalf, taking into account their technical knowledge, experience, education and training and the context the AI systems are to be used in, and considering the persons or groups of persons on whom the AI systems are to be used.”
In practice: Conduct an AI literacy gap analysis across all roles that interact with AI systems. Develop role-specific training programmes covering AI fundamentals, system-specific operation, ethical use, and risk awareness. Document training completion and periodically review literacy levels as AI systems evolve or new deployments occur.
Article 5 - Prohibited AI practices
Art. 5(8). (effective 2 February 2025) Article 5 does not override or replace other Union law prohibitions that may apply when an AI practice violates other EU legal frameworks; those prohibitions continue to apply independently and cumulatively.
chevron_rightSource text
Source text: “This Article shall not affect the prohibitions that apply where an AI practice infringes other Union law.”
In practice: Organisations should conduct a multi-framework compliance review for any AI practice, checking not only the AI Act's prohibited practices but also GDPR, non-discrimination law, consumer protection law, and competition law to ensure all applicable prohibitions are respected simultaneously.
Article 6 - Classification rules for high-risk AI systems
Art. 6(4). A provider who determines that their Annex III AI system is not high-risk must document that assessment before placing the system on the market or putting it into service, register the system in the EU database under Article 49(2), and provide the documentation to national competent authorities upon request.
chevron_rightSource text
Source text: “A provider who considers that an AI system referred to in Annex III is not high-risk shall document its assessment before that system is placed on the market or put into service. Such provider shall be subject to the registration obligation set out in Article 49(2). Upon request of national competent authorities, the provider shall provide the documentation of the assessment.”
In practice: Establish a pre-market documentation workflow that captures the non-high-risk assessment rationale, links it to the specific derogation condition relied upon, and triggers automatic registration in the EU database. Ensure the documentation is retrievable and can be provided to authorities on short notice.
Annex III — the eight high-risk categories (quoted verbatim from the graph)
An AI system is high-risk under Article 6(2) if it falls into one of the following Annex III use cases:
High-risk AI systems pursuant to Article 6(2) are the AI systems listed in any of the following areas:
1. Biometrics, in so far as their use is permitted under relevant Union or national law:
- (a) remote biometric identification systems. This shall not include AI systems intended to be used for biometric verification the sole purpose of which is to confirm that a specific natural person is the person he or she claims to be;
- (b) AI systems intended to be used for biometric categorisation, according to sensitive or protected attributes or characteristics based on the inference of those attributes or characteristics;
- (c) AI systems intended to be used for emotion recognition.
2. Critical infrastructure: AI systems intended to be used as safety components in the management and operation of critical digital infrastructure, road traffic, or in the supply of water, gas, heating or electricity.
3. Education and vocational training:
- (a) AI systems intended to be used to determine access or admission or to assign natural persons to educational and vocational training institutions at all levels;
- (b) AI systems intended to be used to evaluate learning outcomes, including when those outcomes are used to steer the learning process of natural persons in educational and vocational training institutions at all levels;
- (c) AI systems intended to be used for the purpose of assessing the appropriate level of education that an individual will receive or will be able to access, in the context of or within educational and vocational training institutions at all levels;
- (d) AI systems intended to be used for monitoring and detecting prohibited behaviour of students during tests in the context of or within educational and vocational training institutions at all levels.
4. Employment, workers’ management and access to self-employment:
- (a) AI systems intended to be used for the recruitment or selection of natural persons, in particular to place targeted job advertisements, to analyse and filter job applications, and to evaluate candidates;
- (b) AI systems intended to be used to make decisions affecting terms of work-related relationships, the promotion or termination of work-related contractual relationships, to allocate tasks based on individual behaviour or personal traits or characteristics or to monitor and evaluate the performance and behaviour of persons in such relationships.
5. Access to and enjoyment of essential private services and essential public services and benefits:
- (a) AI systems intended to be used by public authorities or on behalf of public authorities to evaluate the eligibility of natural persons for essential public assistance benefits and services, including healthcare services, as well as to grant, reduce, revoke, or reclaim such benefits and services;
- (b) AI systems intended to be used to evaluate the creditworthiness of natural persons or establish their credit score, with the exception of AI systems used for the purpose of detecting financial fraud;
- (c) AI systems intended to be used for risk assessment and pricing in relation to natural persons in the case of life and health insurance;
- (d) AI systems intended to evaluate and classify emergency calls by natural persons or to be used to dispatch, or to establish priority in the dispatching of, emergency first response services, including by police, firefighters and medical aid, as well as of emergency healthcare patient triage systems.
6. Law enforcement, in so far as their use is permitted under relevant Union or national law:
- (a) AI systems intended to be used by or on behalf of law enforcement authorities, or by Union institutions, bodies, offices or agencies in support of law enforcement authorities or on their behalf to assess the risk of a natural person becoming the victim of criminal offences;
- (b) AI systems intended to be used by or on behalf of law enforcement authorities or by Union institutions, bodies, offices or agencies in support of law enforcement authorities as polygraphs or similar tools;
- (c) AI systems intended to be used by or on behalf of law enforcement authorities, or by Union institutions, bodies, offices or agencies, in support of law enforcement authorities to evaluate the reliability of evidence in the course of the investigation or prosecution of criminal offences;
- (d) AI systems intended to be used by law enforcement authorities or on their behalf or by Union institutions, bodies, offices or agencies in support of law enforcement authorities for assessing the risk of a natural person offending or re-offending not solely on the basis of the profiling of natural persons as referred to in Article 3(4) of Directive (EU) 2016/680, or to assess personality traits and characteristics or past criminal behaviour of natural persons or groups;
- (e) AI systems intended to be used by or on behalf of law enforcement authorities or by Union institutions, bodies, offices or agencies in support of law enforcement authorities for the profiling of natural persons as referred to in Article 3(4) of Directive (EU) 2016/680 in the course of the detection, investigation or prosecution of criminal offences.
7. Migration, asylum and border control management, in so far as their use is permitted under relevant Union or national law:
- (a) AI systems intended to be used by or on behalf of competent public authorities or by Union institutions, bodies, offices or agencies as polygraphs or similar tools;
- (b) AI systems intended to be used by or on behalf of competent public authorities or by Union institutions, bodies, offices or agencies to assess a risk, including a security risk, a risk of irregular migration, or a health risk, posed by a natural person who intends to enter or who has entered into the territory of a Member State;
- (c) AI systems intended to be used by or on behalf of competent public authorities or by Union institutions, bodies, offices or agencies to assist competent public authorities for the examination of applications for asylum, visa or residence permits and for associated complaints with regard to the eligibility of the natural persons applying for a status, including related assessments of the reliability of evidence;
- (d) AI systems intended to be used by or on behalf of competent public authorities, or by Union institutions, bodies, offices or agencies, in the context of migration, asylum or border control management, for the purpose of detecting, recognising or identifying natural persons, with the exception of the verification of travel documents.
8. Administration of justice and democratic processes:
- (a) AI systems intended to be used by a judicial authority or on their behalf to assist a judicial authority in researching and interpreting facts and the law and in applying the law to a concrete set of facts, or to be used in a similar way in alternative dispute resolution;
- (b) AI systems intended to be used for influencing the outcome of an election or referendum or the voting behaviour of natural persons in the exercise of their vote in elections or referenda. This does not include AI systems to the output of which natural persons are not directly exposed, such as tools used to organise, optimise or structure political campaigns from an administrative or logistical point of view.
Article 8 - Compliance with the requirements
Art. 8(1). High-risk AI systems must comply with the requirements in this Section, taking into account their intended purpose and the current state of the art in AI. The risk management system under Article 9 must be considered when ensuring compliance with these requirements.
chevron_rightSource text
Source text: “High-risk AI systems shall comply with the requirements laid down in this Section, taking into account their intended purpose as well as the generally acknowledged state of the art on AI and AI-related technologies. The risk management system referred to in Article 9 shall be taken into account when ensuring compliance with those requirements.”
In practice: Providers should document how each requirement in Section 2 is addressed in light of the AI system's intended purpose, and ensure the Article 9 risk management system explicitly cross-references compliance decisions for each requirement.
Art. 8(2). Where a product contains a high-risk AI system subject to both this Regulation and Union harmonisation legislation listed in Annex I Section A, providers are responsible for full compliance with all applicable requirements. To reduce duplication and administrative burden, providers may integrate the necessary testing, reporting, and documentation for the AI system into existing documentation and procedures already required under that Union harmonisation legislation.
chevron_rightSource text
Source text: “Where a product contains an AI system, to which the requirements of this Regulation as well as requirements of the Union harmonisation legislation listed in Section A of Annex I apply, providers shall be responsible for ensuring that their product is fully compliant with all applicable requirements under applicable Union harmonisation legislation. In ensuring the compliance of high-risk AI systems referred to in paragraph 1 with the requirements set out in this Section, and in order to ensure consistency, avoid duplication and minimise additional burdens, providers shall have a choice of integrating, as appropriate, the necessary testing and reporting processes, information and documentation they provide with regard to their product into documentation and procedures that already exist and are required under the Union harmonisation legislation listed in Section A of Annex I.”
In practice: Providers should map existing conformity assessment documentation under applicable Union harmonisation legislation (e.g., Machinery Regulation, MDR) and identify where AI Act requirements can be integrated into those existing procedures, avoiding duplicate documentation while ensuring all AI Act requirements are explicitly addressed.
Article 9 - Risk management system
Art. 9(1). Providers of high-risk AI systems must establish, implement, document, and maintain a risk management system covering those systems throughout their lifecycle.
chevron_rightSource text
Source text: “A risk management system shall be established, implemented, documented and maintained in relation to high-risk AI systems.”
In practice: Create a formal risk management policy document specific to each high-risk AI system, assign ownership, and integrate it into your existing ISO 31000 or equivalent risk framework. Ensure the system is version-controlled and auditable.
Art. 9(2). The risk management system must be a continuous, iterative process running throughout the AI system's entire lifecycle, covering identification and analysis of known and foreseeable risks to health, safety, and fundamental rights, estimation of risks under intended use and foreseeable misuse, and evaluation of risks from post-market monitoring data.
chevron_rightSource text
Source text: “The risk management system shall be understood as a continuous iterative process planned and run throughout the entire lifecycle of a high-risk AI system, requiring regular systematic review and updating. It shall comprise the following steps:”
In practice: Implement a living risk register that is updated at each development milestone and after deployment events. Schedule regular review cycles (e.g., quarterly) and link post-market monitoring data feeds directly into the risk assessment process. Document each iteration with timestamps and responsible parties.
Art. 9(3). The risks addressed under Article 9 are limited to those that can reasonably be mitigated or eliminated through the design or development of the AI system, or through the provision of adequate technical information.
chevron_rightSource text
Source text: “The risks referred to in this Article shall concern only those which may be reasonably mitigated or eliminated through the development or design of the high-risk AI system, or the provision of adequate technical information.”
In practice: When documenting your risk management system, explicitly scope each identified risk and justify whether it is addressable through design, development, or technical documentation. Risks that are entirely external and unmitigable through these means need not be included, but this exclusion must be documented and justified.
Art. 9(4). Risk management measures must account for the combined effects and interactions of all applicable requirements in Section III, aiming to minimise risks effectively while achieving an appropriate balance in implementing those requirements.
chevron_rightSource text
Source text: “The risk management measures referred to in paragraph 2, point (d), shall give due consideration to the effects and possible interaction resulting from the combined application of the requirements set out in this Section, with a view to minimising risks more effectively while achieving an appropriate balance in implementing the measures to fulfil those requirements.”
In practice: When designing risk management measures, conduct a cross-requirement impact analysis to identify how measures for one requirement (e.g., accuracy) may interact with or affect another (e.g., transparency or human oversight). Document trade-offs and the rationale for the chosen balance.
Art. 9(5). Risk management measures must ensure that residual risks per hazard and overall residual risk are acceptable, prioritising risk elimination through design, then mitigation controls, and finally provision of information and training to deployers as required by Article 13.
chevron_rightSource text
Source text: “The risk management measures referred to in paragraph 2, point (d), shall be such that the relevant residual risk associated with each hazard, as well as the overall residual risk of the high-risk AI systems is judged to be acceptable. In identifying the most appropriate risk management measures, the following shall be ensured: With a view to eliminating or reducing risks related to the use of the high-risk AI system, due consideration shall be given to the technical knowledge, experience, education, the training to be expected by the deployer, and the presumable context in which the system is intended to be used.”
In practice: Apply a risk hierarchy: first attempt to eliminate or reduce risks through design (e.g., algorithmic safeguards, input validation); if not fully eliminable, implement technical and organisational controls; finally, document residual risks in the instructions for use per Article 13 and provide deployer training. Record the rationale for each decision in the risk register.
Art. 9(6). High-risk AI systems must be tested to identify the most appropriate risk management measures and to ensure they perform consistently for their intended purpose and comply with the requirements of this Section.
chevron_rightSource text
Source text: “High-risk AI systems shall be tested for the purpose of identifying the most appropriate and targeted risk management measures. Testing shall ensure that high-risk AI systems perform consistently for their intended purpose and that they are in compliance with the requirements set out in this Section.”
In practice: Establish a structured testing programme that maps test cases to specific risk management measures and documents how each test confirms compliance with Section requirements; maintain test records as part of the technical documentation.
Art. 9(8). High-risk AI systems must be tested at appropriate points throughout development and always before being placed on the market or put into service, using pre-defined metrics and probabilistic thresholds appropriate to the system's intended purpose.
chevron_rightSource text
Source text: “The testing of high-risk AI systems shall be performed, as appropriate, at any time throughout the development process, and, in any event, prior to their being placed on the market or put into service. Testing shall be carried out against prior defined metrics and probabilistic thresholds that are appropriate to the intended purpose of the high-risk AI system.”
In practice: Define and document test metrics and probabilistic thresholds before testing begins; ensure at minimum a final pre-market test is conducted and results are recorded in the technical documentation with clear pass/fail criteria linked to the intended purpose.
Art. 9(9). When implementing the risk management system, providers must consider whether the high-risk AI system is likely to adversely impact persons under 18 years of age and, where appropriate, other vulnerable groups.
chevron_rightSource text
Source text: “When implementing the risk management system as provided for in paragraphs 1 to 7, providers shall give consideration to whether in view of its intended purpose the high-risk AI system is likely to have an adverse impact on persons under the age of 18 and, as appropriate, other vulnerable groups.”
In practice: Include a dedicated section in the risk management documentation assessing potential impacts on minors and other vulnerable groups (e.g., elderly, persons with disabilities); consult child protection standards such as UNCRC General Comment No. 25 when relevant.
Article 10 - Data and data governance
Art. 10(1). High-risk AI systems that use model training techniques must be developed using training, validation, and testing datasets that meet specific quality criteria. These quality requirements apply whenever such datasets are used in the development process.
chevron_rightSource text
Source text: “High-risk AI systems which make use of techniques involving the training of AI models with data shall be developed on the basis of training, validation and testing data sets that meet the quality criteria referred to in paragraphs 2 to 5 whenever such data sets are used.”
In practice: Establish a data quality checklist aligned with Article 10 paragraphs 2–5 before initiating any model training. Document dataset provenance, quality assessments, and governance practices as part of your technical documentation.
Art. 10(2). Training, validation, and testing datasets must be subject to appropriate data governance and management practices suited to the intended purpose of the high-risk AI system, covering design choices, data collection origins, and data preparation operations such as annotation, labelling, and cleaning.
chevron_rightSource text
Source text: “Training, validation and testing data sets shall be subject to data governance and management practices appropriate for the intended purpose of the high-risk AI system. Those practices shall concern in particular:”
In practice: Implement a data governance framework that documents the origin of all datasets, the original purpose of personal data collection, and all preprocessing steps (annotation, labelling, cleaning, enrichment). Maintain this documentation as part of the technical file.
Art. 10(3). Training, validation, and testing datasets must be relevant, sufficiently representative, and as free of errors and complete as possible for the intended purpose, with appropriate statistical properties including representation of relevant persons or groups. These characteristics can be met at the level of individual datasets or combinations thereof.
chevron_rightSource text
Source text: “Training, validation and testing data sets shall be relevant, sufficiently representative, and to the best extent possible, free of errors and complete in view of the intended purpose. They shall have the appropriate statistical properties, including, where applicable, as regards the persons or groups of persons in relation to whom the high-risk AI system is intended to be used. Those characteristics of the data sets may be met at the level of individual data sets or at the level of a combination thereof.”
In practice: Conduct statistical analysis of your datasets to verify representativeness across relevant demographic groups. Document any known limitations and implement bias detection measures. Consider combining multiple datasets if a single dataset cannot meet all quality criteria.
Art. 10(4). Datasets must take into account, to the extent required by the intended purpose, the specific geographical, contextual, behavioural, or functional characteristics of the setting in which the high-risk AI system will be used.
chevron_rightSource text
Source text: “Data sets shall take into account, to the extent required by the intended purpose, the characteristics or elements that are particular to the specific geographical, contextual, behavioural or functional setting within which the high-risk AI system is intended to be used.”
In practice: When preparing datasets, map the deployment context of the AI system (e.g., specific country, user behaviour patterns, operational environment) and ensure the dataset reflects those characteristics. Document this contextual alignment in the technical documentation.
Art. 10(5). Providers of high-risk AI systems may exceptionally process special categories of personal data strictly for bias detection and correction, provided specific conditions are met including that bias cannot be addressed with other data, that technical limitations on re-use and state-of-the-art security measures are applied, and that strict access controls and documentation are in place.
chevron_rightSource text
Source text: “To the extent that it is strictly necessary for the purpose of ensuring bias detection and correction in relation to the high-risk AI systems in accordance with paragraph (2), points (f) and (g) of this Article, the providers of such systems may exceptionally process special categories of personal data, subject to appropriate safeguards for the fundamental rights and freedoms of natural persons. In addition to the provisions set out in Regulations (EU) 2016/679 and (EU) 2018/1725 and Directive (EU) 2016/680, all the following conditions must be met in order for such processing to occur:”
In practice: Before processing special categories of personal data for bias detection, document why synthetic or anonymised data is insufficient, implement pseudonymisation and encryption, establish strict access controls with audit logs, and ensure compliance with GDPR Article 9 and applicable national law in addition to these AI Act conditions.
Art. 10(6). For high-risk AI systems that do not use model training techniques, the data governance requirements of Article 10 (paragraphs 2–5) apply only to the testing datasets, not to training or validation datasets. This narrows the scope of data quality obligations for rule-based or non-ML AI systems.
chevron_rightSource text
Source text: “For the development of high-risk AI systems not using techniques involving the training of AI models, paragraphs 2 to 5 apply only to the testing data sets.”
In practice: If your high-risk AI system uses rule-based logic, expert systems, or other non-training approaches rather than machine learning, you only need to apply Article 10's data governance requirements (relevance, representativeness, error-free, completeness) to your testing datasets. Document clearly that your system does not use training techniques to justify this scoped application.
GDPR cross-reference — AI Act Art. 10 ↔ GDPR Art. 9
Art. 10(5) lets providers exceptionally process special categories of personal data for bias detection, but only “in addition to the provisions set out in Regulation (EU) 2016/679”. That is GDPR Article 9:
chevron_rightGDPR source text
GDPR Art. 9(1): “Processing of personal data revealing racial or ethnic origin, political opinions, religious or philosophical beliefs, or trade union membership, and the processing of genetic data, biometric data for the purpose of uniquely identifying a natural person, data concerning health or data concerning a natural person's sex life or sexual orientation shall be prohibited.”
GDPR Art. 9(2): “Paragraph 1 shall not apply if one of the following applies:”
GDPR Art. 9(3): “Personal data referred to in paragraph 1 may be processed for the purposes referred to in point (h) of paragraph 2 when those data are processed by or under the responsibility of a professional subject to the obligation of professional secrecy under Union or Member State law or rules established by national competent bodies or by another person also subject to an obligation of secrecy under Union or Member State law or rules established by national competent bodies.”
GDPR Art. 9(4): “Member States may maintain or introduce further conditions, including limitations, with regard to the processing of genetic data, biometric data or data concerning health.”
Bridge: GDPR Article 9 is implemented as a control module in RuleMesh — the same control you would evidence here. Explore GDPR control modules →
Article 11 - Technical documentation
Art. 11(1). Providers of high-risk AI systems must prepare and maintain technical documentation before placing the system on the market or putting it into service, demonstrating compliance with Section requirements and enabling assessment by competent authorities and notified bodies. SMEs and start-ups may use a simplified Commission-established form for this documentation, which notified bodies must accept for conformity assessment purposes.
chevron_rightSource text
Source text: “The technical documentation of a high-risk AI system shall be drawn up before that system is placed on the market or put into service and shall be kept up-to date. The technical documentation shall be drawn up in such a way as to demonstrate that the high-risk AI system complies with the requirements set out in this Section and to provide national competent authorities and notified bodies with the necessary information in a clear and comprehensive form to assess the compliance of the AI system with those requirements. It shall contain, at a minimum, the elements set out in Annex IV. SMEs, including start-ups, may provide the elements of the technical documentation specified in Annex IV in a simplified manner. To that end, the Commission shall establish a simplified technical documentation form targeted at the needs of small and microenterprises. Where an SME, including a start-up, opts to provide the information required in Annex IV in a simplified manner, it shall use the form referred to in this paragraph. Notified bodies shall accept the form for the purposes of the conformity assessment.”
In practice: Establish a documentation management process that maps each Annex IV element to your AI system's design artefacts; if you are an SME, monitor the Commission's publication of the simplified form and adopt it as your standard template to reduce administrative burden while remaining audit-ready.
Art. 11(2). Where a high-risk AI system is part of a product covered by Union harmonisation legislation listed in Annex I Section A, a single unified technical documentation set must be prepared that satisfies both the AI Act requirements and those of the relevant sectoral legislation. This avoids duplication and ensures a coherent compliance record.
chevron_rightSource text
Source text: “Where a high-risk AI system related to a product covered by the Union harmonisation legislation listed in Section A of Annex I is placed on the market or put into service, a single set of technical documentation shall be drawn up containing all the information set out in paragraph 1, as well as the information required under those legal acts.”
In practice: Conduct a gap analysis between Annex IV of the AI Act and the technical documentation requirements of the applicable sectoral legislation (e.g., Machinery Regulation, MDR) and produce a single integrated document that cross-references both sets of requirements, clearly indicating where each obligation is addressed.
Annex IV — technical documentation (quoted verbatim from the graph)
Technical documentation for a high-risk AI system must contain at minimum:
The technical documentation referred to in Article 11(1) shall contain at least the following information, as applicable to the relevant AI system:
1. A general description of the AI system including:
- (a) its intended purpose, the name of the provider and the version of the system reflecting its relation to previous versions;
- (b) how the AI system interacts with, or can be used to interact with, hardware or software, including with other AI systems, that are not part of the AI system itself, where applicable;
- (c) the versions of relevant software or firmware, and any requirements related to version updates;
- (d) the description of all the forms in which the AI system is placed on the market or put into service, such as software packages embedded into hardware, downloads, or APIs;
- (e) the description of the hardware on which the AI system is intended to run;
- (f) where the AI system is a component of products, photographs or illustrations showing external features, the marking and internal layout of those products;
- (g) a basic description of the user-interface provided to the deployer;
- (h) instructions for use for the deployer, and a basic description of the user-interface provided to the deployer, where applicable;
2. A detailed description of the elements of the AI system and of the process for its development, including:
- (a) the methods and steps performed for the development of the AI system, including, where relevant, recourse to pre-trained systems or tools provided by third parties and how those were used, integrated or modified by the provider;
- (b) the design specifications of the system, namely the general logic of the AI system and of the algorithms; the key design choices including the rationale and assumptions made, including with regard to persons or groups of persons in respect of who, the system is intended to be used; the main classification choices; what the system is designed to optimise for, and the relevance of the different parameters; the description of the expected output and output quality of the system; the decisions about any possible trade-off made regarding the technical solutions adopted to comply with the requirements set out in Chapter III, Section 2;
- (c) the description of the system architecture explaining how software components build on or feed into each other and integrate into the overall processing; the computational resources used to develop, train, test and validate the AI system;
- (d) where relevant, the data requirements in terms of datasheets describing the training methodologies and techniques and the training data sets used, including a general description of these data sets, information about their provenance, scope and main characteristics; how the data was obtained and selected; labelling procedures (e.g. for supervised learning), data cleaning methodologies (e.g. outliers detection);
- (e) assessment of the human oversight measures needed in accordance with Article 14, including an assessment of the technical measures needed to facilitate the interpretation of the outputs of AI systems by the deployers, in accordance with Article 13(3), point (d);
- (f) where applicable, a detailed description of pre-determined changes to the AI system and its performance, together with all the relevant information related to the technical solutions adopted to ensure continuous compliance of the AI system with the relevant requirements set out in Chapter III, Section 2;
- (g) the validation and testing procedures used, including information about the validation and testing data used and their main characteristics; metrics used to measure accuracy, robustness and compliance with other relevant requirements set out in Chapter III, Section 2, as well as potentially discriminatory impacts; test logs and all test reports dated and signed by the responsible persons, including with regard to pre-determined changes as referred to under point (f);
- (h) cybersecurity measures put in place;
3. Detailed information about the monitoring, functioning and control of the AI system, in particular with regard to: its capabilities and limitations in performance, including the degrees of accuracy for specific persons or groups of persons on which the system is intended to be used and the overall expected level of accuracy in relation to its intended purpose; the foreseeable unintended outcomes and sources of risks to health and safety, fundamental rights and discrimination in view of the intended purpose of the AI system; the human oversight measures needed in accordance with Article 14, including the technical measures put in place to facilitate the interpretation of the outputs of AI systems by the deployers; specifications on input data, as appropriate;
4. A description of the appropriateness of the performance metrics for the specific AI system;
5. A detailed description of the risk management system in accordance with Article 9;
6. A description of relevant changes made by the provider to the system through its lifecycle;
7. A list of the harmonised standards applied in full or in part the references of which have been published in the Official Journal of the European Union; where no such harmonised standards have been applied, a detailed description of the solutions adopted to meet the requirements set out in Chapter III, Section 2, including a list of other relevant standards and technical specifications applied;
8. A copy of the EU declaration of conformity referred to in Article 47;
9. A detailed description of the system in place to evaluate the AI system performance in the post-market phase in accordance with Article 72, including the post-market monitoring plan referred to in Article 72(3).
Article 12 - Record-keeping
Art. 12(1). High-risk AI systems must be technically capable of automatically recording events (logs) throughout their entire operational lifetime. This is a mandatory technical design requirement for all high-risk AI systems.
chevron_rightSource text
Source text: “High-risk AI systems shall technically allow for the automatic recording of events (logs) over the lifetime of the system.”
In practice: Ensure that your high-risk AI system's architecture includes built-in logging infrastructure from the design phase. Use structured log formats (e.g., JSON) and ensure logs are tamper-resistant and stored securely for the system's full operational lifetime.
Art. 12(2). Logging capabilities in high-risk AI systems must be sufficient to trace the system's functioning, identify risk situations, support post-market monitoring, and enable oversight of the system's operation. The level of traceability must be appropriate to the system's intended purpose.
chevron_rightSource text
Source text: “In order to ensure a level of traceability of the functioning of a high-risk AI system that is appropriate to the intended purpose of the system, logging capabilities shall enable the recording of events relevant for:”
In practice: Design logging to capture events relevant to risk triggers (per Article 79(1)), post-market monitoring events (per Article 72), and deployer oversight events (per Article 26(5)). Map each log category to its regulatory purpose and document this mapping in your technical documentation.
Art. 12(3). For high-risk AI systems used for remote biometric identification (Annex III, point 1(a)), logging must at minimum record the start and end time of each use, the reference database used for matching, and the input data that resulted in a match. These are minimum mandatory logging requirements for this specific category.
chevron_rightSource text
Source text: “For high-risk AI systems referred to in point 1 (a), of Annex III, the logging capabilities shall provide, at a minimum:”
In practice: For biometric identification AI systems, implement structured logs that automatically capture: (1) session start/end timestamps, (2) the identifier or version of the reference database queried, and (3) the input data (or a reference/hash thereof) that produced a positive match. Ensure these logs are retained securely and are accessible for audit purposes.
Article 13 - Transparency and provision of information to deployers
Art. 13(1). High-risk AI systems must be designed with sufficient transparency so that deployers can understand and correctly interpret the system's outputs. The level of transparency must be appropriate to enable both providers and deployers to meet their obligations under Section 3 of the AI Act.
chevron_rightSource text
Source text: “High-risk AI systems shall be designed and developed in such a way as to ensure that their operation is sufficiently transparent to enable deployers to interpret a system’s output and use it appropriately. An appropriate type and degree of transparency shall be ensured with a view to achieving compliance with the relevant obligations of the provider and deployer set out in Section 3.”
In practice: Implement explainability mechanisms (e.g., confidence scores, decision rationale outputs) and document how outputs should be interpreted. Conduct user testing with deployers to verify that transparency features are adequate for their operational context.
Art. 13(2). High-risk AI systems must be accompanied by instructions for use in an appropriate digital format (or otherwise) that are concise, complete, correct, clear, relevant, accessible, and comprehensible to deployers. These instructions are a mandatory accompaniment to the system.
chevron_rightSource text
Source text: “High-risk AI systems shall be accompanied by instructions for use in an appropriate digital format or otherwise that include concise, complete, correct and clear information that is relevant, accessible and comprehensible to deployers.”
In practice: Prepare structured instructions for use in machine-readable digital formats (e.g., PDF, HTML) that are version-controlled and updated with each system change. Validate comprehensibility with representative deployer groups before market placement.
Art. 13(3). The instructions for use must contain at minimum: the provider's identity and contact details (and those of any authorised representative), and the characteristics, capabilities and performance limitations of the high-risk AI system, including any pre-determined changes assessed at initial conformity assessment. This sets a minimum content standard for the mandatory documentation.
chevron_rightSource text
Source text: “The instructions for use shall contain at least the following information:”
In practice: Create a standardised template for instructions for use that includes a dedicated section for provider/authorised representative contact details and a structured description of system capabilities, known limitations, and any pre-approved performance changes. Ensure this is updated whenever a new conformity assessment is performed.
Article 14 - Human oversight
Art. 14(1). High-risk AI systems must be designed and developed with appropriate human-machine interface tools so that natural persons can effectively oversee them during use. This is a fundamental design requirement for all high-risk AI systems.
chevron_rightSource text
Source text: “High-risk AI systems shall be designed and developed in such a way, including with appropriate human-machine interface tools, that they can be effectively overseen by natural persons during the period in which they are in use.”
In practice: Ensure that your high-risk AI system's UI/UX design includes dashboards, alerts, and controls that allow human operators to monitor, intervene, and override AI decisions in real time. Document these interface features in your technical documentation.
Art. 14(2). Human oversight of high-risk AI systems must aim to prevent or minimise risks to health, safety, or fundamental rights that may arise from intended use or reasonably foreseeable misuse, especially where other requirements do not fully address those risks.
chevron_rightSource text
Source text: “Human oversight shall aim to prevent or minimise the risks to health, safety or fundamental rights that may emerge when a high-risk AI system is used in accordance with its intended purpose or under conditions of reasonably foreseeable misuse, in particular where such risks persist despite the application of other requirements set out in this Section.”
In practice: Conduct a risk assessment that explicitly identifies scenarios of foreseeable misuse and residual risks not covered by technical safeguards, and design oversight measures specifically targeting those gaps.
Art. 14(3). Oversight measures for high-risk AI systems must be proportionate to the risks, autonomy level, and context of use, and must be implemented either as built-in technical measures by the provider or as measures identified by the provider for the deployer to implement.
chevron_rightSource text
Source text: “The oversight measures shall be commensurate with the risks, level of autonomy and context of use of the high-risk AI system, and shall be ensured through either one or both of the following types of measures:”
In practice: Classify your AI system's autonomy level and context of use, then document whether oversight measures are built into the system or delegated to the deployer, ensuring both types are clearly specified in the instructions for use.
Art. 14(4). High-risk AI systems must be provided to deployers in a way that enables the persons responsible for oversight to understand the system's capabilities and limitations, detect anomalies, be aware of automation bias, and correctly interpret the system's outputs.
chevron_rightSource text
Source text: “For the purpose of implementing paragraphs 1, 2 and 3, the high-risk AI system shall be provided to the deployer in such a way that natural persons to whom human oversight is assigned are enabled, as appropriate and proportionate:”
In practice: Include in the instructions for use explicit sections on system limitations, known failure modes, automation bias risks, and guidance on interpreting outputs, including any available interpretation tools or methods.
Article 15 - Accuracy, robustness and cybersecurity
Art. 15(1). High-risk AI systems must be designed and developed to achieve appropriate levels of accuracy, robustness, and cybersecurity, and must maintain these properties consistently throughout their entire lifecycle.
chevron_rightSource text
Source text: “High-risk AI systems shall be designed and developed in such a way that they achieve an appropriate level of accuracy, robustness, and cybersecurity, and that they perform consistently in those respects throughout their lifecycle.”
In practice: Establish a lifecycle management plan that includes regular accuracy benchmarking, robustness testing, and cybersecurity assessments at each stage from design through decommissioning. Document baseline performance metrics and track deviations over time.
Art. 15(3). Providers of high-risk AI systems must declare the levels of accuracy and the relevant accuracy metrics in the instructions of use that accompany the system.
chevron_rightSource text
Source text: “The levels of accuracy and the relevant accuracy metrics of high-risk AI systems shall be declared in the accompanying instructions of use.”
In practice: Include a dedicated section in the instructions of use that clearly states the accuracy levels achieved during testing and the specific metrics used (e.g., precision, recall, F1-score), tailored to the intended use case and target deployer audience.
Art. 15(4). High-risk AI systems must be as resilient as possible against errors, faults, and inconsistencies, including through technical redundancy and fail-safe plans; systems that continue to learn after deployment must also address feedback loops that could introduce or amplify bias.
chevron_rightSource text
Source text: “High-risk AI systems shall be as resilient as possible regarding errors, faults or inconsistencies that may occur within the system or the environment in which the system operates, in particular due to their interaction with natural persons or other systems. Technical and organisational measures shall be taken in this regard. The robustness of high-risk AI systems may be achieved through technical redundancy solutions, which may include backup or fail-safe plans. High-risk AI systems that continue to learn after being placed on the market or put into service shall be developed in such a way as to eliminate or reduce as far as possible the risk of possibly biased outputs influencing input for future operations (feedback loops), and as to ensure that any such feedback loops are duly addressed with appropriate mitigation measures.”
In practice: Implement fail-safe mechanisms and backup plans for high-risk AI systems, and for systems with post-deployment learning, establish monitoring pipelines to detect and mitigate feedback loops that could skew future outputs. Document all technical and organisational robustness measures taken.
Art. 15(5). High-risk AI systems must be resilient against unauthorised third-party attempts to alter their use, outputs, or performance by exploiting vulnerabilities, including AI-specific attacks such as data poisoning, model poisoning, adversarial examples, model evasion, and confidentiality attacks.
chevron_rightSource text
Source text: “High-risk AI systems shall be resilient against attempts by unauthorised third parties to alter their use, outputs or performance by exploiting system vulnerabilities. The technical solutions aiming to ensure the cybersecurity of high-risk AI systems shall be appropriate to the relevant circumstances and the risks. The technical solutions to address AI specific vulnerabilities shall include, where appropriate, measures to prevent, detect, respond to, resolve and control for attacks trying to manipulate the training data set (data poisoning), or pre-trained components used in training (model poisoning), inputs designed to cause the AI model to make a mistake (adversarial examples or model evasion), confidentiality attacks or model flaws.”
In practice: Implement AI-specific security controls including adversarial robustness testing, training data integrity verification, and model monitoring for anomalous behaviour. Develop and maintain an AI threat model that covers data poisoning, adversarial examples, and model evasion scenarios, and integrate these into the overall cybersecurity risk management framework.
Article 16 - Obligations of providers of high-risk AI systems
Art. 16(a). Providers of high-risk AI systems must ensure their systems comply with all mandatory technical and governance requirements set out in Section 2 of the AI Act. This is the overarching compliance obligation for providers placing high-risk AI systems on the market or putting them into service.
chevron_rightSource text
Source text: “ensure that their high-risk AI systems are compliant with the requirements set out in Section 2;”
In practice: Establish an internal compliance checklist mapped to each requirement in Section 2 (risk management, data governance, transparency, human oversight, accuracy, cybersecurity) and conduct regular internal audits to verify ongoing conformity before and after market placement.
Art. 16(b). Providers must display their name, registered trade name or trademark, and contact address on the high-risk AI system itself, or if not possible, on its packaging or accompanying documentation. This ensures traceability and accountability of the provider in the market.
chevron_rightSource text
Source text: “indicate on the high-risk AI system or, where that is not possible, on its packaging or its accompanying documentation, as applicable, their name, registered trade name or registered trade mark, the address at which they can be contacted;”
In practice: Ensure that provider identification information (legal name, trade name/trademark, and a valid contact address) is affixed directly to the AI system interface, hardware, or clearly stated in the product documentation or packaging before market release.
Art. 16(c). Providers of high-risk AI systems must have a quality management system (QMS) in place that complies with the requirements set out in Article 17 of the AI Act. This ensures systematic governance of the AI system's development, deployment, and monitoring processes.
chevron_rightSource text
Source text: “have a quality management system in place which complies with Article 17;”
In practice: Implement or adapt an existing ISO 9001-compliant QMS to incorporate AI-specific elements required by Article 17, including risk management procedures, data governance, post-market monitoring, and documentation practices. Microenterprises may use a simplified QMS as permitted under the Act.
Art. 16(d). Providers of high-risk AI systems must keep the technical documentation referred to in Article 18 of the AI Act. This documentation is essential for demonstrating compliance and enabling post-market monitoring and regulatory oversight.
chevron_rightSource text
Source text: “keep the documentation referred to in Article 18;”
In practice: Maintain up-to-date technical documentation as specified in Article 18 and Annex IV of the AI Act, including system descriptions, design specifications, risk management records, training data information, and conformity assessment results. Store documentation securely and make it available to competent authorities upon request.
Art. 16(e). When high-risk AI systems are under the provider's control, providers must keep the logs automatically generated by those systems as specified in Article 19. This obligation applies only when the provider has control over the system, ensuring traceability and accountability during that period.
chevron_rightSource text
Source text: “when under their control, keep the logs automatically generated by their high-risk AI systems as referred to in Article 19;”
In practice: Implement automated log retention mechanisms for high-risk AI systems under your control, ensuring logs are stored securely, tamper-proof, and accessible for the retention period specified in Article 19. Define clear procedures for when control transfers to a deployer, at which point the log-keeping obligation shifts accordingly.
Art. 16(f). Providers of high-risk AI systems must ensure the system undergoes the applicable conformity assessment procedure under Article 43 before it is placed on the market or put into service. This is a mandatory pre-market compliance gate.
chevron_rightSource text
Source text: “ensure that the high-risk AI system undergoes the relevant conformity assessment procedure as referred to in Article 43, prior to its being placed on the market or put into service;”
In practice: Establish a pre-launch checklist that maps each high-risk AI system to the correct conformity assessment pathway under Article 43 (internal control or third-party notified body). Document completion of the assessment before any commercial release or deployment.
Art. 16(g). Providers of high-risk AI systems must draw up an EU declaration of conformity in accordance with Article 47, formally attesting that the system meets all applicable requirements of the AI Act. This is a mandatory documentation obligation.
chevron_rightSource text
Source text: “draw up an EU declaration of conformity in accordance with Article 47;”
In practice: Prepare and maintain an EU declaration of conformity template aligned with Article 47 requirements. Ensure it is signed by an authorised representative and updated whenever the system undergoes a substantial modification triggering a new conformity assessment.
Art. 16(h). Providers must affix the CE marking to the high-risk AI system, or where not possible on its packaging or accompanying documentation, to indicate conformity with the AI Act in accordance with Article 48. This signals regulatory compliance for free movement in the internal market.
chevron_rightSource text
Source text: “affix the CE marking to the high-risk AI system or, where that is not possible, on its packaging or its accompanying documentation, to indicate conformity with this Regulation, in accordance with Article 48;”
In practice: Determine whether the CE marking can be physically affixed to the AI system or product. If the system is purely digital, use a digital CE marking on accompanying documentation. Ensure the marking is visible, legible, and indelible as required by Article 48.
Art. 16(i). Providers of high-risk AI systems must comply with the registration obligations set out in Article 49(1), which requires registering the system in the EU database before placing it on the market or putting it into service. This ensures public transparency and regulatory oversight.
chevron_rightSource text
Source text: “comply with the registration obligations referred to in Article 49(1);”
In practice: Register the high-risk AI system in the EU database established under Article 71 before market placement. Ensure all mandatory fields are completed accurately and that any substantial modification is also registered. Assign a responsible person to maintain registration records.
Art. 16(j). Providers of high-risk AI systems must take necessary corrective actions and provide information as required by Article 20 when issues arise, including serious incidents or non-conformities identified after the system has been placed on the market or put into service.
chevron_rightSource text
Source text: “take the necessary corrective actions and provide information as required in Article 20;”
In practice: Establish a post-market monitoring and incident response procedure that triggers corrective action workflows when serious incidents or non-conformities are detected. Ensure clear escalation paths and documentation of all corrective measures taken and information provided to authorities.
Art. 16(k). Providers of high-risk AI systems must be able to demonstrate, upon a reasoned request from a national competent authority, that their system complies with all mandatory requirements set out in Section 2 of the AI Act. This obligation ensures that regulators can verify compliance at any time.
chevron_rightSource text
Source text: “upon a reasoned request of a national competent authority, demonstrate the conformity of the high-risk AI system with the requirements set out in Section 2;”
In practice: Maintain a readily accessible compliance dossier including technical documentation, risk management records, conformity assessment results, and test data so that you can respond promptly to any authority request without delay.
Art. 16(l). Providers of high-risk AI systems must ensure that their systems comply with applicable accessibility requirements as laid down in Directives (EU) 2016/2102 (web accessibility) and (EU) 2019/882 (European Accessibility Act). This obligation requires accessibility to be integrated into the design of the AI system from the outset.
chevron_rightSource text
Source text: “ensure that the high-risk AI system complies with accessibility requirements in accordance with Directives (EU) 2016/2102 and (EU) 2019/882.”
In practice: Conduct an accessibility audit of the high-risk AI system's interfaces and outputs against the requirements of Directives 2016/2102 and 2019/882 during the design phase, and document how universal design principles have been embedded, including support for assistive technologies and accessible formats.
Article 17 - Quality management system
Art. 17(1). Providers of high-risk AI systems must establish and document a quality management system covering regulatory compliance strategy, design control, and quality assurance procedures. The system must be recorded in written policies, procedures, and instructions.
chevron_rightSource text
Source text: “Providers of high-risk AI systems shall put a quality management system in place that ensures compliance with this Regulation. That system shall be documented in a systematic and orderly manner in the form of written policies, procedures and instructions, and shall include at least the following aspects:”
In practice: Create a formal QMS document that maps each required aspect (compliance strategy, design control, quality assurance) to specific internal policies and procedures. Use ISO 9001 or sector-specific standards as a baseline and supplement with AI-specific controls.
Art. 17(2). The implementation of the quality management system must be proportionate to the size of the provider's organisation, but must always meet the level of rigour and protection required for compliance with the AI Act. Smaller organisations may scale their QMS accordingly, but cannot reduce the required protection level.
chevron_rightSource text
Source text: “The implementation of the aspects referred to in paragraph 1 shall be proportionate to the size of the provider’s organisation. Providers shall, in any event, respect the degree of rigour and the level of protection required to ensure the compliance of their high-risk AI systems with this Regulation.”
In practice: Microenterprises and SMEs may implement a simplified QMS, but must document that all mandatory protection requirements are still met. Consider using the Commission's simplified QMS guidelines for microenterprises when available.
Art. 17(4). Financial institutions subject to internal governance requirements under EU financial services law are deemed to fulfil the QMS obligation (except for specific points g, h, and i of Article 17(1)) by complying with those governance rules. Harmonised standards under Article 40 must also be taken into account.
chevron_rightSource text
Source text: “For providers that are financial institutions subject to requirements regarding their internal governance, arrangements or processes under Union financial services law, the obligation to put in place a quality management system, with the exception of paragraph 1, points (g), (h) and (i) of this Article, shall be deemed to be fulfilled by complying with the rules on internal governance arrangements or processes pursuant to the relevant Union financial services law. To that end, any harmonised standards referred to in Article 40 shall be taken into account.”
In practice: Financial institutions (banks, insurers, etc.) should document how their existing internal governance frameworks under EU financial services law (e.g., CRD IV, Solvency II) satisfy the AI Act QMS requirements, and separately ensure compliance with Article 17(1)(g), (h), and (i) which are not covered by this equivalence.
Article 18 - Documentation keeping
Art. 18(1). Providers of high-risk AI systems must keep technical documentation, quality management system records, and notified body-approved change documentation available to national competent authorities for 10 years after the system is placed on the market or put into service.
chevron_rightSource text
Source text: “The provider shall, for a period ending 10 years after the high-risk AI system has been placed on the market or put into service, keep at the disposal of the national competent authorities:”
In practice: Establish a document retention policy specifically for high-risk AI systems that ensures all technical documentation (per Article 11), QMS records (per Article 17), and notified body approvals are stored securely and retrievable for at least 10 years from market placement date. Use a document management system with automated retention schedules.
Article 19 - Automatically generated logs
Art. 19(1). Providers of high-risk AI systems must retain automatically generated logs for at least six months, or longer if required by the system's intended purpose, unless Union or national law (especially data protection law) specifies otherwise. This obligation applies only to logs that are under the provider's control.
chevron_rightSource text
Source text: “Providers of high-risk AI systems shall keep the logs referred to in Article 12(1), automatically generated by their high-risk AI systems, to the extent such logs are under their control. Without prejudice to applicable Union or national law, the logs shall be kept for a period appropriate to the intended purpose of the high-risk AI system, of at least six months, unless provided otherwise in the applicable Union or national law, in particular in Union law on the protection of personal data.”
In practice: Implement a log retention policy for all high-risk AI systems that defaults to a minimum of six months. Integrate this with your data governance framework to ensure alignment with GDPR retention limits and document any deviations justified by applicable law or the system's intended purpose.
Art. 19(2). Providers of high-risk AI systems that are financial institutions subject to Union financial services law must keep automatically generated logs as part of their existing documentation obligations under that financial services law, integrating AI log retention into their sectoral compliance framework.
chevron_rightSource text
Source text: “Providers that are financial institutions subject to requirements regarding their internal governance, arrangements or processes under Union financial services law shall maintain the logs automatically generated by their high-risk AI systems as part of the documentation kept under the relevant financial services law.”
In practice: Financial institutions should map their AI system log retention obligations to existing internal governance documentation requirements under applicable financial services law (e.g., MiFID II, CRD, Solvency II). Establish a unified record-keeping framework that satisfies both the AI Act and sectoral requirements, avoiding duplication while ensuring full compliance.
Article 20 - Corrective actions and duty of information
Art. 20(1). Providers of high-risk AI systems that know or have reason to believe their system is non-compliant must immediately take corrective action—including withdrawal, disabling, or recall—and inform distributors, deployers, authorised representatives, and importers accordingly.
chevron_rightSource text
Source text: “Providers of high-risk AI systems which consider or have reason to consider that a high-risk AI system that they have placed on the market or put into service is not in conformity with this Regulation shall immediately take the necessary corrective actions to bring that system into conformity, to withdraw it, to disable it, or to recall it, as appropriate. They shall inform the distributors of the high-risk AI system concerned and, where applicable, the deployers, the authorised representative and importers accordingly.”
In practice: Establish an internal non-conformity detection and escalation procedure that automatically triggers corrective action workflows and stakeholder notifications; maintain an up-to-date contact list of all distributors, deployers, authorised representatives, and importers for rapid communication.
Art. 20(2). When a high-risk AI system presents a risk as defined in Article 79(1) and the provider becomes aware of it, the provider must immediately investigate the causes in collaboration with the deployer where applicable, and inform the competent market surveillance authority and the notified body that issued the relevant certificate.
chevron_rightSource text
Source text: “Where the high-risk AI system presents a risk within the meaning of Article 79(1) and the provider becomes aware of that risk, it shall immediately investigate the causes, in collaboration with the reporting deployer, where applicable, and inform the market surveillance authorities competent for the high-risk AI system concerned and, where applicable, the notified body that issued a certificate for that high-risk AI system in accordance with Article 44, in particular, of the nature of the non-compliance and of any relevant corrective action taken.”
In practice: Implement a documented incident investigation protocol that includes collaboration procedures with deployers and a structured notification template for market surveillance authorities and notified bodies; ensure the nature of non-compliance and corrective actions are clearly recorded and communicated without delay.
Article 21 - Cooperation with competent authorities
Art. 21(1). Providers of high-risk AI systems must supply all information and documentation needed to demonstrate compliance with Section 2 requirements to a competent authority upon a reasoned request, in a language easily understood by that authority and in an official EU language as indicated by the relevant Member State.
chevron_rightSource text
Source text: “Providers of high-risk AI systems shall, upon a reasoned request by a competent authority, provide that authority all the information and documentation necessary to demonstrate the conformity of the high-risk AI system with the requirements set out in Section 2, in a language which can be easily understood by the authority in one of the official languages of the institutions of the Union as indicated by the Member State concerned.”
In practice: Maintain a ready-to-share compliance documentation package (technical documentation, conformity assessment records, risk management files) translated into the official EU language(s) of the Member States where the system is deployed, so it can be provided promptly upon any reasoned authority request.
Art. 21(2). Upon a reasoned request by a competent authority, providers of high-risk AI systems must also grant that authority access to the automatically generated logs referred to in Article 12(1), to the extent those logs are under the provider's control.
chevron_rightSource text
Source text: “Upon a reasoned request by a competent authority, providers shall also give the requesting competent authority, as applicable, access to the automatically generated logs of the high-risk AI system referred to in Article 12(1), to the extent such logs are under their control.”
In practice: Implement a log management system that clearly identifies which automatically generated logs are under the provider's control, and establish a documented process for securely sharing those logs with competent authorities upon request, including access controls and audit trails for such disclosures.
Article 22 - Authorised representatives of providers of high-risk AI systems
Art. 22(1). Providers of high-risk AI systems established outside the EU must appoint, by written mandate, an authorised representative based in the Union before making their systems available on the EU market.
chevron_rightSource text
Source text: “Prior to making their high-risk AI systems available on the Union market, providers established in third countries shall, by written mandate, appoint an authorised representative which is established in the Union.”
In practice: Third-country AI providers should identify and formally appoint an EU-based authorised representative well before market entry, ensuring the mandate is in writing and covers all required tasks under Article 22.
Art. 22(2). The provider must enable its authorised representative to carry out all tasks specified in the mandate, ensuring the representative has the necessary means to fulfil their role.
chevron_rightSource text
Source text: “The provider shall enable its authorised representative to perform the tasks specified in the mandate received from the provider.”
In practice: Providers should include in the mandate explicit provisions granting the authorised representative access to documentation, technical information, and authority to act on compliance matters, and should not obstruct the representative's activities.
Article 25 - Responsibilities along the AI value chain
Art. 25(2). When a third party assumes provider status, the original provider is no longer considered the provider but must cooperate with the new provider by sharing necessary information and technical access to support compliance, unless the original provider explicitly stated the system was not to be changed into a high-risk AI system.
chevron_rightSource text
Source text: “Where the circumstances referred to in paragraph 1 occur, the provider that initially placed the AI system on the market or put it into service shall no longer be considered to be a provider of that specific AI system for the purposes of this Regulation. That initial provider shall closely cooperate with new providers and shall make available the necessary information and provide the reasonably expected technical access and other assistance that are required for the fulfilment of the obligations set out in this Regulation, in particular regarding the compliance with the conformity assessment of high-risk AI systems. This paragraph shall not apply in cases where the initial provider has clearly specified that its AI system is not to be changed into a high-risk AI system and therefore does not fall under the obligation to hand over the documentation.”
In practice: Original providers should include clear contractual clauses specifying whether their AI system may be modified into a high-risk system, and if so, establish data-sharing and technical support protocols in advance to facilitate smooth handover of compliance responsibilities.
Art. 25(4). Providers of high-risk AI systems must establish written agreements with third-party suppliers of tools, services, components, or processes integrated into their systems, specifying the information and technical access needed for compliance; the AI Office may develop voluntary model contract terms to facilitate this, though open-source providers are exempt.
chevron_rightSource text
Source text: “The provider of a high-risk AI system and the third party that supplies an AI system, tools, services, components, or processes that are used or integrated in a high-risk AI system shall, by written agreement, specify the necessary information, capabilities, technical access and other assistance based on the generally acknowledged state of the art, in order to enable the provider of the high-risk AI system to fully comply with the obligations set out in this Regulation. This paragraph shall not apply to third parties making accessible to the public tools, services, processes, or components, other than general-purpose AI models, under a free and open-source licence. The AI Office may develop and recommend voluntary model terms for contracts between providers of high-risk AI systems and third parties that supply tools, services, components or processes that are used for or integrated into high-risk AI systems. When developing those voluntary model terms, the AI Office shall take into account possible contractual requirements applicable in specific sectors or business cases. The voluntary model terms shall be published and be available free of charge in an easily usable electronic format.”
In practice: High-risk AI system providers should establish a supplier management programme that includes standardised written agreements covering information sharing, technical access, and compliance support obligations. Review existing supplier contracts to ensure they meet this requirement before the regulation applies.
Art. 25(5). The cooperation and information-sharing obligations in paragraphs 2 and 3 do not override the need to protect intellectual property rights, confidential business information, and trade secrets under Union and national law.
chevron_rightSource text
Source text: “Paragraphs 2 and 3 are without prejudice to the need to observe and protect intellectual property rights, confidential business information and trade secrets in accordance with Union and national law.”
In practice: When drafting cooperation agreements or sharing technical documentation under paragraphs 2 and 3, include appropriate confidentiality clauses and IP protection provisions. Consider using non-disclosure agreements and data room arrangements to share sensitive technical information securely.
Article 36 - Changes to notifications
Art. 36(8). Certificates issued by a notified body whose designation has been suspended or restricted (excluding unduly issued ones) remain valid if the notifying authority confirms no risk to health, safety, or fundamental rights and outlines a remediation timeline, or confirms no new certificates will be issued and addresses the notified body's capability to monitor existing certificates.
chevron_rightSource text
Source text: “With the exception of certificates unduly issued, and where a designation has been suspended or restricted, the certificates shall remain valid in one of the following circumstances:”
In practice: Develop a certificate validity decision tree for use by notifying authorities when a suspension or restriction occurs; ensure written confirmations and timelines are documented within one month and that providers are notified immediately if a substitute notified body must be engaged within three months.
Article 41 - Common specifications
Art. 41(5). Providers of high-risk AI systems or general-purpose AI models that do not comply with the common specifications must duly justify that their alternative technical solutions meet the relevant requirements or obligations to at least an equivalent level.
chevron_rightSource text
Source text: “Where providers of high-risk AI systems or general-purpose AI models do not comply with the common specifications referred to in paragraph 1, they shall duly justify that they have adopted technical solutions that meet the requirements referred to in Section 2 of this Chapter or, as applicable, comply with the obligations set out in Sections 2 and 3 of Chapter V to a level at least equivalent thereto.”
In practice: Providers choosing not to follow common specifications should prepare detailed technical documentation justifying how their alternative solutions achieve at least equivalent compliance, and retain this documentation for review by market surveillance authorities.
Article 43 - Conformity assessment
Art. 43(1). Providers of high-risk AI systems listed in Annex III point 1 must choose between an internal control procedure or a third-party assessment involving a notified body, depending on whether harmonised standards or common specifications exist. Where law enforcement, immigration, or asylum authorities are the intended deployers, the relevant market surveillance authority acts as the notified body.
chevron_rightSource text
Source text: “For high-risk AI systems listed in point 1 of Annex III, where, in demonstrating the compliance of a high-risk AI system with the requirements set out in Section 2, the provider has applied harmonised standards referred to in Article 40, or, where applicable, common specifications referred to in Article 41, the provider shall opt for one of the following conformity assessment procedures based on: In demonstrating the compliance of a high-risk AI system with the requirements set out in Section 2, the provider shall follow the conformity assessment procedure set out in Annex VII where: For the purposes of the conformity assessment procedure referred to in Annex VII, the provider may choose any of the notified bodies. However, where the high-risk AI system is intended to be put into service by law enforcement, immigration or asylum authorities or by Union institutions, bodies, offices or agencies, the market surveillance authority referred to in Article 74(8) or (9), as applicable, shall act as a notified body.”
In practice: Map your AI system to Annex III point 1 and check whether applicable harmonised standards under Article 40 or common specifications under Article 41 exist. If they do, you may use internal control (Annex VI); if not, engage a notified body under Annex VII. For law enforcement use cases, contact the designated market surveillance authority early as it will serve as the notified body.
Art. 43(2). Providers of high-risk AI systems listed in Annex III points 2 to 8 must conduct a conformity assessment based solely on internal control as set out in Annex VI, without involving a notified body.
chevron_rightSource text
Source text: “For high-risk AI systems referred to in points 2 to 8 of Annex III, providers shall follow the conformity assessment procedure based on internal control as referred to in Annex VI, which does not provide for the involvement of a notified body.”
In practice: If your high-risk AI system falls under Annex III points 2–8 (e.g., education, employment, essential services, law enforcement, migration, justice), you must self-certify using the internal control procedure in Annex VI. Establish a robust internal quality management system and document all technical evidence required by Annex VI to demonstrate compliance.
Art. 43(3). High-risk AI systems covered by Union harmonisation legislation in Annex I Section A must follow the conformity assessment procedure of that legislation, with the AI Act's Section 2 requirements integrated into that assessment. Notified bodies under those acts may assess AI Act compliance if they meet Article 31 requirements, and manufacturers may only opt out of third-party assessment if they have applied all relevant harmonised standards including those covering AI Act Section 2 requirements.
chevron_rightSource text
Source text: “For high-risk AI systems covered by the Union harmonisation legislation listed in Section A of Annex I, the provider shall follow the relevant conformity assessment procedure as required under those legal acts. The requirements set out in Section 2 of this Chapter shall apply to those high-risk AI systems and shall be part of that assessment. Points 4.3., 4.4., 4.5. and the fifth paragraph of point 4.6 of Annex VII shall also apply. For the purposes of that assessment, notified bodies which have been notified under those legal acts shall be entitled to control the conformity of the high-risk AI systems with the requirements set out in Section 2, provided that the compliance of those notified bodies with requirements laid down in Article 31(4), (5), (10) and (11) has been assessed in the context of the notification procedure under those legal acts. Where a legal act listed in Section A of Annex I enables the product manufacturer to opt out from a third-party conformity assessment, provided that that manufacturer has applied all harmonised standards covering all the relevant requirements, that manufacturer may use that option only if it has also applied harmonised standards or, where applicable, common specifications referred to in Article 41, covering all requirements set out in Section 2 of this Chapter.”
In practice: If your AI system is a safety component of a product regulated under Annex I Section A legislation (e.g., medical devices, machinery), integrate the AI Act's Section 2 requirements into your existing conformity assessment. Verify that your notified body has been assessed against Article 31(4), (5), (10) and (11). If opting out of third-party assessment, ensure harmonised standards covering all Section 2 AI Act requirements have been applied.
Art. 43(4). High-risk AI systems that have already undergone conformity assessment must undergo a new assessment if they are substantially modified, regardless of whether they are redistributed or continue in use. However, pre-determined changes to continuously learning systems that were assessed at initial conformity assessment and documented in the technical documentation do not constitute a substantial modification.
chevron_rightSource text
Source text: “High-risk AI systems that have already been subject to a conformity assessment procedure shall undergo a new conformity assessment procedure in the event of a substantial modification, regardless of whether the modified system is intended to be further distributed or continues to be used by the current deployer. For high-risk AI systems that continue to learn after being placed on the market or put into service, changes to the high-risk AI system and its performance that have been pre-determined by the provider at the moment of the initial conformity assessment and are part of the information contained in the technical documentation referred to in point 2(f) of Annex IV, shall not constitute a substantial modification.”
In practice: Establish a change management process that evaluates every modification to a high-risk AI system against the 'substantial modification' threshold. Pre-determine and document in the technical documentation (Annex IV point 2(f)) any anticipated post-deployment learning changes at the time of initial conformity assessment to avoid triggering a new assessment for those changes.
Article 44 - Certificates
Art. 44(3). If a notified body finds that an AI system no longer meets the applicable requirements, it must suspend, withdraw, or restrict the certificate unless the provider takes appropriate corrective action within a deadline set by the notified body, and must give reasons for its decision. An appeal procedure against notified body decisions must be available.
chevron_rightSource text
Source text: “Where a notified body finds that an AI system no longer meets the requirements set out in Section 2, it shall, taking account of the principle of proportionality, suspend or withdraw the certificate issued or impose restrictions on it, unless compliance with those requirements is ensured by appropriate corrective action taken by the provider of the system within an appropriate deadline set by the notified body. The notified body shall give reasons for its decision. An appeal procedure against decisions of the notified bodies, including on conformity certificates issued, shall be available.”
In practice: Providers should establish internal processes to respond promptly to notified body findings of non-compliance, including a corrective action plan with clear timelines. Notified bodies should document their decisions with detailed reasoning and ensure that an accessible, transparent appeal mechanism is in place and communicated to providers.
Article 46 - Derogation from conformity assessment procedure
Art. 46(1). A market surveillance authority may grant a time-limited authorisation to place a high-risk AI system on the market without completing the normal conformity assessment, but only for exceptional reasons such as public security, protection of life and health, environmental protection, or protection of key infrastructure. The conformity assessment must still be completed without undue delay.
chevron_rightSource text
Source text: “By way of derogation from Article 43 and upon a duly justified request, any market surveillance authority may authorise the placing on the market or the putting into service of specific high-risk AI systems within the territory of the Member State concerned, for exceptional reasons of public security or the protection of life and health of persons, environmental protection or the protection of key industrial and infrastructural assets. That authorisation shall be for a limited period while the necessary conformity assessment procedures are being carried out, taking into account the exceptional reasons justifying the derogation. The completion of those procedures shall be undertaken without undue delay.”
In practice: Operators seeking emergency authorisation should document the exceptional justification thoroughly and immediately initiate the conformity assessment procedure in parallel, tracking progress to ensure timely completion.
Art. 46(7). For high-risk AI systems that are part of products covered by Union harmonisation legislation listed in Section A of Annex I, only the derogation rules established in that specific Union harmonisation legislation apply, not the general derogation rules of the AI Act. This ensures that sector-specific product safety regimes govern derogations for those product categories.
chevron_rightSource text
Source text: “For high-risk AI systems related to products covered by Union harmonisation legislation listed in Section A of Annex I, only the derogations from the conformity assessment established in that Union harmonisation legislation shall apply.”
In practice: Providers of high-risk AI systems embedded in products covered by Annex I Section A legislation (e.g., medical devices, machinery) should consult the applicable sectoral Union harmonisation legislation to identify the correct derogation procedures, rather than relying on the general AI Act derogation provisions.
Article 47 - EU declaration of conformity
Art. 47(1). Providers of high-risk AI systems must draw up a written, machine-readable or electronically signed EU declaration of conformity for each system and retain it for 10 years after market placement or service entry. A copy must be provided to national competent authorities upon request.
chevron_rightSource text
Source text: “The provider shall draw up a written machine readable, physical or electronically signed EU declaration of conformity for each high-risk AI system, and keep it at the disposal of the national competent authorities for 10 years after the high-risk AI system has been placed on the market or put into service. The EU declaration of conformity shall identify the high-risk AI system for which it has been drawn up. A copy of the EU declaration of conformity shall be submitted to the relevant national competent authorities upon request.”
In practice: Establish a document management system that stores EU declarations of conformity in machine-readable format (e.g., XML or PDF/A with metadata) with automated retention tracking for 10 years per system. Tag each declaration with the system identifier and placement date to facilitate retrieval upon regulatory request.
Art. 47(2). The EU declaration of conformity must confirm that the high-risk AI system meets the requirements of Section 2 of the AI Act, contain the information specified in Annex V, and be translated into a language easily understood by the national competent authorities of the Member States where the system is placed on the market.
chevron_rightSource text
Source text: “The EU declaration of conformity shall state that the high-risk AI system concerned meets the requirements set out in Section 2. The EU declaration of conformity shall contain the information set out in Annex V, and shall be translated into a language that can be easily understood by the national competent authorities of the Member States in which the high-risk AI system is placed on the market or made available.”
In practice: Prepare a template EU declaration of conformity aligned with Annex V and maintain translated versions for each target Member State market. Assign a compliance officer to verify that the declaration explicitly references all Section 2 requirements met by the system before market placement.
Art. 47(3). Where a high-risk AI system is also subject to other EU harmonisation legislation requiring a declaration of conformity, a single consolidated declaration must be drawn up covering all applicable Union law, and must identify each piece of legislation to which it relates.
chevron_rightSource text
Source text: “Where high-risk AI systems are subject to other Union harmonisation legislation which also requires an EU declaration of conformity, a single EU declaration of conformity shall be drawn up in respect of all Union law applicable to the high-risk AI system. The declaration shall contain all the information required to identify the Union harmonisation legislation to which the declaration relates.”
In practice: Map all applicable Union harmonisation legislation for each high-risk AI product (e.g., Machinery Regulation, Medical Devices Regulation) and create a unified declaration template that references each applicable legal act and its specific requirements, avoiding separate declarations that may create inconsistencies.
Art. 47(4). By drawing up the EU declaration of conformity, the provider formally assumes responsibility for the high-risk AI system's compliance with Section 2 requirements and must keep the declaration updated as appropriate throughout the system's lifecycle.
chevron_rightSource text
Source text: “By drawing up the EU declaration of conformity, the provider shall assume responsibility for compliance with the requirements set out in Section 2. The provider shall keep the EU declaration of conformity up-to-date as appropriate.”
In practice: Implement a change management process that triggers a review of the EU declaration of conformity whenever the AI system undergoes modifications, updates to its intended purpose, or changes in the regulatory environment. Assign a named responsible person for maintaining the declaration's currency.
Article 48 - CE marking
Art. 48(1). The CE marking for high-risk AI systems must follow the general principles established in Article 30 of Regulation (EC) No 765/2008, which governs CE marking across EU product legislation.
chevron_rightSource text
Source text: “The CE marking shall be subject to the general principles set out in Article 30 of Regulation (EC) No 765/2008.”
In practice: Ensure your CE marking process for high-risk AI systems aligns with the New Legislative Framework principles in Regulation (EC) No 765/2008, including correct placement, visibility, and the prohibition on misleading markings.
Art. 48(2). For high-risk AI systems provided digitally, a digital CE marking must be used, but only if it is easily accessible via the system's interface or through a machine-readable code or other electronic means.
chevron_rightSource text
Source text: “For high-risk AI systems provided digitally, a digital CE marking shall be used, only if it can easily be accessed via the interface from which that system is accessed or via an easily accessible machine-readable code or other electronic means.”
In practice: If your high-risk AI system is delivered digitally (e.g., via API or SaaS), implement a digital CE marking accessible directly from the user interface or via a QR code or URL linking to the declaration of conformity.
Art. 48(3). The CE marking must be affixed visibly, legibly, and indelibly on high-risk AI systems; if this is not possible due to the nature of the system, it must appear on the packaging or accompanying documentation.
chevron_rightSource text
Source text: “The CE marking shall be affixed visibly, legibly and indelibly for high-risk AI systems. Where that is not possible or not warranted on account of the nature of the high-risk AI system, it shall be affixed to the packaging or to the accompanying documentation, as appropriate.”
In practice: For physical AI-embedded products, ensure the CE marking is directly on the device in a durable, clearly visible manner. For systems where direct affixing is impractical, place the marking prominently on packaging or user documentation.
Art. 48(4). Where a notified body is involved in the conformity assessment, its identification number must follow the CE marking and be included in any promotional material claiming CE marking compliance; the number is affixed by the notified body itself or under its instructions.
chevron_rightSource text
Source text: “Where applicable, the CE marking shall be followed by the identification number of the notified body responsible for the conformity assessment procedures set out in Article 43. The identification number of the notified body shall be affixed by the body itself or, under its instructions, by the provider or by the provider’s authorised representative. The identification number shall also be indicated in any promotional material which mentions that the high-risk AI system fulfils the requirements for CE marking.”
In practice: After obtaining a notified body certificate, ensure the notified body's identification number is placed immediately after the CE marking on the product, packaging, and documentation, and is also included in all marketing materials referencing CE compliance.
Art. 48(5). Where a high-risk AI system is also subject to other EU legislation requiring CE marking, the CE marking must indicate that the system complies with all applicable Union laws, not just the AI Act.
chevron_rightSource text
Source text: “Where high-risk AI systems are subject to other Union law which also provides for the affixing of the CE marking, the CE marking shall indicate that the high-risk AI system also fulfil the requirements of that other law.”
In practice: For AI systems that fall under multiple EU regulations (e.g., Medical Devices Regulation, Machinery Regulation), ensure the CE marking and accompanying EU declaration of conformity explicitly reference all applicable Union laws to demonstrate comprehensive compliance.
Article 49 - Registration
Art. 49(1). Before placing a high-risk AI system listed in Annex III on the market or putting it into service, the provider or their authorised representative must register themselves and the system in the EU database under Article 71. This obligation does not apply to high-risk AI systems referred to in point 2 of Annex III.
chevron_rightSource text
Source text: “Before placing on the market or putting into service a high-risk AI system listed in Annex III, with the exception of high-risk AI systems referred to in point 2 of Annex III, the provider or, where applicable, the authorised representative shall register themselves and their system in the EU database referred to in Article 71.”
In practice: Establish an internal pre-launch checklist that includes EU database registration as a mandatory gate before any high-risk AI system (Annex III, excluding point 2) is released to market. Assign a dedicated compliance officer or authorised representative to manage and maintain registration records.
Art. 49(2). If a provider has concluded under Article 6(3) that their AI system is not high-risk, they must still register themselves and the system in the EU database before placing it on the market or putting it into service. This ensures traceability even for systems self-assessed as non-high-risk.
chevron_rightSource text
Source text: “Before placing on the market or putting into service an AI system for which the provider has concluded that it is not high-risk according to Article 6(3), that provider or, where applicable, the authorised representative shall register themselves and that system in the EU database referred to in Article 71.”
In practice: Providers who invoke the Article 6(3) derogation to classify their system as non-high-risk should document their assessment thoroughly and ensure EU database registration is completed before market placement, as this registration is mandatory regardless of the non-high-risk conclusion.
Art. 49(4). For high-risk AI systems used in law enforcement, migration, asylum, and border control (Annex III points 1, 6, 7), registration in the EU database must be in a secure non-public section with limited information fields as specified in Annex VIII. Only the Commission and designated national authorities under Article 74(8) may access these restricted sections.
chevron_rightSource text
Source text: “For high-risk AI systems referred to in points 1, 6 and 7 of Annex III, in the areas of law enforcement, migration, asylum and border control management, the registration referred to in paragraphs 1, 2 and 3 of this Article shall be in a secure non-public section of the EU database referred to in Article 71 and shall include only the following information, as applicable, referred to in: Only the Commission and national authorities referred to in Article 74(8) shall have access to the respective restricted sections of the EU database listed in the first subparagraph of this paragraph.”
In practice: Organisations deploying AI systems in law enforcement, migration, asylum, or border control must ensure their EU database registrations are submitted to the secure non-public section and include only the information fields specified in Annex VIII Sections A (points 1-10 excl. 6,8,9), B (points 1-5, 8, 9), and C (points 1-3). Implement strict access controls to ensure only authorised authorities can view these entries.
Art. 49(5). High-risk AI systems referred to in point 2 of Annex III (which covers certain biometric identification systems used for law enforcement) must be registered at the national level rather than in the EU database. This creates a separate national registration track for these specific systems.
chevron_rightSource text
Source text: “High-risk AI systems referred to in point 2 of Annex III shall be registered at national level.”
In practice: For AI systems falling under Annex III point 2, identify the relevant national competent authority in each Member State where the system will be deployed and ensure national-level registration is completed before use. Maintain records of national registrations separately from EU database registrations.
Article 50 - Transparency obligations for providers and deployers of certain AI systems
Art. 50(1). Providers must design AI systems that interact with people so that users are clearly informed they are interacting with an AI, unless this is obvious. An exception applies for AI systems legally authorised for law enforcement purposes, unless those systems are publicly accessible for reporting crimes.
chevron_rightSource text
Source text: “Providers shall ensure that AI systems intended to interact directly with natural persons are designed and developed in such a way that the natural persons concerned are informed that they are interacting with an AI system, unless this is obvious from the point of view of a natural person who is reasonably well-informed, observant and circumspect, taking into account the circumstances and the context of use. This obligation shall not apply to AI systems authorised by law to detect, prevent, investigate or prosecute criminal offences, subject to appropriate safeguards for the rights and freedoms of third parties, unless those systems are available for the public to report a criminal offence.”
In practice: Implement a clear, upfront disclosure mechanism (e.g., a banner, voice prompt, or on-screen message) at the start of any AI-human interaction. Document the rationale if you claim the 'obvious' exception, and maintain records of any law enforcement authorisation relied upon.
Art. 50(2). Providers of AI systems that generate synthetic audio, image, video, or text must mark outputs in a machine-readable format so they can be detected as artificially generated or manipulated, using effective, interoperable, and robust technical solutions. This obligation does not apply where the AI performs only assistive editing functions, does not substantially alter input data, or is authorised for law enforcement.
chevron_rightSource text
Source text: “Providers of AI systems, including general-purpose AI systems, generating synthetic audio, image, video or text content, shall ensure that the outputs of the AI system are marked in a machine-readable format and detectable as artificially generated or manipulated. Providers shall ensure their technical solutions are effective, interoperable, robust and reliable as far as this is technically feasible, taking into account the specificities and limitations of various types of content, the costs of implementation and the generally acknowledged state of the art, as may be reflected in relevant technical standards. This obligation shall not apply to the extent the AI systems perform an assistive function for standard editing or do not substantially alter the input data provided by the deployer or the semantics thereof, or where authorised by law to detect, prevent, investigate or prosecute criminal offences.”
In practice: Implement technical watermarking or metadata-based provenance marking (e.g., C2PA standards) in your AI output pipeline. Ensure the solution is interoperable with industry standards and document why any exception (assistive editing, law enforcement) applies.
Art. 50(5). The information required under paragraphs 1 to 4 must be provided to affected natural persons in a clear and distinguishable manner at the latest at the time of the first interaction or exposure, and must comply with applicable accessibility requirements.
chevron_rightSource text
Source text: “The information referred to in paragraphs 1 to 4 shall be provided to the natural persons concerned in a clear and distinguishable manner at the latest at the time of the first interaction or exposure. The information shall conform to the applicable accessibility requirements.”
In practice: Configure your AI system's disclosure mechanism to trigger automatically at the very first user interaction or exposure event. Ensure the disclosure meets accessibility standards (e.g., WCAG, EU Web Accessibility Directive) including for users with disabilities.
General-purpose AI model obligations (Articles 51–56)
These articles apply specifically where a general-purpose AI (GPAI) model is involved — a model trained on broad data and usable across many tasks.
Article 51 - Classification of general-purpose AI models as general-purpose AI models with systemic risk
Art. 51(1). (effective 2 August 2025) A general-purpose AI model must be classified as having systemic risk if it has high-impact capabilities assessed via technical tools and benchmarks, or if the Commission decides it has equivalent capabilities or impact based on Annex XIII criteria. This classification can be triggered by the Commission acting on its own initiative or following a qualified alert from the scientific panel.
chevron_rightSource text
Source text: “A general-purpose AI model shall be classified as a general-purpose AI model with systemic risk if it meets any of the following conditions:”
In practice: Providers of general-purpose AI models should proactively assess their model's capabilities against published benchmarks and indicators. Maintain documentation of capability evaluations and monitor for Commission decisions or scientific panel alerts that could trigger systemic risk classification.
Art. 51(2). (effective 2 August 2025) A general-purpose AI model is presumed to have high-impact capabilities — and therefore systemic risk — if the cumulative computation used for its training exceeds 10^25 floating point operations (FLOPs). This creates a quantitative threshold for triggering the systemic risk classification presumption.
chevron_rightSource text
Source text: “A general-purpose AI model shall be presumed to have high impact capabilities pursuant to paragraph 1, point (a), when the cumulative amount of computation used for its training measured in floating point operations is greater than 1025.”
In practice: Providers training large AI models should track and document the total cumulative floating point operations used across all training phases (pre-training, fine-tuning, synthetic data generation). If the 10^25 FLOP threshold is approached or exceeded, initiate the notification process to the AI Office without delay.
Article 52 - Procedure
Art. 52(1). (effective 2 August 2025) Providers of general-purpose AI models that meet the threshold for systemic risk must notify the European Commission within two weeks, including evidence that the threshold is met. If the Commission learns of an unnotified model presenting systemic risks, it may designate it as such on its own initiative.
chevron_rightSource text
Source text: “Where a general-purpose AI model meets the condition referred to in Article 51(1), point (a), the relevant provider shall notify the Commission without delay and in any event within two weeks after that requirement is met or it becomes known that it will be met. That notification shall include the information necessary to demonstrate that the relevant requirement has been met. If the Commission becomes aware of a general-purpose AI model presenting systemic risks of which it has not been notified, it may decide to designate it as a model with systemic risk.”
In practice: Establish an internal monitoring process to track compute thresholds and model capability benchmarks. Set up an automated alert when training FLOPs approach the Article 51(1)(a) threshold so the legal team can prepare the notification package well before the two-week deadline.
Article 53 - Obligations for providers of general-purpose AI models
Art. 53(1). (effective 2 August 2025) Providers of general-purpose AI models must maintain comprehensive technical documentation, provide information to downstream AI system providers, and implement policies to comply with EU copyright law including respecting opt-out rights.
chevron_rightSource text
Source text: “Providers of general-purpose AI models shall:”
In practice: Establish automated documentation workflows that capture training processes, model evaluations, and copyright compliance measures. Create standardized information packages for downstream providers and implement copyright scanning tools to identify and respect reservation of rights.
Art. 53(3). (effective 2 August 2025) Providers of general-purpose AI models must cooperate with the Commission and national authorities in their regulatory and enforcement activities.
chevron_rightSource text
Source text: “Providers of general-purpose AI models shall cooperate as necessary with the Commission and the national competent authorities in the exercise of their competences and powers pursuant to this Regulation.”
In practice: Establish clear points of contact and procedures for responding to regulatory requests. Maintain readily accessible documentation and designate staff authorized to engage with authorities on compliance matters.
Art. 53(4). (effective 2 August 2025) Providers can demonstrate compliance through approved codes of practice or harmonised standards, but must show alternative adequate compliance methods if they don't follow these frameworks.
chevron_rightSource text
Source text: “Providers of general-purpose AI models may rely on codes of practice within the meaning of Article 56 to demonstrate compliance with the obligations set out in paragraph 1 of this Article, until a harmonised standard is published. Compliance with European harmonised standards grants providers the presumption of conformity to the extent that those standards cover those obligations. Providers of general-purpose AI models who do not adhere to an approved code of practice or do not comply with a European harmonised standard shall demonstrate alternative adequate means of compliance for assessment by the Commission.”
In practice: Monitor the development of industry codes of practice and harmonised standards. If not following established frameworks, document alternative compliance measures thoroughly and prepare for Commission assessment.
Article 54 - Authorised representatives of providers of general-purpose AI models
Art. 54(1). (effective 2 August 2025) Providers of general-purpose AI models established outside the EU must appoint, by written mandate, an authorised representative established in the Union before placing their model on the Union market.
chevron_rightSource text
Source text: “Prior to placing a general-purpose AI model on the Union market, providers established in third countries shall, by written mandate, appoint an authorised representative which is established in the Union.”
In practice: Third-country providers should identify and formally appoint an EU-based legal entity or individual as their authorised representative before any market launch, ensuring the mandate is in writing and covers all required tasks under Article 54.
Art. 54(2). (effective 2 August 2025) The provider of a general-purpose AI model must actively enable its authorised representative to carry out the tasks specified in the mandate, ensuring the representative has the necessary means to fulfil its role.
chevron_rightSource text
Source text: “The provider shall enable its authorised representative to perform the tasks specified in the mandate received from the provider.”
In practice: Providers should establish clear internal procedures, grant access to relevant documentation, and provide ongoing support so that the authorised representative can effectively perform all mandated tasks without obstruction.
Art. 54(4). (effective 2 August 2025) The mandate must empower the authorised representative to be addressed by the AI Office or competent authorities on all compliance-related issues, either in addition to or instead of the provider.
chevron_rightSource text
Source text: “The mandate shall empower the authorised representative to be addressed, in addition to or instead of the provider, by the AI Office or the competent authorities, on all issues related to ensuring compliance with this Regulation.”
In practice: Ensure the written mandate explicitly grants the authorised representative authority to receive and respond to all official communications from the AI Office and national competent authorities, and establish internal escalation procedures so the representative can act promptly on behalf of the provider.
Article 55 - Obligations of providers of general-purpose AI models with systemic risk
Art. 55(1). (effective 2 August 2025) Providers of general-purpose AI models with systemic risk must conduct and document adversarial model evaluations, assess and mitigate systemic risks at Union level, and promptly report serious incidents and corrective measures to the AI Office and national competent authorities.
chevron_rightSource text
Source text: “In addition to the obligations listed in Articles 53 and 54, providers of general-purpose AI models with systemic risk shall:”
In practice: Establish a dedicated systemic risk management programme that includes scheduled adversarial testing protocols, a risk register covering Union-level systemic risks, and an incident reporting pipeline with defined escalation paths to the AI Office and relevant national authorities. Document all evaluations and corrective actions thoroughly.
Art. 55(2). (effective 2 August 2025) Providers of general-purpose AI models with systemic risk may use approved codes of practice to demonstrate compliance until harmonised standards are published; compliance with harmonised standards grants a presumption of conformity, while providers not adhering to either must demonstrate alternative adequate compliance means to the Commission.
chevron_rightSource text
Source text: “Providers of general-purpose AI models with systemic risk may rely on codes of practice within the meaning of Article 56 to demonstrate compliance with the obligations set out in paragraph 1 of this Article, until a harmonised standard is published. Compliance with European harmonised standards grants providers the presumption of conformity to the extent that those standards cover those obligations. Providers of general-purpose AI models with systemic risks who do not adhere to an approved code of practice or do not comply with a European harmonised standard shall demonstrate alternative adequate means of compliance for assessment by the Commission.”
In practice: Actively participate in the development of codes of practice facilitated by the AI Office and monitor the publication of relevant harmonised standards. If neither a code of practice nor a harmonised standard is available or chosen, prepare documented alternative compliance evidence for Commission assessment, such as internal audit reports, third-party assessments, or technical specifications.
Article 56 - Codes of practice
Art. 56(2). (effective 2 August 2025) The AI Office and the Board must ensure that codes of practice cover at minimum the obligations in Articles 53 and 55, including keeping information up to date, providing adequate training data summaries, and identifying systemic risks at Union level.
chevron_rightSource text
Source text: “The AI Office and the Board shall aim to ensure that the codes of practice cover at least the obligations provided for in Articles 53 and 55, including the following issues:”
In practice: Providers of general-purpose AI models should prepare documentation covering training data summaries and systemic risk identification processes in anticipation of code of practice requirements, aligning with Articles 53 and 55 obligations.
Art. 56(5). (effective 2 August 2025) The AI Office must ensure that participants in codes of practice regularly report on the implementation of their commitments, measures taken, and outcomes including against KPIs, with reporting requirements reflecting differences in size and capacity among participants.
chevron_rightSource text
Source text: “The AI Office shall aim to ensure that participants to the codes of practice report regularly to the AI Office on the implementation of the commitments and the measures taken and their outcomes, including as measured against the key performance indicators as appropriate. Key performance indicators and reporting commitments shall reflect differences in size and capacity between various participants.”
In practice: Organisations participating in codes of practice should establish internal reporting mechanisms to track KPI performance and commitment implementation, ensuring reports are proportionate to their size and capacity and submitted to the AI Office on a regular basis.
Article 57 - AI regulatory sandboxes
Art. 57(5). AI regulatory sandboxes must provide a controlled environment that fosters innovation and facilitates the development, training, testing and validation of innovative AI systems for a limited time before market placement, based on a specific sandbox plan agreed between providers and the competent authority. Sandboxes may include supervised real-world condition testing.
chevron_rightSource text
Source text: “AI regulatory sandboxes established under paragraph 1 shall provide for a controlled environment that fosters innovation and facilitates the development, training, testing and validation of innovative AI systems for a limited time before their being placed on the market or put into service pursuant to a specific sandbox plan agreed between the providers or prospective providers and the competent authority. Such sandboxes may include testing in real world conditions supervised therein.”
In practice: Providers seeking to enter a sandbox should prepare a detailed sandbox plan covering the AI system's intended purpose, testing methodology, risk mitigation measures, timeline, and data governance arrangements before approaching the competent authority.
Art. 57(12). Providers and prospective providers in AI regulatory sandboxes remain liable under applicable law for any damage caused to third parties during experimentation, but will not face administrative fines for regulatory infringements if they follow the sandbox plan and competent authority guidance in good faith. This fine exemption also extends to other Union or national law where relevant authorities were actively involved in supervision.
chevron_rightSource text
Source text: “Providers and prospective providers participating in the AI regulatory sandbox shall remain liable under applicable Union and national liability law for any damage inflicted on third parties as a result of the experimentation taking place in the sandbox. However, provided that the prospective providers observe the specific plan and the terms and conditions for their participation and follow in good faith the guidance given by the national competent authority, no administrative fines shall be imposed by the authorities for infringements of this Regulation. Where other competent authorities responsible for other Union and national law were actively involved in the supervision of the AI system in the sandbox and provided guidance for compliance, no administrative fines shall be imposed regarding that law.”
In practice: Sandbox participants should document all guidance received from competent authorities and maintain records of their adherence to the sandbox plan and terms, as this documentation will be critical evidence of good faith compliance if any regulatory infringement is alleged.
Article 59 - Further processing of personal data for developing certain AI systems in the public interest in the AI regulatory sandbox
Art. 59(1). Personal data lawfully collected for other purposes may be processed in an AI regulatory sandbox to develop, train, and test AI systems serving substantial public interest, provided strict conditions are met including necessity, effective monitoring, and risk mitigation mechanisms.
chevron_rightSource text
Source text: “In the AI regulatory sandbox, personal data lawfully collected for other purposes may be processed solely for the purpose of developing, training and testing certain AI systems in the sandbox when all of the following conditions are met:”
In practice: Establish a documented legal basis for further processing under Article 6(4) GDPR, implement a Data Protection Impact Assessment (DPIA) aligned with Article 35 GDPR, and deploy real-time monitoring dashboards to detect and mitigate risks to data subjects during sandbox experimentation.
Art. 59(3). Paragraph 1 does not override Union or national laws that restrict personal data processing to specific purposes, nor does it affect other legal bases for processing personal data for AI development, testing or training that comply with Union data protection law.
chevron_rightSource text
Source text: “Paragraph 1 is without prejudice to Union or national law which excludes processing of personal data for other purposes than those explicitly mentioned in that law, as well as to Union or national law laying down the basis for the processing of personal data which is necessary for the purpose of developing, testing or training of innovative AI systems or any other legal basis, in compliance with Union law on the protection of personal data.”
In practice: When relying on Article 59(1) for sandbox processing, verify that no applicable Union or national law explicitly excludes such further processing; also check whether an alternative legal basis under GDPR (e.g., Article 6(1)(e) or Article 9(2)(g)) may be more appropriate and document the chosen basis clearly.
Article 60 - Testing of high-risk AI systems in real world conditions outside AI regulatory sandboxes
Art. 60(3). Real-world testing of high-risk AI systems under Article 60 does not override or replace any ethical review obligations that may be required by Union or national law.
chevron_rightSource text
Source text: “The testing of high-risk AI systems in real world conditions under this Article shall be without prejudice to any ethical review that is required by Union or national law.”
In practice: Before commencing real-world testing, check whether applicable Union or national law (e.g., research ethics regulations, clinical trial rules) requires an independent ethical review and obtain that approval in addition to the Article 60 regulatory approvals.
Art. 60(4). Providers or prospective providers may only conduct real-world testing if they have drawn up and submitted a testing plan to the relevant market surveillance authority, obtained (or are deemed to have obtained) approval within 30 days, and registered the testing in the EU database with a unique identification number and required information.
chevron_rightSource text
Source text: “Providers or prospective providers may conduct the testing in real world conditions only where all of the following conditions are met:”
In practice: Submit the real-world testing plan to the competent market surveillance authority well in advance of the planned testing start date; track the 30-day approval window and check whether national law provides for tacit approval or requires explicit authorisation. Register the testing in the EU database (or secure non-public section for law enforcement/migration/asylum/border control systems) before commencing.
Art. 60(5). Any person participating as a subject in real-world testing may withdraw their informed consent at any time without detriment and without providing justification, and may request immediate and permanent deletion of their personal data; however, activities already carried out before withdrawal are not affected.
chevron_rightSource text
Source text: “Any subjects of the testing in real world conditions, or their legally designated representative, as appropriate, may, without any resulting detriment and without having to provide any justification, withdraw from the testing at any time by revoking their informed consent and may request the immediate and permanent deletion of their personal data. The withdrawal of the informed consent shall not affect the activities already carried out.”
In practice: Implement a clear and accessible consent withdrawal mechanism before testing begins, and establish a documented process for immediate and permanent deletion of personal data upon withdrawal request; ensure that withdrawal does not trigger any negative consequences for the subject and that the process is communicated clearly in the testing information sheet.
Art. 60(7). Any serious incident during real-world testing must be reported to the national market surveillance authority, and the provider must immediately take mitigation measures or suspend/terminate the testing. A recall procedure for the AI system must also be established upon termination.
chevron_rightSource text
Source text: “Any serious incident identified in the course of the testing in real world conditions shall be reported to the national market surveillance authority in accordance with Article 73. The provider or prospective provider shall adopt immediate mitigation measures or, failing that, shall suspend the testing in real world conditions until such mitigation takes place, or otherwise terminate it. The provider or prospective provider shall establish a procedure for the prompt recall of the AI system upon such termination of the testing in real world conditions.”
In practice: Establish a documented incident response and recall procedure before commencing real-world testing. Define clear thresholds for what constitutes a 'serious incident' and assign responsible personnel to trigger reporting and mitigation actions immediately upon detection.
Art. 60(8). Providers or prospective providers must notify the national market surveillance authority in the relevant Member State about any suspension or termination of real-world testing and about the final outcomes of such testing.
chevron_rightSource text
Source text: “Providers or prospective providers shall notify the national market surveillance authority in the Member State where the testing in real world conditions is to be conducted of the suspension or termination of the testing in real world conditions and of the final outcomes.”
In practice: Implement a formal notification workflow that automatically triggers communication to the relevant national market surveillance authority whenever real-world testing is suspended, terminated, or concluded. Document final outcomes in a structured report.
Art. 60(9). Providers or prospective providers are liable under applicable Union and national liability law for any damage caused during their real-world testing of high-risk AI systems.
chevron_rightSource text
Source text: “The provider or prospective provider shall be liable under applicable Union and national liability law for any damage caused in the course of their testing in real world conditions.”
In practice: Before commencing real-world testing, conduct a legal review of applicable Union and national liability frameworks. Consider obtaining appropriate insurance coverage and establishing contractual indemnification arrangements with deployers and other parties involved in the testing.
Article 61 - Informed consent to participate in testing in real world conditions outside AI regulatory sandboxes
Art. 61(1). Before participating in real-world AI testing outside regulatory sandboxes, subjects must freely give informed consent after receiving clear information about the nature, objectives, conditions, duration, and their rights—including the right to refuse or withdraw at any time without penalty.
chevron_rightSource text
Source text: “For the purpose of testing in real world conditions under Article 60, freely-given informed consent shall be obtained from the subjects of testing prior to their participation in such testing and after their having been duly informed with concise, clear, relevant, and understandable information regarding:”
In practice: Develop a standardised informed consent form for real-world testing that clearly explains the AI system's purpose, testing duration, potential inconveniences, and the subject's right to withdraw at any time without justification or detriment. Have legal counsel review the form to ensure it meets the 'freely given' and 'informed' standards.
Art. 61(2). The informed consent obtained from testing subjects must be dated, documented in writing, and a copy must be provided to the subjects or their legal representatives.
chevron_rightSource text
Source text: “The informed consent shall be dated and documented and a copy shall be given to the subjects of testing or their legal representative.”
In practice: Implement a consent management process that timestamps and archives all consent records, and automatically generates a copy for the subject or their legal representative. Store records securely and ensure they are retrievable for audit purposes by market surveillance authorities.
Article 63 - Derogations for specific operators
Art. 63(2). The simplified QMS compliance available to microenterprises under paragraph 1 does not exempt them from any other obligations in the AI Act, including those on risk management (Art. 9), data governance (Art. 10), technical documentation (Art. 11), logging (Art. 12), transparency (Art. 13), human oversight (Art. 14), accuracy and robustness (Art. 15), post-market monitoring (Art. 72), and incident reporting (Art. 73).
chevron_rightSource text
Source text: “Paragraph 1 of this Article shall not be interpreted as exempting those operators from fulfilling any other requirements or obligations laid down in this Regulation, including those established in Articles 9, 10, 11, 12, 13, 14, 15, 72 and 73.”
In practice: Microenterprises must not interpret the simplified QMS derogation as a general exemption. Maintain full compliance with all substantive obligations under Articles 9, 10, 11, 12, 13, 14, 15, 72, and 73, and build these into operational processes even when using a simplified QMS structure.
Article 72 - Post-market monitoring by providers and post-market monitoring plan for high-risk AI systems
Art. 72(1). Providers of high-risk AI systems must establish and document a post-market monitoring system that is proportionate to the nature of the AI technology and the associated risks. This system must be formally documented as part of the provider's compliance obligations.
chevron_rightSource text
Source text: “Providers shall establish and document a post-market monitoring system in a manner that is proportionate to the nature of the AI technologies and the risks of the high-risk AI system.”
In practice: Create a dedicated post-market monitoring policy document that maps the monitoring intensity to the risk level of each AI system. For lower-risk high-risk AI systems, a lighter monitoring cadence may suffice, while higher-risk systems should have more frequent and rigorous monitoring protocols.
Art. 72(2). The post-market monitoring system must actively and systematically collect, document, and analyse relevant data on the performance of high-risk AI systems throughout their lifetime, including analysis of interactions with other AI systems, to evaluate ongoing compliance with Chapter III Section 2 requirements. This obligation does not apply to sensitive operational data of law-enforcement deployers.
chevron_rightSource text
Source text: “The post-market monitoring system shall actively and systematically collect, document and analyse relevant data which may be provided by deployers or which may be collected through other sources on the performance of high-risk AI systems throughout their lifetime, and which allow the provider to evaluate the continuous compliance of AI systems with the requirements set out in Chapter III, Section 2. Where relevant, post-market monitoring shall include an analysis of the interaction with other AI systems. This obligation shall not cover sensitive operational data of deployers which are law-enforcement authorities.”
In practice: Implement automated data pipelines to collect performance metrics from deployed AI systems, and establish a structured process for deployers to submit performance feedback. Ensure your data collection framework explicitly excludes sensitive operational data from law enforcement deployers and document this exclusion in your monitoring plan.
Art. 72(3). The post-market monitoring system must be based on a formal monitoring plan that forms part of the technical documentation in Annex IV, and the Commission must adopt an implementing act by 2 February 2026 to establish a template and list of required elements for this plan. The implementing act must follow the examination procedure in Article 98(2).
chevron_rightSource text
Source text: “The post-market monitoring system shall be based on a post-market monitoring plan. The post-market monitoring plan shall be part of the technical documentation referred to in Annex IV. The Commission shall adopt an implementing act laying down detailed provisions establishing a template for the post-market monitoring plan and the list of elements to be included in the plan by 2 February 2026. That implementing act shall be adopted in accordance with the examination procedure referred to in Article 98(2).”
In practice: Begin drafting your post-market monitoring plan now using the structure of Annex IV as a guide, and monitor the Commission's publication of the implementing act template expected by 2 February 2026. Ensure your technical documentation framework is flexible enough to incorporate the template once published.
Art. 72(4). For high-risk AI systems already covered by Union harmonisation legislation listed in Annex I Section A that already have post-market monitoring systems, providers may integrate the required monitoring elements into existing systems and plans, provided equivalent protection is achieved. This also applies to certain financial institution AI systems subject to Union financial services law.
chevron_rightSource text
Source text: “For high-risk AI systems covered by the Union harmonisation legislation listed in Section A of Annex I, where a post-market monitoring system and plan are already established under that legislation, in order to ensure consistency, avoid duplications and minimise additional burdens, providers shall have a choice of integrating, as appropriate, the necessary elements described in paragraphs 1, 2 and 3 using the template referred in paragraph 3 into systems and plans already existing under that legislation, provided that it achieves an equivalent level of protection. The first subparagraph of this paragraph shall also apply to high-risk AI systems referred to in point 5 of Annex III placed on the market or put into service by financial institutions that are subject to requirements under Union financial services law regarding their internal governance, arrangements or processes.”
In practice: If your high-risk AI system falls under existing Union harmonisation legislation with an established post-market monitoring system, conduct a gap analysis to determine which additional elements from Article 72 paragraphs 1-3 need to be integrated. Document the integration decision and demonstrate that the combined system achieves equivalent protection to a standalone AI Act monitoring system.
Article 73 - Reporting of serious incidents
Art. 73(1). Providers of high-risk AI systems placed on the EU market must report any serious incident to the market surveillance authorities of the Member State where the incident occurred.
chevron_rightSource text
Source text: “Providers of high-risk AI systems placed on the Union market shall report any serious incident to the market surveillance authorities of the Member States where that incident occurred.”
In practice: Establish an internal incident classification procedure that identifies when an event qualifies as a 'serious incident' under the AI Act, and maintain a registry of relevant market surveillance authority contacts per Member State where your AI system is deployed.
Art. 73(2). The serious incident report must be submitted immediately after establishing a causal link between the AI system and the incident, and no later than 15 days after the provider or deployer becomes aware of the incident, with the timeline adjusted for severity.
chevron_rightSource text
Source text: “The report referred to in paragraph 1 shall be made immediately after the provider has established a causal link between the AI system and the serious incident or the reasonable likelihood of such a link, and, in any event, not later than 15 days after the provider or, where applicable, the deployer, becomes aware of the serious incident. The period for the reporting referred to in the first subparagraph shall take account of the severity of the serious incident.”
In practice: Implement an internal escalation and triage process that starts the 15-day reporting clock from the moment any team member becomes aware of a potential serious incident, and document the causal link assessment as part of the incident record.
Art. 73(3). In the case of a widespread infringement or a serious incident involving a breach of fundamental rights obligations (as defined in Article 3(49)(b)), the report must be provided immediately and no later than two days after the provider or deployer becomes aware of it.
chevron_rightSource text
Source text: “Notwithstanding paragraph 2 of this Article, in the event of a widespread infringement or a serious incident as defined in Article 3, point (49)(b), the report referred to in paragraph 1 of this Article shall be provided immediately, and not later than two days after the provider or, where applicable, the deployer becomes aware of that incident.”
In practice: Create a separate fast-track reporting procedure for widespread infringements and fundamental rights-related incidents, with a 48-hour internal escalation trigger and pre-drafted notification templates ready for immediate submission to market surveillance authorities.
Art. 73(4). When a serious incident results in the death of a person, the report must be submitted immediately after the provider or deployer establishes or suspects a causal relationship with the AI system, and no later than 10 days after becoming aware of the incident.
chevron_rightSource text
Source text: “Notwithstanding paragraph 2, in the event of the death of a person, the report shall be provided immediately after the provider or the deployer has established, or as soon as it suspects, a causal relationship between the high-risk AI system and the serious incident, but not later than 10 days after the date on which the provider or, where applicable, the deployer becomes aware of the serious incident.”
In practice: Establish a specific mortality-related incident protocol that triggers an immediate internal alert and initiates the reporting process as soon as a causal link to the AI system is suspected, with a hard deadline of 10 days from awareness.
Art. 73(6). After reporting a serious incident, the AI system provider must promptly investigate the incident, conduct a risk assessment, and take corrective action, while cooperating with competent authorities and refraining from altering the AI system in ways that could affect the investigation.
chevron_rightSource text
Source text: “Following the reporting of a serious incident pursuant to paragraph 1, the provider shall, without delay, perform the necessary investigations in relation to the serious incident and the AI system concerned. This shall include a risk assessment of the incident, and corrective action. The provider shall cooperate with the competent authorities, and where relevant with the notified body concerned, during the investigations referred to in the first subparagraph, and shall not perform any investigation which involves altering the AI system concerned in a way which may affect any subsequent evaluation of the causes of the incident, prior to informing the competent authorities of such action.”
In practice: Establish a documented incident response procedure that separates the investigation workflow from any system modification pipeline. Ensure that any planned changes to the AI system post-incident are pre-cleared with the competent authority before implementation.
Art. 73(9). For high-risk AI systems listed in Annex III whose providers are already subject to equivalent Union-level reporting obligations, the serious incident notification requirement is limited only to incidents falling under Article 3(49)(c).
chevron_rightSource text
Source text: “For high-risk AI systems referred to in Annex III that are placed on the market or put into service by providers that are subject to Union legislative instruments laying down reporting obligations equivalent to those set out in this Regulation, the notification of serious incidents shall be limited to those referred to in Article 3, point (49)(c).”
In practice: Providers subject to sector-specific Union legislation with equivalent incident reporting requirements should map those obligations against Article 73 to confirm they qualify for this limitation, and document this assessment to demonstrate compliance to market surveillance authorities.
Art. 73(10). For high-risk AI systems that are safety components of, or are themselves, medical devices or in vitro diagnostic devices covered by Regulations (EU) 2017/745 and 2017/746, serious incident notifications are limited to Article 3(49)(c) incidents and must be made to the national competent authority designated by the Member State where the incident occurred.
chevron_rightSource text
Source text: “For high-risk AI systems which are safety components of devices, or are themselves devices, covered by Regulations (EU) 2017/745 and (EU) 2017/746, the notification of serious incidents shall be limited to those referred to in Article 3, point (49)(c) of this Regulation, and shall be made to the national competent authority chosen for that purpose by the Member States where the incident occurred.”
In practice: Providers of AI systems embedded in medical devices should identify the national competent authority designated by each Member State for this purpose and establish a direct notification channel to that authority, ensuring notifications are scoped to Article 3(49)(c) incidents only.
Article 74 - Market surveillance and control of AI systems in the Union market
Art. 74(12). Market surveillance authorities must be granted full access by providers to documentation and training, validation, and testing datasets used for high-risk AI systems, including remote access via APIs where appropriate and subject to security safeguards.
chevron_rightSource text
Source text: “Without prejudice to the powers provided for under Regulation (EU) 2019/1020, and where relevant and limited to what is necessary to fulfil their tasks, the market surveillance authorities shall be granted full access by providers to the documentation as well as the training, validation and testing data sets used for the development of high-risk AI systems, including, where appropriate and subject to security safeguards, through application programming interfaces (API) or other relevant technical means and tools enabling remote access.”
In practice: Providers of high-risk AI systems should establish secure, auditable access mechanisms (e.g., dedicated API endpoints with access logging) to allow market surveillance authorities to inspect training, validation, and testing datasets without compromising security or intellectual property.
Article 80 - Procedure for dealing with AI systems classified by the provider as non-high-risk in application of Annex III
Art. 80(2). If the market surveillance authority finds during evaluation that the AI system is indeed high-risk, it must without undue delay require the provider to bring the system into compliance with all applicable requirements and take corrective action within a prescribed period.
chevron_rightSource text
Source text: “Where, in the course of that evaluation, the market surveillance authority finds that the AI system concerned is high-risk, it shall without undue delay require the relevant provider to take all necessary actions to bring the AI system into compliance with the requirements and obligations laid down in this Regulation, as well as take appropriate corrective action within a period the market surveillance authority may prescribe.”
In practice: Providers should have a compliance readiness plan for high-risk AI requirements so that if reclassified, they can act swiftly within the authority-prescribed timeframe to avoid penalties.
Art. 80(4). The provider must take all necessary action to bring the AI system into compliance; if it fails to do so within the prescribed period, it will be subject to fines under Article 99.
chevron_rightSource text
Source text: “The provider shall ensure that all necessary action is taken to bring the AI system into compliance with the requirements and obligations laid down in this Regulation. Where the provider of an AI system concerned does not bring the AI system into compliance with those requirements and obligations within the period referred to in paragraph 2 of this Article, the provider shall be subject to fines in accordance with Article 99.”
In practice: Providers should immediately initiate compliance gap analyses upon receiving a reclassification notice and document all remediation steps taken to demonstrate good-faith efforts and avoid fines under Article 99.
Art. 80(5). The provider must ensure that all appropriate corrective action is taken for all AI systems it has made available on the Union market that are affected by the reclassification finding.
chevron_rightSource text
Source text: “The provider shall ensure that all appropriate corrective action is taken in respect of all the AI systems concerned that it has made available on the Union market.”
In practice: Providers should maintain a comprehensive inventory of all AI systems placed on the Union market so that when corrective action is required, they can efficiently identify and remediate all affected systems, not just the one under evaluation.
Art. 80(6). If a provider of an AI system classified as non-high-risk fails to take adequate corrective action within the required period, the escalated enforcement procedures set out in Article 79(5) to (9) shall apply automatically.
chevron_rightSource text
Source text: “Where the provider of the AI system concerned does not take adequate corrective action within the period referred to in paragraph 2 of this Article, Article 79(5) to (9) shall apply.”
In practice: Providers should establish internal escalation protocols and timelines for responding to market surveillance authority requests; failure to act within the specified period triggers full Article 79 enforcement, including potential market withdrawal orders.
Art. 80(7). If a market surveillance authority finds during evaluation that a provider deliberately misclassified an AI system as non-high-risk to avoid Chapter III Section 2 requirements, the provider is subject to fines under Article 99.
chevron_rightSource text
Source text: “Where, in the course of the evaluation pursuant to paragraph 1 of this Article, the market surveillance authority establishes that the AI system was misclassified by the provider as non-high-risk in order to circumvent the application of requirements in Chapter III, Section 2, the provider shall be subject to fines in accordance with Article 99.”
In practice: Providers must ensure their risk classification decisions are documented, objective, and defensible; intentional misclassification to avoid high-risk obligations constitutes a sanctionable infringement under Article 99 and should be treated as a serious compliance risk.
Article 82 - Compliant AI systems which present a risk
Art. 82(2). The provider or other relevant operator must ensure that corrective action is taken for all affected AI systems made available on the Union market within the timeline set by the market surveillance authority.
chevron_rightSource text
Source text: “The provider or other relevant operator shall ensure that corrective action is taken in respect of all the AI systems concerned that it has made available on the Union market within the timeline prescribed by the market surveillance authority of the Member State referred to in paragraph 1.”
In practice: Providers should maintain an up-to-date inventory of all AI systems placed on the Union market and establish a corrective action management process that can be triggered promptly upon receipt of a market surveillance authority directive, including tracking deadlines per system.
Bridge to product
Across the AI Act, the obligations that touch personal data converge on the same engineering controls GDPR already requires — and RuleMesh ships those as a ready-to-implement Jira backlog today.
- Risk management (AI Act Art. 9) ↔ GDPR Art. 32 (technical & organisational measures)
- Data governance / bias detection (Art. 10) ↔ GDPR Art. 9 (special categories) + Art. 32
- Automated logging (Art. 12) ↔ GDPR Art. 32 (audit trail / breach detection)
- Human oversight (Art. 14) ↔ GDPR Art. 22 (automated-decision safeguards)
- Deployer DPIA / FRIA (Arts. 26–27) ↔ GDPR Art. 35 (data protection impact assessment)
RuleMesh is not an AI Act compliance product — it implements GDPR control modules. But because the AI Act routes you to the exact GDPR articles RuleMesh already covers, starting with GDPR is your AI Act head start.
Frequently asked questions
Who is a provider under the EU AI Act?
A provider is any natural or legal person, public authority, agency, or other body that develops an AI system or general-purpose AI model, or has one developed on its behalf, and places it on the market or puts it into service under its own name or trademark, whether for payment or free of charge. (Source: AI Act definitions, CELEX 32024R1689.)
How many obligations does the AI Act place on providers?
The RuleMesh knowledge graph identifies 134 obligation paragraphs addressed to the Provider role, across Articles 2, 4, 5, 6, 8, 9, 10, 11, 12, 13, 14, 15, 16, 17, 18, 19, 20, 21, 22, 25, 36, 41, 43, 44, 46, 47, 48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 59, 60, 61, 63, 72, 73, 74, 80, 82.
When do AI Act providers obligations apply?
Most obligations relating to high-risk AI systems apply from 2 August 2026. Obligations for providers of general-purpose AI models and the AI Act's governance framework apply from 2 August 2025, and the Article 5 prohibitions applied from 2 February 2025.
Do the AI Act providers obligations overlap with GDPR?
Yes. The AI Act repeatedly references specific GDPR articles and does not override GDPR — for example special-category data for bias detection (GDPR Art. 9), data protection impact assessments (GDPR Art. 35), and the technical and organisational measures of GDPR Art. 32. The two regulations require the same engineering controls.
Source data: RuleMesh knowledge graph — Fuseki legalrules dataset, CELEX 32024R1689 (EU AI Act), with cross-references resolved into CELEX 32016R0679 (GDPR). This page is education and reference only — it is not legal advice. RuleMesh's product offer is GDPR control modules in Jira.
GDPR Article 32 is your AI Act head start.
The AI Act and GDPR call for the same engineering work: risk management (Art. 9 ↔ GDPR Art. 32), data governance (Art. 10 ↔ GDPR Art. 9), logging (Art. 12 ↔ GDPR Art. 32), human oversight (Art. 14 ↔ GDPR Art. 22), incident reporting (Arts. 72/73 ↔ GDPR Arts. 33/34). RuleMesh delivers the GDPR side today: structured IT requirements your engineers and AI agents implement through the MCP. The AI Act's requirements are coming to the same MCP.