Monday, July 6, 2026

EU AI ACT Summary and Key Points and Articles


EU AI ACT.  Regulation (EU) 2024/1689


Executive Summary

Most organizations are unlikely to fall into the prohibited or high-risk use of AI systems and are likely not covered by this act, but for the rest of you - enjoy!  


For those of you not using AI for any prohibited uses like: profiling, facial recognition, social scoring, creating vulnerabilities, etc or high-risk uses listed below, by simply understanding how the system works, ensuring it is transparent and informing people it is being used will get you far.


There is a lot to ingest here, so I have strived to only include the important parts. If you feel like there's something I've missed, please let me know and I'll edit. 


For any organizations covered by Annex III (High-risk AI systems referred to in Article 6(2)) - including financial services, healthcare, HR, law enforcement, critical infrastructure, and public administration - the following actions are most relevant:


  • Inventory: Inventory all AI systems in use or under development and classify each against Annex III use cases.
  • FRIA: Conduct fundamental rights impact assessments for any systems likely to fall into high-risk categories.
  • Risk Mgmt: Build or integrate a risk management system that is continuous, iterative, and documented.
  • Data Governance: Assess data governance practices for training, validation, and testing datasets used in high-risk systems - including bias examination and representation.
  • Human Oversight: Implement or update human oversight procedures so operators can detect, override, and halt AI outputs (HItL).
  • Registration: Register high-risk systems in the EU database before operating.
  • Post-Market: Establish a post-market monitoring program with defined metrics, incident reporting procedures, and feedback loops for corrective action.
  • GPAI Providers: For GPAI providers: begin technical documentation, downstream provider information packages, and copyright compliance policies now - obligations apply from 2 August 2025.



EU AI Act (2024/1698) Key Points and Articles


The EU AI Act (Regulation 2024/1689) is the first comprehensive legal framework for artificial intelligence in the world. Its primary goal is to create uniform rules across the EU for how AI systems are developed and used while maintaining high protection for health, safety, fundamental rights, democracy, and the rule of law.


The Regulation applies to:

  • Providers that develop or market AI systems or general-purpose AI models in the EU, regardless of where they are established.
  • Deployers - organizations or individuals using an AI system under their authority within the EU.
  • Importers and distributors in the AI supply chain.
  • Product manufacturers incorporating AI systems into regulated products.


NOTE: The Act does not apply to AI systems used exclusively for military, national security, or research and development purposes, nor to open-source models (with limited exceptions for high systemic risk).

Important Definitions (Article 3)


Term

Definition

AI System

A machine-based system that operates with varying levels of autonomy, may show adaptiveness after deployment, and - for explicit or implicit objectives - infers from input data how to generate outputs such as predictions, content, recommendations, or decisions influencing physical or virtual environments.

Risk

The combination of the probability of an occurrence of harm and the severity of that harm;

Provider

Any natural or legal person, public authority, or other body that develops an AI system or general-purpose AI model (or has one developed) and places it on the market or puts it into service under its own name or trademark.

Deployer

Any natural or legal person, public authority, or body using an AI system under its own authority - except personal, non-professional use.

Output

Predictions, content (text, images, audio, video), recommendations, or decisions produced by an AI system that can influence physical or virtual environments.

Intended Purpose

The use for which an AI system is intended by the provider, as specified in instructions, promotional materials, and technical documentation.

Reasonably Foreseeable Misuse

Use of an AI system outside its intended purpose that could result from reasonably foreseeable human behavior or interaction with other systems.

General-Purpose AI Model (GPAI)

An AI model trained on large amounts of data with self-supervision at scale, displaying significant generality and capable of competently performing a wide range of distinct tasks - able to be integrated into many downstream applications.

Systemic Risk

Risk specific to high-impact GPAI models that, due to reach or foreseeable negative effects on public health, safety, security, fundamental rights, or society as a whole, can be propagated at scale across the AI value chain.

Serious Incident

An incident or malfunction leading to death, serious physical harm, severe disruption to critical infrastructure, infringement of fundamental rights obligations, or serious harm to property or the environment.

Deep Fake

AI-generated or manipulated image, audio, or video content resembling real persons, objects, places, or events that would falsely appear authentic to a reasonable person.

Risk Classification

The systems’ classification determines which requirements apply.



Prohibited Practices (Article 5)


The following AI practices are banned outright and may never be placed on the market or used in the EU:

  • Subliminal or deceptive manipulation of behavior causing significant harm to the person or others.
  • Exploitation of vulnerabilities (age, disability, socioeconomic situation) to materially distort behavior in a harmful way.
  • Social scoring systems by public authorities that produce detrimental effects in unrelated social contexts or disproportionate to the behavior assessed.
  • Predictive profiling for criminal risk assessment based solely on personality traits (not objective, verifiable facts).
  • Facial recognition database expansion through untargeted scraping of internet or CCTV images.
  • Emotion inference in workplace or educational settings (except medical or safety uses).
  • Biometric categorisation that infers race, political opinion, union membership, religion, sex life, or sexual orientation.
  • Real-time remote biometric identification in publicly accessible spaces for law enforcement - except in strictly defined emergencies (trafficking victims, imminent terrorist threats, serious criminal investigations) with mandatory judicial or administrative authorization.


WARNING: Violations of the prohibited practices list carry the highest fines in the Act: up to €35 million or 7% of global annual turnover, whichever is higher.



High-Risk AI Systems (Articles 6–7, as Amendments to Annex III)


A system is high-risk under two separate tracks:


Track A - Product Safety Integration (Article 6(1)): An AI system qualifies as high-risk if it serves as a safety component of a product covered by EU harmonisation legislation (e.g., medical devices, machinery, aviation) and that product requires third-party conformity assessment.


Track B - Annex III Use Case List (Article 6(2)): Regardless of track A, any AI system falling within the following eight areas is presumptively high-risk:


Term

Definition

1. Biometrics

Remote biometric identification systems; biometric categorisation by sensitive attributes; emotion recognition systems.

2. Critical Infrastructure

Safety components in management of critical digital infrastructure, road traffic, water, gas, heating, or electricity supply.

3. Education & Vocational Training

Systems determining access to educational institutions; evaluating learning outcomes; assessing educational level; monitoring students during exams.

4. Employment

Systems used in recruitment and selection; systems affecting promotions, terminations, task allocation, or performance monitoring of workers.

5. Essential Services

Systems evaluating eligibility for public assistance/healthcare; creditworthiness and credit scoring; life and health insurance risk/pricing; emergency call triage and dispatch prioritization.

6. Law Enforcement

Systems assessing victimisation risk; polygraph substitutes; evaluating evidence reliability; recidivism/offending risk assessment; criminal profiling.

7. Migration & Border Control

Polygraph substitutes; risk assessment of persons entering/in the EU; asylum/visa/residence permit examination assistance; biometric identification in border contexts.

8. Administration of Justice

Systems assisting judicial authorities in fact-finding or applying law; systems influencing election or referendum outcomes or voter behavior.

Exclusions: A system in Annex III is not high-risk if it only performs a narrow procedural task, only improves a previously completed human activity, detects patterns without influencing prior human assessments, or performs a preparatory task - provided it does not profile natural persons.


NOTE: Profiling of natural persons always triggers high-risk classification, even if the system would otherwise qualify for an exclusion.



Requirements for High-Risk AI Systems (Section 2, Articles 9–27)

High-risk AI systems must satisfy eight mandatory technical and governance requirements before being placed on the market or put into service.


Risk Management System (Article 9)

Providers must establish, document, and maintain a continuous, lifecycle-spanning risk management system covering: (a) identification and analysis of all known and reasonably foreseeable risks to health, safety, or fundamental rights; (b) estimation and evaluation of risks from intended use and foreseeable misuse; (c) evaluation of post-market monitoring data; and (d) adoption of targeted risk mitigation measures. Testing against pre-defined metrics must occur throughout development and prior to market placement. Systems likely to affect minors must account for that in the risk assessment.


Data and Data Governance (Article 10)

Training, validation, and testing datasets must meet quality criteria appropriate to the system's intended purpose. Providers must address data collection practices, labeling and preprocessing, bias examination, and data gap identification. Datasets must be sufficiently representative, free of errors to the extent practicable, and include relevant contextual characteristics. Special-category personal data may only be processed for bias detection with strict safeguards and subject to deletion once bias correction is complete.


Technical Documentation (Article 11)

Comprehensive technical documentation must be drawn up before market placement and kept current. It must enable competent authorities and notified bodies to assess compliance and contain all elements specified in Annex IV (including system description, design specifications, training methodology, performance metrics, and monitoring information). SMEs may use a simplified form established by the Commission.


Record-Keeping and Logging (Article 12)

High-risk systems must technically allow automatic event logging over their lifetime. Logging must capture situations that could present risk, support post-market monitoring, and enable traceability. For biometric identification systems specifically, logs must record: session start/end times; the reference database checked; input data leading to a match; and the identities of verification personnel.


Transparency and Deployer Information (Article 13)

Systems must be designed for sufficient transparency to allow deployers to interpret outputs and use them appropriately. Instructions for use must include: provider identity and contact details; intended purpose; accuracy levels and metrics; known limitations and foreseeable risks; human oversight requirements; computational/hardware requirements; and log interpretation guidance.


Human Oversight (Article 14)

High-risk systems must be designed to be effectively overseen by natural persons during operation. Oversight measures must be proportionate to risk and level of autonomy. Deployers must be enabled to: understand the system's capabilities and limitations; detect anomalies; avoid automation bias; correctly interpret outputs; override or disregard outputs; and physically halt the system. For remote biometric identification systems, at least two qualified humans must separately verify any identification before any action or decision is taken based on it.


Accuracy, Robustness, and Cybersecurity (Article 15)

Systems must achieve appropriate accuracy and robustness throughout their lifecycle. They must be resilient against errors, faults, inconsistencies, and adversarial attacks. Required cybersecurity protections cover: data poisoning, model poisoning, adversarial examples, model evasion, confidentiality attacks, and model flaws. Continuous-learning systems must prevent feedback loops that could propagate biased outputs.


Providers (Article 16)

  • Ensure the high-risk system complies with all High-risk Requirements listed earlier.
  • Draw up technical documentation and maintain it throughout the lifecycle.
  • Implement a quality management system.
  • Conduct required conformity assessment procedures.
  • Register the AI system in the EU database before market placement.
  • Affix CE marking and issue an EU declaration of conformity.
  • Establish post-market monitoring and report serious incidents.
  • Take corrective actions if the system does not conform; recall or withdraw if necessary.


Quality Management System (Article 17)

Providers must implement a quality management system documenting: compliance strategies; design and development techniques; testing procedures; post-market monitoring plans; serious incident reporting procedures; and responsibilities across their organization. This system must be proportionate to the size of the provider and the risk level of the system.


Documentation Keeping (Article 18)

Providers must retain technical documentation, quality management records, conformity declarations, and notified body decisions for 10 years post-market. Auto-generated system logs must be kept for at least 6 months. Financial institutions fold these into their existing regulatory documentation requirements.

Automatically generated logs (Article 19)

Providers of high-risk AI systems shall keep the logs referred to in Article 12(1), automatically generated by their high-risk AI systems, to the extent such logs are under their control. Without prejudice to applicable Union or national law, The logs shall be kept for a period appropriate to the intended purpose of the high-risk AI system, of at least six months, unless provided otherwise in the applicable Union or national law, in particular in Union law on the protection of personal data.

2. Providers that are financial institutions subject to requirements regarding their internal governance, arrangements or processes under Union financial services law shall maintain the logs automatically generated by their high-risk AI systems as part of the documentation kept under the relevant financial services law.


Corrective actions (Article 20)

If a system falls out of conformity, providers must act immediately, whether that means fixing, withdrawing, disabling, or recalling it, and notify all relevant parties including distributors, deployers, and market surveillance authorities.

Regulator cooperation (Article 21)

Providers must hand over any documentation or system logs a competent authority requests, in an official EU language. Authorities are bound by confidentiality obligations on anything they receive.

Third-country providers (Article 22)

Non-EU providers must appoint an EU-based authorized representative before entering the market. That rep holds key documents, responds to regulators, and can terminate the mandate if the provider goes rogue, with immediate notification to authorities.

Importers (Article 23)

Before placing a system on the market, importers must verify conformity assessment was completed, documentation is in order, CE marking is present, and an authorized rep is appointed. They keep records for 10 years and must cooperate with authorities on request.


Distributors (Article 24)

Before putting a system on the market, distributors must verify CE marking, conformity documentation, and that upstream parties met their obligations. If something looks off, they hold the system back. They're also responsible for maintaining proper storage and transport conditions, and must cooperate with authorities on request.


Value chain responsibility "if you touch it, you own it" (Article 25)

A distributor, importer, or deployer becomes the provider (with all associated obligations) if they rebrand the system, make a substantial modification, or repurpose a non-high-risk system into a high-risk one. When that happens, the original provider steps back but must still cooperate and share necessary technical information. Supply chain agreements between providers and third-party tool/component suppliers must be formalized in writing, spelling out what each party owes the other to maintain compliance.


Deployers (Article 26)

Deployers must follow the instructions for use, assign qualified humans for oversight, keep system logs for at least 6 months, monitor for risks, and report serious incidents up the chain. Before deploying at a workplace, they must inform affected workers. Public authority deployers must check the EU database before using any system. Law enforcement use of post-remote biometric identification is tightly restricted, requiring prior judicial or administrative authorization in almost all cases, with mandatory annual reporting and strict prohibitions on untargeted use.


Fundamental rights impact assessment (Article 27)

Public bodies and certain private entities deploying high-risk AI must assess potential impacts on fundamental rights before first use. The assessment covers affected populations, specific risks, human oversight measures, and internal remediation plans. Results get submitted to the market surveillance authority. If a GDPR data protection impact assessment already covers some of this ground, the fundamental rights assessment supplements rather than replaces it.


AI Literacy (Article 4)

Both providers and deployers must take measures to ensure sufficient AI literacy for all staff involved in operating or using AI systems taking into account technical knowledge, experience, education, and context of use.


Transparency Obligations for General AI Systems (Article 50)

Separate from the high-risk framework, Article 50 imposes transparency duties on certain AI systems regardless of risk level:

  • AI chatbots and conversational systems must inform users they are interacting with AI (unless obvious from context).
  • Systems generating synthetic audio, images, video, or text must mark outputs in machine-readable format detectable as artificially generated or manipulated.
  • Deployers of emotion recognition or biometric categorisation systems must notify affected individuals of the system's operation.
  • Deployers of deep fake generation systems must disclose that content is artificially generated or manipulated. An exception exists for clearly artistic or satirical works, though disclosure must still occur in an appropriate manner.
  • AI-generated text published to inform the public on matters of public interest must be disclosed as such, unless subject to editorial review by a person with editorial responsibility.


General-Purpose AI Models (Chapter V)

Chapter V creates a distinct regime for GPAI models - recognizing that foundational models present risks and obligations that differ from deployed AI systems. Obligations scale with whether the model carries systemic risk.


Standard GPAI Obligations (Article 53)

  • Maintain up-to-date technical documentation of the model including training process and evaluation results.
  • Provide downstream providers with sufficient information to understand capabilities and limitations and comply with their own obligations under the Act.
  • Implement a copyright compliance policy, including honoring rights-reservation expressions under the EU Digital Single Market Directive.
  • Publish a sufficiently detailed summary of training data, using the AI Office's template.


NOTE: Open-source GPAI models are exempt from documentation and downstream provider information obligations - unless they carry systemic risk.

GPAI Models with Systemic Risk (Article 55)

A GPAI model carries systemic risk if it has high-impact capabilities matching or exceeding the most advanced models, or is so determined by the Commission based on training compute exceeding 10^25 FLOPs. In addition to standard GPAI obligations, these providers must:

  • Conduct and document adversarial testing (red-teaming) using standardized protocols.
  • Assess and mitigate systemic risks at Union level from development, market placement, or use.
  • Report serious incidents and corrective measures to the AI Office without undue delay.
  • Maintain adequate cybersecurity protection for the model and its physical infrastructure.


Enforcement and Penalties (Articles 99–101)


Penalties are tiered by severity of infringement:


Violation Type

Maximum Fine

Prohibited AI practices (Art. 5)

Up to €35M or 7% of global annual turnover

Provider/deployer obligations (Art. 16, 22–26, 50)

Up to €15M or 3% of global annual turnover

Misleading regulators (Art. 99(5))

Up to €7.5M or 1% of global annual turnover

GPAI providers - Commission fines (Art. 101)

Up to €15M or 3% of global annual turnover


NOTE: Penalties for prohibited AI practices and operator obligation violations take effect from 2 August 2025 - before the main Regulation applies in full.

Implementation Timeline


Date

Milestone

2 February 2025

Chapters I & II apply - definitions, prohibited practices take effect

2 August 2025

GPAI obligations (Chapter V), governance structure, penalty rules take effect; codes of practice due

2 February 2026

Commission must issue guidelines on high-risk classification

2 August 2026

Full Regulation applies - all high-risk system requirements mandatory; AI regulatory sandboxes operational

2 August 2027

Art. 6(1) product-safety-linked high-risk requirements apply

NOTE: Even organizations that do not develop AI systems face obligations as deployers - including AI literacy, oversight implementation, and incident reporting. The Act's supply chain logic means downstream deployers share accountability for how high-risk systems are used.

No comments: