Free Diagnostic

Glossary

25 key definitions of the Regulation

Obligations

24 detailed articles with deadlines

Timeline

Key dates from 2025 to 2027

Diagnostic

Identify your obligations in 3 minutes

Features

Documentation, diagnostic, PDF export

European Sovereignty

100% hosted in France

Features Pricing Blog Sign in

AI Act Obligations by Article

Complete guide to the obligations of Regulation (EU) 2024/1689. Identify the requirements applicable to your role (provider, deployer, importer) and your AI system's risk level.

Filter by role:

AI Literacy

Article 4 requires all providers and deployers of AI systems to ensure that their staff and any other person involved in the operation and use of AI systems have a sufficient level of AI literacy, taking into account their technical knowledge, experience and context of use.

ProviderDeployer

February 2, 2025

Art. 5Prohibited

Prohibited AI practices

Article 5 defines AI systems whose placing on the market, putting into service or use is prohibited in the European Union. These practices are considered to present an unacceptable risk to safety, livelihoods and the rights of persons.

ProviderDeployerImporterDistributor

February 2, 2025

Art. 6High-risk

Classification rules for high-risk AI systems

Article 6 defines the criteria for determining whether an AI system should be considered high-risk. A system is classified as high-risk either because it constitutes a safety component of a product covered by Union harmonization legislation (Annex I), or because it falls within the areas listed in Annex III.

Art. 9High-risk

Risk management system

Article 9 requires providers of high-risk AI systems to establish a continuous and iterative risk management system covering the entire lifecycle of the system. This system must enable the identification, analysis and mitigation of risks to health, safety and fundamental rights.

Art. 10High-risk

Data and data governance

Article 10 establishes requirements for training, validation and testing datasets used for high-risk AI systems. Data governance practices must ensure the quality, representativeness, absence of errors and completeness of the data.

Art. 11High-risk

Technical documentation

Article 11 requires providers to establish technical documentation before placing on the market or putting into service a high-risk AI system. This documentation must demonstrate compliance with the regulation's requirements and provide authorities with necessary information.

Art. 12High-risk

Record-keeping and automatic logging

Article 12 requires that high-risk AI systems have capabilities for automatic logging of events throughout their lifetime. These logs must be retained to enable traceability of the system's operation.

Art. 13High-risk

Transparency and provision of information to deployers

Article 13 requires that high-risk AI systems be designed to enable deployers to interpret outputs and use them appropriately. Clear and understandable instructions for use must accompany the system.

Art. 14High-risk

Human oversight

Article 14 requires that high-risk AI systems be designed to be effectively overseen by natural persons. Oversight measures must be proportionate to the risks and level of autonomy of the system.

ProviderDeployer

Art. 15High-risk

Accuracy, robustness and cybersecurity

Article 15 establishes requirements for accuracy, robustness and cybersecurity for high-risk AI systems. These systems must achieve an adequate level of accuracy and robustness, and be resilient against manipulation attempts.

Art. 16High-risk

Obligations of providers of high-risk AI systems

Article 16 brings together all obligations incumbent on providers of high-risk AI systems. It constitutes the reference article for the compliance regime applicable to providers, referring to the detailed requirements of Articles 8 to 15.

Art. 17High-risk

Quality management system

Article 17 requires providers of high-risk AI systems to establish a quality management system ensuring compliance with the regulation. This system must cover all phases of the AI system lifecycle and be systematically documented.

Art. 23High-risk

Obligations of importers

Article 23 defines the specific obligations of importers of high-risk AI systems. Before placing a system on the Union market, the importer must ensure that the provider has carried out the appropriate conformity assessment procedure.

Art. 25High-risk

Obligations of distributors

Article 25 establishes the obligations of distributors of high-risk AI systems. The distributor must verify that the system bears the required CE marking and is accompanied by the necessary documentation and instructions for use.

Art. 26High-risk

Obligations of deployers of high-risk AI systems

Article 26 defines the specific obligations of deployers of high-risk AI systems. Deployers must ensure they use the system in accordance with instructions for use, ensure human oversight and inform affected persons.

Art. 27High-risk

Fundamental rights impact assessment (FRIA)

Article 27 requires deployers under public law and private entities providing public services to carry out a fundamental rights impact assessment before deploying a high-risk AI system. This assessment must analyze specific risks to affected persons and groups.

Art. 43High-risk

Conformity assessment

Article 43 defines the conformity assessment procedures that providers must follow before placing on the market or putting into service a high-risk AI system. The procedure varies by system type and may include self-assessment or intervention by a notified body.

Art. 47High-risk

EU declaration of conformity

Article 47 requires providers to establish a written EU declaration of conformity for each high-risk AI system, certifying that it meets the regulation's requirements. This declaration must be kept up to date and made available to authorities.

Art. 48High-risk

CE marking

Article 48 requires providers to affix the CE marking on high-risk AI systems complying with the regulation's requirements. This marking certifies the system's conformity and allows its free circulation on the European Union market.

Art. 49High-risk

Registration in the EU database

Article 49 requires providers and, where applicable, deployers to register their high-risk AI system in the EU database before placing on the market or putting into service. This public database enables transparency and market surveillance.

ProviderDeployer

Transparency obligations for certain AI systems

Article 50 establishes transparency obligations applicable to specific categories of AI systems, regardless of their risk level. It covers notably chatbots, synthetic content generation systems and emotion recognition systems.

ProviderDeployer

Obligations of providers of general-purpose AI models

Article 53 defines the specific obligations of providers of general-purpose AI models (GPAI). These obligations concern technical documentation, copyright compliance policy, and provision of information to downstream providers integrating the model.

Art. 72High-risk

Post-market monitoring

Article 72 requires providers of high-risk AI systems to establish a post-market monitoring system proportionate to the nature of the technology and associated risks. This system must actively collect and analyze performance data.

Annexe IVHigh-risk

Content of technical documentation (Annex IV)

Annex IV details the mandatory content of technical documentation that providers of high-risk AI systems must establish. It lists required sections covering general description, development process, data governance and performance metrics.

Identify your obligations in 3 minutes

Our free diagnostic analyzes your AI system and tells you exactly which obligations apply to you.

Start free diagnostic

See also:AI Act Glossary·AI Act Timeline

Coming soon

Be among the first to know

Sign up for priority access to the AI Act compliance platform.