Regulation
EU 2024/1689
The world's first comprehensive AI regulation is now in force. This guide breaks down what the law requires, which systems are affected, and what companies building or deploying AI in Europe need to do — and by when.
The EU AI Act is the first binding horizontal regulation for artificial intelligence globally. It applies to any organisation that develops, deploys, or markets AI systems within the EU — regardless of where the organisation is incorporated. If your outputs reach EU users, you are in scope.
The law takes a risk-based approach: it does not treat all AI equally. The higher the potential harm a system can cause, the stricter the obligations. At one end sit outright prohibitions; at the other, minimal transparency rules for everyday chatbots and recommendation engines.
For companies building production AI — LLM APIs, agentic systems, RAG pipelines, HR automation — the Act introduces concrete engineering and governance requirements that need to be designed in, not bolted on after deployment.
The Act classifies every AI system into one of four categories. Your tier determines your obligations.
Absolute ban. Eight categories of AI that may never be placed on the market or put into service under any circumstances.
Fine: €35M or 7% turnoverEight critical domains (biometrics, employment, access to essential services…). Comprehensive technical and governance obligations apply before deployment.
Fine: €15M or 3% turnoverGeneral-purpose AI, chatbots, synthetic content generators. Transparency obligations: users must know they are interacting with AI.
Fine: €15M or 3% turnoverSpam filters, recommendation engines, most B2B AI tools. No mandatory obligations — voluntary codes of practice are encouraged.
No mandatory fine tierThese eight applications are banned entirely. No business justification, no exemption, no grace period — enforcement started 2 August 2025.
Systems that use subliminal techniques or exploit psychological vulnerabilities to distort behaviour in ways that cause harm.
AI targeting people based on age, disability, or socioeconomic status to influence their decisions against their own interests.
Evaluating or classifying natural persons based on social behaviour or personal characteristics over time, leading to detrimental treatment.
Risk assessment of individuals based solely on profiling to predict future criminal behaviour.
Scraping the internet or CCTV footage to build biometric databases without targeted collection.
Inferring emotional state of workers or students in workplace or educational settings.
Classifying individuals by race, political opinion, religion, sexual orientation, or trade-union membership from biometric data.
Live facial recognition in publicly accessible spaces by law enforcement — with narrow, defined exceptions only.
AI systems operating in any of these areas are classified high-risk and must meet the full compliance framework before deployment.
Face recognition, fingerprint, emotion detection used to identify or categorise individuals.
Safety components in energy, water, transport, digital infrastructure systems.
Admission decisions, performance assessment, exam monitoring at educational institutions.
Recruitment, task allocation, performance monitoring, termination, promotion decisions.
Credit scoring, insurance, social benefits, housing applications, healthcare triage.
Crime risk assessment, evidence evaluation, polygraph-like tools, predicting reoffending.
Asylum and visa applications, border crossing risk assessment, travel document verification.
Legal research tools that influence court decisions, election-related AI systems.
Article 6(3) exception: Even if an AI system falls under Annex III, it may be reclassified as non-high-risk if it performs a narrow procedural task (e.g. document indexing, spam filtering), improves a human decision already completed, only detects anomalies for human review, or serves as a preparatory step (translation, search, classification) — unless it involves profiling, in which case it is always high-risk.
Providers of high-risk AI systems must satisfy all eleven requirements before placing a system on the market or into service.
Continuous lifecycle process: identify, estimate, evaluate, and mitigate risks throughout development and operation.
Training, validation, and test datasets must meet quality criteria, cover relevant populations, and be screened for bias.
Annex IV-compliant documentation drawn up before market placement and kept up-to-date for the system's lifetime.
Event-level logs that enable post-hoc verification of outputs. Minimum retention period applies per use case.
Deployers receive instructions for use sufficient to understand capabilities, limitations, and appropriate oversight.
System must be designed so that humans can monitor, intervene, override, or halt operation at any time.
Resilience against adversarial inputs, data poisoning, prompt injection, and model manipulation attacks (Art. 15(10)).
Documented procedures covering design, testing, monitoring, incident response, and post-market surveillance.
Written declaration that the system meets all applicable requirements. Must accompany the system and be kept updated.
CE mark affixed to indicate conformity. Required before market placement for high-risk AI systems.
High-risk AI systems must be registered in the EU-wide AI database maintained by the AI Office prior to deployment.
Deployers — organisations that use a high-risk AI system in a professional context — carry their own obligations under Art. 26: follow instructions of use, inform affected employees, monitor outputs, conduct a Fundamental Rights Impact Assessment (FRIA) where required, and retain logs for inspection.
If your system is built on or integrates a general-purpose AI model (GPT, Claude, Llama, Mistral…), additional obligations apply to both the model provider and to you as a downstream integrator.
GPAI model providers must maintain technical documentation per Annex XI and make it available to downstream providers so they can fulfil their own compliance obligations.
Downstream integrators must receive enough information about training data, capabilities, and known limitations to assess the risk profile of their deployed application.
GPAI models trained with compute above 10²⁵ FLOPs are classified as posing systemic risk. Their providers face additional obligations: adversarial testing, incident reporting, and cybersecurity measures.
Providers of systemic-risk GPAI models must report energy consumption during training and inference as part of their ongoing oversight obligations.
For most enterprise AI teams integrating third-party foundation models, the primary obligation is to ensure your vendor agreement gives you access to the information needed to complete your own risk assessment — and to document how you have evaluated the model for the specific use case you deploy it in.
The Act has a phased rollout. The window to prepare for full enforcement is now open.
The regulation is published and binding. The two-year transition clock starts. Organisations should begin classification and gap analysis immediately.
All organisations must ensure their staff who work with AI have sufficient AI literacy — training programmes need to be in place.
Article 5 bans are live. Any system performing a prohibited function must be decommissioned. GPAI provider obligations also begin.
The complete high-risk framework (Arts. 6–49), deployer obligations (Art. 26), and transparency rules (Art. 50) are enforceable. No further transition period.
Extended deadline for high-risk AI systems that are safety components of products already covered by EU product safety legislation (medical devices, machinery, etc.).
Penalties are structured as the higher of a fixed amount or a percentage of global annual turnover. For SMEs, the lower of the two thresholds applies.
| Infringement | Articles | Maximum Fine |
|---|---|---|
| Deploying a prohibited AI application | Art. 5 | €35,000,000 or 7% of global turnover |
| Failing to meet high-risk provider / deployer obligations | Arts. 16–29 | €15,000,000 or 3% of global turnover |
| Transparency failures (no AI disclosure, unlabelled deepfakes) | Art. 50 | €15,000,000 or 3% of global turnover |
| Cybersecurity failures in high-risk systems (prompt injection, data poisoning) | Art. 15 | €15,000,000 or 3% of global turnover |
| Providing incorrect, incomplete, or misleading information to authorities | Art. 99(4) | €7,500,000 or 1% of global turnover |
SMEs and start-ups are subject to the lower of the applicable fixed amount or the percentage-of-turnover calculation.
Compliance is an engineering problem first. The logging, human oversight hooks, cybersecurity hardening, and documentation the Act requires are most efficiently built into the system architecture — not retrofitted later. We design AI Act-ready infrastructure by default.
On-prem or EU-hosted deployments where data, models, and inference never leave your controlled boundary — satisfying Art. 15 and GDPR simultaneously.
Event-level observability built into every pipeline — structured logs, trace IDs, and retention policies aligned with Art. 12 requirements.
We map your AI inventory against Annex III, apply the Art. 6(3) exception analysis, and produce the technical documentation foundation you need.