What is AI regulation in the European Union?
AI regulation: countries and regions
AI regulation in the European Union is centred on the EU AI Act, a directly applicable Regulation that governs AI by risk level. It bans a narrow set of unacceptable practices, imposes strict duties on high-risk AI systems, sets transparency rules for some other AI uses, and creates a separate regime for general-purpose AI models. Enforcement is split between national authorities, notified bodies, the European Commission's AI Office and, for EU institutions and bodies, the European Data Protection Supervisor.
What this means
When people talk about EU AI regulation, they usually mean the AI Act, not just GDPR. The Act is a market and governance rulebook for AI systems and some general-purpose models. It tells organisations what is banned, what needs pre-market checks and documentation, and what has to be monitored after launch.
The core idea is that not every AI use deserves the same treatment. Most routine uses sit outside the main duty bundle. Systems used in fields like hiring, education, credit, insurance, critical infrastructure, migration, policing and justice can trigger the high-risk regime, while some chatbot and synthetic-content uses mainly trigger transparency duties.
The Act is being applied in stages. Prohibited practices and AI literacy duties already apply. Governance rules and the regime for general-purpose AI models also apply. Under the current text on EUR-Lex, the main body applies from 2 August 2026, with some product-related high-risk obligations later, though a May 2026 political agreement under the Digital Omnibus would defer several of these dates (see Risks and boundaries).
Why it matters
For organisations, the AI Act changes AI from a loose ethics topic into a governed business function. It affects product design, procurement, model selection, vendor contracts, documentation, staffing, complaint handling, incident response and board oversight. It also matters before launch, not only after harm occurs, because high-risk systems can require conformity work, registration and oversight before market placement or first use.
It also changes buyer behaviour. A business that only deploys third-party AI is not outside scope. Buyers need to know whether they are merely deployers, whether a provider has completed the required pre-market work, whether the use sits in a prohibited or high-risk category, and whether the organisation could become the provider by rebranding, substantially modifying or repurposing a system. The penalty exposure is material, but so are procurement delays, withdrawal risk and trust damage.
How it works
The AI Act is the core EU instrument
The AI Act is Regulation (EU) 2024/1689. Because it is a Regulation, it applies directly across the EU rather than needing national transposition in the way a Directive would. It covers providers placing AI systems or general-purpose AI models on the EU market, deployers in the EU, and certain third-country providers and deployers where the AI system's output is used in the Union. That gives it a meaningful extra-territorial reach.
It entered into force on 1 August 2024. Under the legal text currently published on EUR-Lex, the Act applies generally from 2 August 2026, with Chapters I and II applying from 2 February 2025, governance and general-purpose AI model rules applying from 2 August 2025, and Article 6(1) plus linked obligations applying from 2 August 2027. In practice, that means some duties are already present, while the wider high-risk regime is still moving into full effect, and a May 2026 Digital Omnibus agreement would push several high-risk dates back (set out under Risks and boundaries).
Risk categories decide the depth of regulation
The Act does not regulate AI as one single class. It sorts uses into different legal buckets.
At the strictest end are prohibited practices. These include harmful manipulation, exploiting vulnerabilities linked to age, disability or social or economic situation, social scoring, certain criminal-risk prediction based solely on profiling or personal traits, untargeted scraping of facial images to build recognition databases, emotion inference in workplaces and education except for medical or safety reasons, certain biometric categorisation, and real-time remote biometric identification in public spaces for law enforcement except under narrow statutory conditions and safeguards.
The next major layer is high-risk AI. This covers two broad groups. First, AI used as safety components of products, or AI products themselves, where relevant EU product law already requires third-party assessment. Second, AI uses listed in Annex III, such as biometrics, critical infrastructure, education, employment, essential services like credit and certain insurance uses, law enforcement, migration and asylum, and administration of justice and democratic processes.
There is also a transparency layer for some AI that is neither banned nor necessarily high-risk. Users generally need to know when they are interacting with an AI system, unless that is obvious. Synthetic audio, image, video or text outputs must be marked in technically appropriate ways, and deepfakes or certain public-interest text uses must be disclosed. Most low-risk AI uses, such as everyday assistive or back-office tools, do not receive their own heavy AI Act duty bundle, although other law can still apply.
High-risk AI triggers pre-market and lifecycle duties
High-risk classification is where the Act becomes operationally demanding. Providers of high-risk AI systems must run a risk-management process, manage data quality and data governance appropriately, prepare technical documentation, enable logging, give clear instructions for use, design for human oversight, and meet accuracy, robustness and cybersecurity requirements. They also need a quality management system.
Before a high-risk system is placed on the market or put into service, the provider must complete the relevant conformity assessment route, draw up an EU declaration of conformity and, where required, affix the CE marking. For most Annex III systems, registration in the EU database is also part of the picture. After launch, providers must monitor the system, investigate serious incidents and take corrective action where necessary.
Deployers have their own duties. They must use high-risk systems in line with the provider's instructions, assign competent human oversight, monitor operation, keep logs under their control for an appropriate period, and escalate risks or serious incidents. Where the system is used at work, deployers who are employers must inform workers and their representatives before use. Public authorities, private entities providing public services, and deployers of certain financial use cases such as creditworthiness assessment and life or health insurance risk assessment and pricing must also perform a fundamental rights impact assessment before first use.
A practical trap sits in the value chain. If an importer, distributor, deployer or other third party rebrands a high-risk system, makes a substantial modification, or changes the intended purpose so that a system becomes high-risk, that actor can become the legal provider. In other words, the Act does not let a business escape responsibility simply because it started by buying someone else's tool.
General-purpose AI models have their own rule set
The AI Act does not only regulate finished systems. It also has a separate chapter for general-purpose AI models, because model providers can shape risk far upstream from the final application.
Providers of general-purpose AI models must keep technical documentation, provide downstream system providers with information they need to understand capabilities and limits, maintain a policy for compliance with EU copyright and related rights, and publish a sufficiently detailed summary of the content used for training. Some of the documentation duties are relaxed for models released under a free and open-source licence with public access to weights and related model information, but that carve-out does not extend to models with systemic risk.
For general-purpose AI models with systemic risk, the Act adds a stricter layer. Those providers must carry out model evaluations, conduct and document adversarial testing, assess and mitigate systemic risks at Union level, report serious incidents without undue delay, and ensure an appropriate level of cybersecurity. The Commission can treat a model as systemic-risk not only through a compute threshold presumption, but also through a designation route informed by expert warning and risk criteria.
This is the area where the AI Office plays the clearest front-line role. For many businesses, that means the compliance question is no longer only "Is my product high-risk?" but also "What model regime sits underneath it, and what evidence can I obtain from the upstream model provider?"
Enforcement is shared between EU and national bodies
The Act's enforcement architecture is deliberately split. The European Commission develops expertise through the AI Office, and the AI Office plays the lead role on general-purpose AI models. It also supports consistent implementation across Member States and provides tools, templates and operational support.
The European Artificial Intelligence Board, made up of Member State representatives and supported by the AI Office, helps coordinate national practice. The Advisory Forum brings in external expertise from industry, start-ups, civil society and academia. The Scientific Panel of independent experts supports enforcement, especially for general-purpose AI, and can issue qualified alerts about possible systemic risks.
At national level, each Member State must designate at least one market surveillance authority and at least one notifying authority. Market surveillance authorities enforce the rules for AI systems, including prohibitions, transparency duties and high-risk compliance, under the wider EU market-surveillance framework. Notifying authorities oversee notified bodies, which carry out third-party conformity work where the law requires it. In some sectors, such as finance or product safety, a sector regulator can serve as the relevant market surveillance authority.
The Act also gives special access and cooperation rights to authorities that protect fundamental rights, so enforcement does not sit only inside product-style supervision. For EU institutions, bodies, offices and agencies, the EDPS acts as the competent authority, market surveillance authority and, where relevant, notified body.
Standards, technical files and conformity routes make it operational
The AI Act is written as a framework Regulation. It sets legal requirements at a relatively high level, then relies on standards, technical documentation and conformity routes to turn those requirements into evidence.
Harmonised European standards are voluntary, but once their references are published in the Official Journal of the European Union they give a presumption of conformity. That matters because providers can use them as a practical route to show compliance. If suitable standards do not exist, are late, or do not adequately address the legal requirements, the Commission can adopt common specifications as a fallback.
For high-risk systems, conformity routes differ. Certain systems can rely on internal control. Others need notified-body involvement, especially where the Act says so or where harmonised standards or common specifications are missing or not applied. Product-linked AI under Annex I follows the relevant sectoral conformity route, with the AI Act requirements folded into that process.
As of 4 June 2026, this operational layer is still maturing. The Commission has issued guidance on prohibited practices, the AI system definition, AI literacy and the scope of general-purpose AI model obligations, and has published draft guidance on high-risk classification. But guidance is not the same thing as law, and harmonised standards are still being developed. That is why serious compliance work still starts with the Regulation itself, then adds guidance, sector rules and standards as they become available.
Examples
Hiring software. A provider selling CV-filtering or candidate-evaluation software into the EU is likely dealing with a high-risk use in employment. Before market placement, the provider needs the high-risk compliance package. The deploying employer then has to use the tool in line with instructions, assign trained human oversight, monitor use, keep logs under its control where applicable, and inform workers if the system is used in the workplace. If the employer substantially modifies the tool or changes its intended purpose, it can step into the legal role of provider.
Credit and insurance. A lender using AI to evaluate the creditworthiness of a natural person, or an insurer using AI for life or health risk assessment and pricing, is in a named high-risk area. Those uses need more than vendor assurance. Depending on the deployer category, a fundamental rights impact assessment may be needed before first use, and the organisation must organise oversight, monitoring, record-keeping and incident escalation around the system.
General-purpose model provider. A provider of a general-purpose AI model that crosses the systemic-risk threshold, or is designated by the Commission after expert warning, moves into the stricter GPAI layer. That means model evaluation, documented adversarial testing, Union-level systemic risk assessment and mitigation, serious incident reporting to the AI Office, and cybersecurity controls around the model and its infrastructure.
Common misunderstandings
"The EU has banned AI." No. The Act bans a limited list of practices and regulates some other uses more heavily.
"It is basically GDPR for algorithms." No. GDPR still governs personal data, while the AI Act adds separate rules on classification, documentation, transparency, oversight, conformity and market surveillance.
"Only the original developer has duties." No. Deployers, importers, distributors, authorised representatives and some modifiers can all carry direct obligations.
"Open source means exempt." No. There is no blanket exemption, and systemic-risk general-purpose models remain in scope.
"If a tool is not high-risk, the AI Act does nothing." Not always. Some systems still trigger transparency duties, and many other legal regimes may still apply.
Risks and boundaries
The hard part is often classification, not the headline rule. Whether software meets the Act's definition of an AI system, whether a use falls inside Annex III, whether a derogation from high-risk status is available, and whether a change is substantial can all be fact-specific. Commission guidance helps, but it is non-binding and can evolve over time.
The AI Act is also not a complete AI law in the everyday sense. It does not replace GDPR, employment law, product safety law, financial regulation, anti-discrimination rules, consumer protection or cybersecurity duties. In many cases organisations have to satisfy several regimes at once. That is why an AI Act workstream cannot sit only with legal or only with engineering.
The main near-term uncertainty is timing for some high-risk obligations. As of 4 June 2026, the AI Act text on EUR-Lex still points to 2 August 2026 as the general application date and 2 August 2027 for Article 6(1) and linked obligations. However, a provisional political agreement reached in May 2026 under the Digital Omnibus simplification package would defer several of these dates: the use-based Annex III high-risk obligations would move to 2 December 2027, the obligations for AI embedded in regulated products to 2 August 2028, and the transparency duties to 2 December 2026. As of 4 June 2026 that agreement is provisional and takes legal effect only on formal adoption and publication, so the original 2 August 2026 date technically still governs until then. At the same time, Commission implementation pages already describe later dates linked to a simplification initiative and political agreement reached in 2026. Until an amending act is formally reflected in the legal text, prudent organisations should treat the current Regulation as the baseline and track official updates closely.
What to do next
Create one inventory of AI systems, models and use cases, including third-party tools, embedded features and internal builds. Record your legal role for each one: provider, deployer, importer, distributor or downstream provider.
Run a prohibited-practice screen now, especially for biometric uses, workplace or education emotion inference, manipulative interfaces and scraping-based facial database building.
Identify likely high-risk uses and prepare the evidence trail: classification memo, provider documentation review, human oversight plan, logging, incident escalation, data-governance checks, procurement clauses and, where required, a fundamental rights impact assessment.
Review general-purpose model dependencies. If you build on someone else's model, contract for the documentation and cooperation you will need. If you provide a model, map the Chapter V duties and any systemic-risk trigger.
Treat AI literacy as an operating control, not a one-off course. The Act already expects providers and deployers to take proportionate steps so staff and relevant contractors understand the systems they handle.
Track official EU guidance, harmonised standards, common specifications, national competent authority contacts and any formally adopted amendment to the timetable.
FAQs
Is the AI Act just GDPR for AI?
No. GDPR deals with personal data and privacy. The AI Act is a separate EU regime for AI systems and some model providers, focused on risk classification, product-style compliance, transparency, governance and enforcement.
Does the AI Act apply to companies outside the EU?
Yes, in some cases. It reaches providers placing AI systems or general-purpose AI models on the EU market, and it can also reach providers and deployers outside the EU where the AI system's output is used in the Union.
Are all AI systems high-risk?
No. Only certain product-related AI and the uses listed in Annex III are high-risk. Some other systems only face transparency duties, and many ordinary AI uses do not receive their own heavy AI Act duty bundle.
When do the main parts of the Act apply?
The Act entered into force on 1 August 2024. Prohibited practices and AI literacy duties apply from 2 February 2025. Governance rules and the general-purpose AI model regime apply from 2 August 2025. Under the current EUR-Lex text, the main body applies from 2 August 2026, with Article 6(1) and linked obligations from 2 August 2027. A provisional political agreement reached in May 2026 under the Digital Omnibus would defer several of these dates, so treat the published dates as not yet final and keep watching for a formally adopted timetable change.
Who enforces the AI Act?
Enforcement is shared. National market surveillance authorities enforce the rules for AI systems. Notifying authorities oversee notified bodies. The AI Office leads on general-purpose AI models and supports consistent EU-wide application. The EDPS supervises EU institutions, bodies, offices and agencies.
Do we always need a notified body?
No. Not every high-risk AI system needs notified-body involvement. Many Annex III systems use an internal-control route. Notified bodies matter where the Act requires third-party assessment, especially in some product-linked contexts or where relevant standards are missing or not applied.
Does open-source AI sit outside the regime?
Not entirely. The Act does contain some limited carve-outs, especially for certain general-purpose AI model documentation duties where a model is released under a qualifying free and open-source licence. But there is no blanket exemption, and systemic-risk general-purpose models remain subject to the stricter regime.