EU AI Act — Full Text by Article

Subject matter` 1. The purpose of this Regulation is to improve the functioning of the internal market and promote th...

Scope 1. This Regulation applies to: (a) providers placing on the market or putting into service AI systems or placin...

Article 3 Definitions For the purposes of this Regulation, the following definitions apply: (1) ‘AI system’ means a m...

AI literacy Providers and deployers of AI systems shall take measures to ensure, to their best extent, a sufficient l...

Article 5 Prohibited AI practices 1. The following AI practices shall be prohibited: (a) the placing on the market, t...

Classification rules for high-risk AI systems 1. Irrespective of whether an AI system is placed on the market or put ...

Amendments to Annex III 1. The Commission is empowered to adopt delegated acts in accordance with Article 97 to amend...

Compliance with the requirements 1. High-risk AI systems shall comply with the requirements laid down in this Section...

Risk management system 1. A risk management system shall be established, implemented, documented and maintained in re...

Data and data governance 1. High-risk AI systems which make use of techniques involving the training of AI models wit...

Technical documentation 1. The technical documentation of a high-risk AI system shall be drawn up before that system ...

Record-keeping 1. High-risk AI systems shall technically allow for the automatic recording of events (logs) over the ...

Transparency and provision of information to deployers 1. High-risk AI systems shall be designed and developed in suc...

Human oversight 1. High-risk AI systems shall be designed and developed in such a way, including with appropriate hum...

Accuracy, robustness and cybersecurity 1. High-risk AI systems shall be designed and developed in such a way that the...

Obligations of providers of high-risk AI systems Providers of high-risk AI systems shall: (a) ensure that their high-...

Quality management system 1. Providers of high-risk AI systems shall put a quality management system in place that en...

Documentation keeping 1. The provider shall, for a period ending 10 years after the high-risk AI system has been plac...

Automatically generated logs 1. Providers of high-risk AI systems shall keep the logs referred to in Article 12(1), a...

Corrective actions and duty of information 1. Providers of high-risk AI systems which consider or have reason to cons...

Cooperation with competent authorities 1. Providers of high-risk AI systems shall, upon a reasoned request by a compe...

Authorised representatives of providers of high-risk AI systems 1. Prior to making their high-risk AI systems availab...

Obligations of importers 1. Before placing a high-risk AI system on the market, importers shall ensure that the syste...

Obligations of distributors 1. Before making a high-risk AI system available on the market, distributors shall verify...

Responsibilities along the AI value chain 1. Any distributor, importer, deployer or other third-party shall be consid...

Article 26 Obligations of deployers of high-risk AI systems 1. Deployers of high-risk AI systems shall take appropria...

Fundamental rights impact assessment for high-risk AI systems 1. Prior to deploying a high-risk AI system referred to...

Notifying authorities 1. Each Member State shall designate or establish at least one notifying authority responsible ...

Application of a conformity assessment body for notification 1. Conformity assessment bodies shall submit an applicat...

Notification procedure 1. Notifying authorities may notify only conformity assessment bodies which have satisfied the...

Requirements relating to notified bodies 1. A notified body shall be established under the national law of a Member S...

Presumption of conformity with requirements relating to notified bodies Where a conformity assessment body demonstrat...

Subsidiaries of notified bodies and subcontracting 1. Where a notified body subcontracts specific tasks connected wit...

Operational obligations of notified bodies 1. Notified bodies shall verify the conformity of high-risk AI systems in ...

Identification numbers and lists of notified bodies 1. The Commission shall assign a single identification number to ...

Article 36 Changes to notifications 1. The notifying authority shall notify the Commission and the other Member State...

Challenge to the competence of notified bodies 1. The Commission shall, where necessary, investigate all cases where ...

Coordination of notified bodies 1. The Commission shall ensure that, with regard to high-risk AI systems, appropriate...

Conformity assessment bodies of third countries Conformity assessment bodies established under the law of a third cou...

Harmonised standards and standardisation deliverables 1. High-risk AI systems or general-purpose AI models which are ...

Common specifications 1. The Commission may adopt, implementing acts establishing common specifications for the requi...

Presumption of conformity with certain requirements 1. High-risk AI systems that have been trained and tested on data...

Article 43 Conformity assessment 1. For high-risk AI systems listed in point 1 of Annex III, where, in demonstrating ...

Certificates 1. Certificates issued by notified bodies in accordance with Annex VII shall be drawn-up in a language w...

Information obligations of notified bodies 1. Notified bodies shall inform the notifying authority of the following: ...

Derogation from conformity assessment procedure 1. By way of derogation from Article 43 and upon a duly justified req...

EU declaration of conformity 1. The provider shall draw up a written machine readable, physical or electronically sig...

CE marking 1. The CE marking shall be subject to the general principles set out in Article 30 of Regulation (EC) No 7...

Registration 1. Before placing on the market or putting into service a high-risk AI system listed in Annex III, with ...

Transparency obligations for providers and deployers of certain AI systems 1. Providers shall ensure that AI systems ...

Classification of general-purpose AI models as general-purpose AI models with systemic risk 1. A general-purpose AI m...

Procedure 1. Where a general-purpose AI model meets the condition referred to in Article 51(1), point (a), the releva...

Obligations for providers of general-purpose AI models 1. Providers of general-purpose AI models shall: (a) draw up a...

Authorised representatives of providers of general-purpose AI models 1. Prior to placing a general-purpose AI model o...

Obligations of providers of general-purpose AI models with systemic risk 1. In addition to the obligations listed in ...

Codes of practice 1. The AI Office shall encourage and facilitate the drawing up of codes of practice at Union level ...

Article 57 AI regulatory sandboxes 1. Member States shall ensure that their competent authorities establish at least ...

Detailed arrangements for, and functioning of, AI regulatory sandboxes 1. In order to avoid fragmentation across the ...

Further processing of personal data for developing certain AI systems in the public interest in the AI regulatory san...

Article 60 Testing of high-risk AI systems in real world conditions outside AI regulatory sandboxes 1. Testing of hig...

Informed consent to participate in testing in real world conditions outside AI regulatory sandboxes 1. For the purpos...

Measures for providers and deployers, in particular SMEs, including start-ups 1. Member States shall undertake the fo...

Derogations for specific operators 1. Microenterprises within the meaning of Recommendation 2003/361/EC may comply wi...

AI Office 1. The Commission shall develop Union expertise and capabilities in the field of AI through the AI Office. ...

Establishment and structure of the European Artificial Intelligence Board 1. A European Artificial Intelligence Board...

Tasks of the Board The Board shall advise and assist the Commission and the Member States in order to facilitate the ...

Advisory forum 1. An advisory forum shall be established to provide technical expertise and advise the Board and the ...

Scientific panel of independent experts 1. The Commission shall, by means of an implementing act, make provisions on ...

Access to the pool of experts by the Member States 1. Member States may call upon experts of the scientific panel to ...

Designation of national competent authorities and single points of contact 1. Each Member State shall establish or de...

EU database for high-risk AI systems listed in Annex III 1. The Commission shall, in collaboration with the Member St...

Post-market monitoring by providers and post-market monitoring plan for high-risk AI systems 1. Providers shall estab...

Reporting of serious incidents 1. Providers of high-risk AI systems placed on the Union market shall report any serio...

Article 74 Market surveillance and control of AI systems in the Union market 1. Regulation (EU) 2019/1020 shall apply...

Mutual assistance, market surveillance and control of general-purpose AI systems 1. Where an AI system is based on a ...

Supervision of testing in real world conditions by market surveillance authorities 1. Market surveillance authorities...

Powers of authorities protecting fundamental rights 1. National public authorities or bodies which supervise or enfor...

Confidentiality 1. The Commission, market surveillance authorities and notified bodies and any other natural or legal...

Article 79 Procedure at national level for dealing with AI systems presenting a risk 1. AI systems presenting a risk ...

Procedure for dealing with AI systems classified by the provider as non-high-risk in application of Annex III 1. Wher...

Union safeguard procedure 1. Where, within three months of receipt of the notification referred to in Article 79(5), ...

Compliant AI systems which present a risk 1. Where, having performed an evaluation under Article 79, after consulting...

Formal non-compliance 1. Where the market surveillance authority of a Member State makes one of the following finding...

Union AI testing support structures 1. The Commission shall designate one or more Union AI testing support structures...

Right to lodge a complaint with a market surveillance authority Without prejudice to other administrative or judicial...

Right to explanation of individual decision-making 1. Any affected person subject to a decision which is taken by the...

Reporting of infringements and protection of reporting persons Directive (EU) 2019/1937 shall apply to the reporting ...

Enforcement of the obligations of providers of general-purpose AI models 1. The Commission shall have exclusive power...

Monitoring actions 1. For the purpose of carrying out the tasks assigned to it under this Section, the AI Office may ...

Alerts of systemic risks by the scientific panel 1. The scientific panel may provide a qualified alert to the AI Offi...

Power to request documentation and information 1. The Commission may request the provider of the general-purpose AI m...

Power to conduct evaluations 1. The AI Office, after consulting the Board, may conduct evaluations of the general-pur...

Power to request measures 1. Where necessary and appropriate, the Commission may request providers to: (a) take appro...

Procedural rights of economic operators of the general-purpose AI model Article 18 of Regulation (EU) 2019/1020 shall...

Codes of conduct for voluntary application of specific requirements 1. The AI Office and the Member States shall enco...

Guidelines from the Commission on the implementation of this Regulation 1. The Commission shall develop guidelines on...

Exercise of the delegation 1. The power to adopt delegated acts is conferred on the Commission subject to the conditi...

Committee procedure 1. The Commission shall be assisted by a committee. That committee shall be a committee within th...

Article 99 Penalties 1. In accordance with the terms and conditions laid down in this Regulation, Member States shall...

Administrative fines on Union institutions, bodies, offices and agencies 1. The European Data Protection Supervisor m...

Fines for providers of general-purpose AI models 1. The Commission may impose on providers of general-purpose AI mode...

Amendment to Regulation (EC) No 300/2008 In Article 4(3) of Regulation (EC) No 300/2008, the following subparagraph i...

Amendment to Regulation (EU) No 167/2013 In Article 17(5) of Regulation (EU) No 167/2013, the following subparagraph ...

Amendment to Regulation (EU) No 168/2013 In Article 22(5) of Regulation (EU) No 168/2013, the following subparagraph ...

Amendment to Directive 2014/90/EU In Article 8 of Directive 2014/90/EU, the following paragraph is added: ‘5. For Art...

Amendment to Directive (EU) 2016/797 In Article 5 of Directive (EU) 2016/797, the following paragraph is added: ‘12. ...

Amendment to Regulation (EU) 2018/858 In Article 5 of Regulation (EU) 2018/858 the following paragraph is added: ‘4. ...

Amendments to Regulation (EU) 2018/1139 Regulation (EU) 2018/1139 is amended as follows: (1) in Article 17, the follo...

Amendment to Regulation (EU) 2019/2144 In Article 11 of Regulation (EU) 2019/2144, the following paragraph is added: ...

Amendment to Directive (EU) 2020/1828 In Annex I to Directive (EU) 2020/1828 of the European Parliament and of the Co...

AI systems already placed on the market or put into service and general-purpose AI models already placed on the marke...

Article 112 Evaluation and review 1. The Commission shall assess the need for amendment of the list set out in Annex ...

Entry into force and application This Regulation shall enter into force on the twentieth day following that of its pu...

and of the Council and repealing Regulations (EC) No 78/2009, (EC) No 79/2009 and (EC) No 661/2009 of the European Pa...

List of criminal offences referred to in Article 5(1), first subparagraph, point (h)(iii) Criminal offences referred ...

referred to in Article 3(4) of Directive (EU) 2016/680, or to assess personality traits and characteristics or past c...

on input data, as appropriate; 4. A description of the appropriateness of the performance metrics for the specific AI...

Information to be submitted upon the registration of high-risk AI systems listed in Annex III in relation to testing ...

EU declaration of conformity The EU declaration of conformity referred to in Article 47, shall contain all of the fol...

Conformity assessment procedure based on internal control 1. The conformity assessment procedure based on internal co...

the conclusions of the assessment of the technical documentation and the reasoned assessment decision. Where the AI s...

Information to be submitted upon the registration of high-risk AI systems in accordance with Article 49 Section A — I...

p. 27). (b) Regulation (EU) 2019/818 of the European Parliament and of the Council of 20 May 2019 on establishing a f...

Technical documentation referred to in Article 53(1), point (a) — technical documentation for providers of general-pu...

Transparency information referred to in Article 53(1), point (b) — technical documentation for providers of general-p...

Criteria for the designation of general-purpose AI models with systemic risk referred to in Article 51 For the purpos...