EU AI Act
Also known as: Regulation (EU) 2024/1689, Artificial Intelligence Act
The EU AI Act is the European Union’s horizontal regulation on artificial intelligence, in force since 1 August 2024. It classifies AI systems by risk tier and imposes obligations on providers, deployers, importers, and distributors that touch the EU market.
What the Act does
The EU AI Act (Regulation (EU) 2024/1689) regulates artificial intelligence as a product placed on the EU market. It is horizontal: it applies across sectors, on top of any sector-specific legislation a provider already follows.
The Act sorts AI systems into four risk tiers. A short list of practices is prohibited outright. A larger set of high-risk systems carries heavy obligations on documentation, transparency, human oversight, and post-market monitoring. Most consumer-facing and B2B AI products fall under limited-risk transparency obligations. The remainder carry no specific obligations.
Who is in scope
The Act applies extraterritorially. Any provider placing an AI system on the EU market, any deployer using one within the EU, and any provider whose output is used in the EU is in scope, regardless of where the provider is headquartered.
General-purpose AI models have their own track. Providers of GPAI models with systemic risk (a compute threshold of 10^25 FLOPs at training time) carry obligations on top of the base GPAI requirements.
Penalties
Prohibited AI practices: up to €35 million or 7% of global annual turnover, whichever is higher. Non-compliance with most other obligations: up to €15 million or 3%. Supplying incorrect information to regulators: up to €7.5 million or 1%. For SMEs and start-ups, each cap is the lower of the absolute amount or the percentage, so proportionality is built in.