EU-AI-Act

Regulation (EU) 2024/1689 — Artificial Intelligence Act

EU Version 1.0 334 obligations

Requirement 130 Transparency 41 Documentation 40 Reporting 27 Risk Management 23 Data Governance 19 Conformity 17 Human Oversight 14 Monitoring 12 Prohibition 8 Registration 3

I. General Provisions
Art. 1. Subject matter ref
Art. 2. Scope ref
Art. 3. Definitions ref
Art. 4. AI literacy ref
II. Prohibited AI Practices
Art. 5. Prohibited artificial intelligence practices ref
III. High-Risk AI Systems
Ch. 1 — Classification of AI Systems as High-Risk
Art. 6. Classification rules for high-risk AI systems (7)
Art. 7. Amendments to Annex III (12)
Ch. 2 — Requirements for High-Risk AI Systems
Art. 8. Compliance with the requirements (5)
Art. 9. Risk management system (15)
Art. 10. Data and data governance (20)
Art. 11. Technical documentation (7)
Art. 12. Record-keeping (8)
Art. 13. Transparency and provision of information to deployers (14)
Art. 14. Human oversight (11)
Art. 15. Accuracy, robustness and cybersecurity (9)
Ch. 3 — Obligations of Providers and Deployers of High-Risk AI Systems and Other Parties
Art. 16. Obligations of providers of high-risk AI systems (12)
Art. 17. Quality management system (16)
Art. 18. Documentation keeping (6)
Art. 19. Automatically generated logs (2)
Art. 20. Corrective actions and duty of information (5)
Art. 21. Cooperation with competent authorities (3)
Art. 22. Duty of providers of high-risk AI systems to inform (2)
Art. 23. Obligations of importers (12)
Art. 24. Obligations of distributors (10)
Art. 25. Responsibilities along the AI value chain (9)
Ch. 4 — Obligations of Deployers of High-Risk AI Systems
Art. 26. Obligations of deployers of high-risk AI systems (17)
Art. 27. Fundamental rights impact assessment for high-risk AI systems (10)
Ch. 5 — Notifying Authorities and Notified Bodies
Art. 28. Notifying authorities (8)
IV. Transparency Obligations for Providers and Deployers of Certain AI Systems
Art. 50. Transparency obligations for providers and deployers of certain AI systems (9)
V. General-Purpose AI Models
Ch. 1 — Classification Rules
Art. 51. Classification of general-purpose AI models as general-purpose AI models with systemic risk (4)
Ch. 2 — Obligations for Providers of General-Purpose AI Models
Art. 53. Obligations for providers of general-purpose AI models (6)
Art. 54. Authorised representatives of providers of general-purpose AI models (11)
Art. 55. Obligations for providers of general-purpose AI models with systemic risk (6)
Art. 56. Codes of practice (8)
VIII. Post-Market Monitoring, Information Sharing and Market Surveillance
Ch. 1 — Post-Market Monitoring
Art. 72. Post-market monitoring by providers and post-market monitoring plan for high-risk AI systems (7)
Ch. 2 — Sharing of Information on Serious Incidents
Art. 73. Reporting of serious incidents (12)
X. Codes of Conduct and Guidelines
Art. 95. Codes of conduct for voluntary application of specific requirements (6)
XII. Penalties
Art. 99. Penalties (8)
Art. 100. Administrative fines on Union institutions, bodies, offices and agencies (7)
Art. 101. Penalties for providers of general-purpose AI models (4)
Annex I. Union Harmonisation Legislation Listed in Article 6(1)
Annex III. High-Risk AI Systems Referred to in Article 6(2)
Annex IV. Technical Documentation Referred to in Article 11(1)

Showing 201–225 of 334 obligations

Title I — General Provisions

Title II — Prohibited AI Practices

Title III — High-Risk AI Systems

Chapter 1 — Classification of AI Systems as High-Risk

Chapter 2 — Requirements for High-Risk AI Systems

Chapter 3 — Obligations of Providers and Deployers of High-Risk AI Systems and Other Parties

Chapter 4 — Obligations of Deployers of High-Risk AI Systems

Article 27. Fundamental rights impact assessment for high-risk AI systems

1 obligation

EU-AIA-27-10 Documentation

Complement existing data protection impact assessments

If obligations under this Article are already met through data protection impact assessments under Article 35 of GDPR or

Chapter 5 — Notifying Authorities and Notified Bodies

Article 28. Notifying authorities

8 obligations

EU-AIA-28-01 Requirement

Designate or establish notifying authorities

Each Member State must designate or establish at least one notifying authority responsible for setting up and carrying o

EU-AIA-28-02 Requirement

Develop procedures in cooperation with other Member States

Notifying authorities must develop their assessment, designation, notification and monitoring procedures in cooperation

EU-AIA-28-03 Requirement

Ensure no conflict of interest with conformity assessment bodies

Notifying authorities must be established, organised and operated in a manner that prevents any conflict of interest wit

EU-AIA-28-04 Requirement

Separate decision-makers from assessors

Notifying authorities must organize themselves so that decisions relating to notification of conformity assessment bodie

EU-AIA-28-05 Prohibition

Prohibition on performing conformity assessment activities

Notifying authorities are prohibited from offering or providing any activities that conformity assessment bodies perform

EU-AIA-28-06 Prohibition

Prohibition on commercial consultancy services

Notifying authorities are prohibited from providing any consultancy services on a commercial or competitive basis.

EU-AIA-28-07 Data Governance

Safeguard confidentiality per Article 78

Notifying authorities must safeguard the confidentiality of information they obtain in accordance with Article 78 requir

EU-AIA-28-08 Requirement

Maintain adequate competent personnel

Notifying authorities must have an adequate number of competent personnel at their disposal for proper performance of th

Title IV — Transparency Obligations for Providers and Deployers of Certain AI Systems

Article 50. Transparency obligations for providers and deployers of certain AI systems

7 obligations

EU-AIA-50-01 Transparency

Direct interaction AI disclosure by providers

Providers must design and develop AI systems intended to interact directly with natural persons to inform users they are

EU-AIA-50-02 Transparency

Synthetic content machine-readable marking

Providers of AI systems generating synthetic audio, image, video or text content must ensure outputs are marked in a mac

EU-AIA-50-03 Requirement

Synthetic content technical solution effectiveness

Providers must ensure their technical solutions for marking synthetic content are effective, interoperable, robust and r

EU-AIA-50-04 Transparency

Emotion recognition system operation disclosure

Deployers of emotion recognition systems must inform natural persons exposed to the system of its operation and process

EU-AIA-50-05 Transparency

Biometric categorisation system operation disclosure

Deployers of biometric categorisation systems must inform natural persons exposed to the system of its operation and pro

EU-AIA-50-06 Transparency

Deep fake content disclosure

Deployers of AI systems that generate or manipulate image, audio or video content constituting a deep fake must disclose

EU-AIA-50-07 Transparency

Artistic deep fake limited disclosure

For deep fake content that forms part of evidently artistic, creative, satirical, fictional or analogous work, deployers