AI Governance and the EU AI Act
AI Governance and the EU AI Act
Introduction
The EU Artificial Intelligence Act, Regulation (EU) 2024/1689, establishes a comprehensive safety and governance framework for artificial intelligence systems placed on the EU market, put into service in the EU, or used in ways that affect people in the EU. It uses a risk-based structure: some AI practices are prohibited, high-risk systems must satisfy strict pre-market and lifecycle requirements, specific lower-risk systems must meet transparency duties, and minimal-risk AI remains governed mainly by existing law.
For governance teams, the Act matters because it turns AI risk management into a legal operating model. Providers of high-risk AI systems need quality management, risk management, data governance, technical documentation, logging, human oversight, robustness, cybersecurity, post-market monitoring, conformity assessment, declarations of conformity, and CE marking. Deployers must use systems according to instructions, maintain oversight, monitor use, keep logs where required, report serious incidents, and carry out Fundamental Rights Impact Assessments for certain high-risk deployments. Importers, distributors, product manufacturers, and entities that substantially modify or rebrand AI systems also carry obligations.
The AI Act does not replace the GDPR, product safety law, sector regulation, anti-discrimination law, consumer law, or liability rules. It sits alongside them. In practice, many high-risk AI deployments will need both AI Act compliance evidence and GDPR evidence such as lawful basis, transparency, security, Data Protection Impact Assessments, and rights-handling processes.
Implementation is phased. The Act entered into force on 1 August 2024. Prohibitions and AI literacy duties began to apply on 2 February 2025. General-purpose AI model obligations and governance provisions began to apply from 2 August 2025, with transition rules for existing models. Most high-risk and transparency obligations apply from 2 August 2026, while some high-risk systems linked to EU harmonisation legislation follow later application dates. Digital simplification and “Omnibus” proposals have created uncertainty around some future deadlines, so organizations should separate binding dates from proposed amendments and track Commission, Parliament, Council, and Member State implementation closely.
Scope and Structure of the EU AI Act
Who the Act Covers
The AI Act applies to providers, deployers, importers, distributors, product manufacturers, authorised representatives, and other operators depending on their role in the AI value chain. Its territorial reach is broad: organizations outside the EU can fall in scope when they place AI systems or general-purpose AI models on the EU market, put them into service in the EU, or use AI outputs in the EU.
The Act excludes certain contexts, including purely military, defence, or national-security uses, and includes specific carve-outs for research, testing, and personal non-professional activity. Those exclusions do not remove obligations under other laws, and commercial deployment can still bring the system back into scope.
Risk Tiers
The core structure is a risk taxonomy. Unacceptable-risk practices are banned because they conflict with fundamental rights or EU values. High-risk systems are allowed only if the responsible operators meet detailed governance and safety requirements. Limited-risk or transparency-category systems must tell people when they are interacting with AI or when content has been artificially generated or manipulated. Minimal-risk AI does not receive new AI-specific obligations under the Act, although general law still applies.
| Risk level | Definition and scope | Examples | Governance effect |
|---|---|---|---|
| Unacceptable risk | AI practices considered incompatible with EU values and fundamental rights. | Manipulative or exploitative AI, social scoring, certain biometric categorisation, emotion recognition in workplace or education settings, and unlawful real-time remote biometric identification in public spaces. | Prohibited under Article 5. Operators must not place, deploy, or use these systems except where narrow legal exceptions apply. |
| High risk | AI used as a safety component in regulated products or in sensitive Annex III use cases affecting safety, rights, or essential services. | Medical devices, machinery safety components, employment screening, education access, credit scoring, welfare eligibility, law enforcement, migration, border control, critical infrastructure, and judicial assistance. | Full high-risk controls: risk management, data governance, technical documentation, logging, transparency to deployers, human oversight, accuracy, robustness, cybersecurity, conformity assessment, CE marking, and post-market monitoring. |
| Limited or transparency risk | AI with lower safety risk but meaningful information asymmetry for affected people. | Chatbots, deepfakes, synthetic media, AI-generated public-interest content, and certain emotion recognition or biometric categorisation systems. | Disclosure and labelling duties under Article 50 and related provisions. |
| Minimal risk | AI outside the prohibited, high-risk, and transparency categories. | Many spam filters, game AI, basic recommendation components, and ordinary internal tools. | No new AI-specific duties under the Act, but GDPR, product law, consumer law, employment law, anti-discrimination law, cybersecurity duties, and contract duties may still apply. |
Unacceptable-Risk AI
Article 5 prohibits AI practices that the legislator treats as too harmful to permit. These include materially distortive manipulation, exploitation of vulnerabilities, certain social scoring practices, certain predictive policing practices based mainly on profiling or personality traits, untargeted scraping of facial images to build recognition databases, emotion recognition in workplaces and educational institutions subject to exceptions, biometric categorisation to infer sensitive characteristics, and real-time remote biometric identification in publicly accessible spaces for law enforcement except within narrowly defined and authorised circumstances.
The governance implication is direct: these are not systems to control through ordinary risk acceptance. They require intake screening, procurement controls, deployment review, contractual prohibitions, and incident escalation so that prohibited use cases are stopped before production.
High-Risk AI
High-risk AI is the main operational burden of the Act. A system can be high risk because it is a safety component of a product covered by EU harmonisation law in Annex I, or because it falls into a sensitive Annex III use case. Annex III includes biometrics, critical infrastructure, education, employment, access to essential private and public services, law enforcement, migration and border management, and administration of justice and democratic processes.
High-risk classification is not only a label. It triggers lifecycle obligations. Providers must build compliance into the development and release process, while deployers must operate the system within its intended purpose, maintain human oversight, monitor outputs, preserve logs where required, and report serious incidents. Where an entity rebrands, substantially modifies, or changes the intended purpose of a system, Article 25 can shift provider obligations to that entity.
Limited-Risk and Minimal-Risk AI
The transparency category addresses situations where people need to know they are dealing with AI or with AI-generated content. Conversational systems must disclose that interaction, unless the context makes it obvious. Synthetic audio, image, video, or text content must be marked or disclosed where the Article 50 duties apply, including deepfake and public-interest content obligations.
Minimal-risk systems are not free of governance. They may be outside the AI Act’s new AI-specific controls, but they can still create privacy, security, employment, procurement, intellectual-property, accessibility, consumer-protection, or discrimination risks. A mature AI governance program should therefore keep them in inventory, classify them, and record why no AI Act high-risk or transparency duty applies.
Obligations by Actor in the AI Value Chain
Providers
Providers have the heaviest duties for high-risk AI systems. They must ensure the system complies before it is placed on the market or put into service. That requires a risk management system, data governance, technical documentation, record keeping, instructions for use, human oversight design, appropriate accuracy, robustness, cybersecurity, a quality management system, conformity assessment, an EU declaration of conformity, CE marking, registration where required, post-market monitoring, and corrective action.
Providers of general-purpose AI models also have model-level duties. These include technical documentation, information for downstream providers, copyright-policy obligations, training-content summaries, and additional risk management for models with systemic risk. The details are operationalized through Commission guidance, templates, standards, and codes of practice.
Deployers
Deployers are organizations or individuals using AI systems under their authority, except for purely personal non-professional use. For high-risk systems, deployers must use the system according to instructions, assign competent human oversight, ensure input data is relevant and sufficiently representative where the deployer controls it, monitor operation, retain logs where under their control, report serious incidents, and stop use when there is reason to believe the system presents a risk.
Certain deployers must conduct a Fundamental Rights Impact Assessment before using high-risk AI. Employers and public authorities may also have worker, citizen, procurement, administrative-law, and transparency duties outside the AI Act.
Importers, Distributors, and Product Manufacturers
Importers must verify that non-EU providers have completed the required conformity steps, prepared documentation, appointed an authorised representative where required, and supplied the declaration of conformity and CE marking. Distributors must check that required documentation, instructions, and markings are present and must avoid making non-compliant systems available.
Product manufacturers can become responsible for AI Act compliance when an AI system is marketed under their name or trademark together with a product governed by EU harmonisation law. The Act is designed so that responsibility follows practical control of the system and its intended use.
| Actor | Key obligations for high-risk AI | Governance notes |
|---|---|---|
| Provider | Implement risk management, quality management, data governance, technical documentation, logging, human oversight design, accuracy, robustness, cybersecurity, conformity assessment, declaration of conformity, CE marking, registration, post-market monitoring, and corrective action. | Provider obligations sit at the centre of the compliance file. Non-EU providers may need an authorised representative. |
| Importer | Verify upstream compliance, ensure the system bears required markings and documentation, identify the importer, keep copies of conformity evidence where required, and avoid placing non-compliant systems on the market. | Importers are a compliance gate for non-EU systems entering the EU market. |
| Distributor | Check CE marking, instructions, declaration, and obvious non-compliance before making the system available; cooperate with providers and authorities when risk or non-compliance appears. | Distributors need procurement and release controls, not only sales controls. |
| Deployer | Use the system according to instructions, assign human oversight, ensure relevant input data where controlled by the deployer, monitor performance, retain logs where required, report serious incidents, and conduct FRIAs where required. | Deployers should integrate AI Act duties into operational risk, privacy, employment, procurement, and incident-response processes. |
| Modifying or rebranding entity | If it places the system on the market under its name, substantially modifies it, or changes intended purpose, it may become the provider. | Article 25 prevents responsibility gaps in repackaged or materially changed systems. |
Conformity Assessment, CE Marking, and Documentation
Conformity Assessment
High-risk AI systems cannot be placed on the EU market or put into service unless they satisfy the applicable requirements. Article 43 sets out conformity assessment routes, including internal control and, for certain systems, notified-body involvement. The correct route depends on the type of system, the applicable harmonised standards or common specifications, and whether the system is part of a product already covered by sectoral EU conformity procedures.
Conformity assessment should not be treated as a late-stage paperwork exercise. It depends on earlier engineering and governance evidence: intended purpose, foreseeable misuse, architecture, data governance, performance testing, residual risks, oversight design, cybersecurity, logging, change management, and post-market monitoring.
CE Marking and Declaration of Conformity
When conformity is established, the provider must draw up an EU declaration of conformity and affix the CE marking. This connects AI compliance to the EU’s broader product-safety architecture. For AI embedded in products such as medical devices, machinery, toys, radio equipment, vehicles, and aviation products, the AI Act interacts with sector-specific safety regimes rather than replacing them.
Technical documentation under Annex IV is the evidence backbone. It should describe the system, its development process, intended purpose, design choices, data, evaluation, risk controls, human oversight, monitoring, cybersecurity, and compliance approach. Providers must retain documentation for the required period and make it available to authorities.
Post-Market Monitoring
The AI Act requires ongoing monitoring after release. Providers need processes to collect real-world performance information, detect serious incidents and malfunctioning, evaluate whether risks have changed, and implement corrective action. Deployers need operating procedures so incidents, anomalous outputs, and misuse are escalated rather than left as local operational noise.
Transparency and Limited-Risk AI Systems
Article 50 imposes transparency obligations for certain AI systems even when they are not high-risk. People should be told when they are interacting with an AI system unless that is obvious from the circumstances. Synthetic or manipulated audio, image, video, and text content must be marked or disclosed where the provision applies. Deepfakes and AI-generated public-interest text require particular care because the harm is often informational rather than physical.
Transparency controls should be implemented in product design, user interfaces, content provenance metadata, policy notices, and moderation processes. A chatbot disclaimer alone is not enough for every use case; governance teams should map the relevant Article 50 duty to the specific interaction, content type, audience, and deployment context.
Relationship with Existing EU Law
GDPR and Data Protection
The AI Act is without prejudice to the GDPR and other EU data-protection rules. AI systems that process personal data still need a lawful basis, transparency, data minimization, accuracy, storage limitation, security, and accountability. Many high-risk AI systems will also need a GDPR Data Protection Impact Assessment, and certain public-sector or rights-sensitive deployments will need a Fundamental Rights Impact Assessment under the AI Act.
The EDPB and EDPS have repeatedly warned that AI governance must not create loopholes around data protection. A practical compliance program should therefore align AI Act classification, GDPR DPIAs, records of processing, legitimate-interest assessments, automated decision-making safeguards, data-subject rights, security controls, and vendor due diligence.
Product Safety and Sector Law
The AI Act functions partly like a product-safety law for software and AI-enabled systems. Annex I connects the Act to EU harmonisation legislation for products such as machinery, medical devices, toys, radio equipment, aviation, vehicles, and rail. Where AI is a safety component of a regulated product, operators need to align AI-specific requirements with the sector’s conformity and surveillance mechanisms.
This overlap is one reason implementation simplification remains politically active. The objective is to avoid duplicative paperwork while preserving evidence that AI-specific risks have been managed.
Liability, Consumer Protection, and Other Rules
The AI Act does not create a complete AI liability code. Liability will continue to depend on national law, EU product-liability rules, contract law, consumer law, employment law, discrimination law, and sector-specific duties. The modernized Product Liability Directive covers software and digital manufacturing files, making AI-related product defects more clearly actionable in product-liability contexts.
Non-compliance with the AI Act can also become evidence in disputes. If an organization cannot show risk management, documentation, human oversight, monitoring, or corrective action, that gap may matter to regulators, customers, injured parties, insurers, and courts.
Implementation Timeline and Compliance Milestones
The binding AI Act timeline is phased. The Act entered into force on 1 August 2024. Prohibitions and AI literacy obligations applied from 2 February 2025. General-purpose AI model obligations and governance provisions applied from 2 August 2025, with transition rules for some existing models. Most high-risk AI and transparency obligations apply from 2 August 2026. Certain high-risk systems associated with products under Annex I follow later application dates.
Digital simplification proposals and AI Act amendments discussed under the “Digital Omnibus” label may adjust some future dates and obligations. As of this post, those proposals should be treated as implementation uncertainty unless and until enacted in final legal text.
| Date | Milestone | Practical compliance significance |
|---|---|---|
| 1 August 2024 | Entry into force. | Organizations should have started AI inventory, role mapping, risk classification, and governance planning. |
| 2 February 2025 | Prohibited practices and AI literacy duties begin to apply. | Intake, procurement, and deployment review should block prohibited use cases; staff involved with AI should receive role-appropriate literacy training. |
| 2 August 2025 | GPAI model obligations, AI governance structures, and penalty provisions begin to apply, subject to transition rules. | Model providers and downstream providers need documentation, training-data summaries, copyright-policy evidence, risk controls, and governance interfaces. |
| 2 August 2026 | Most high-risk system obligations and transparency duties apply. | Providers and deployers need operational controls, evidence files, conformity routes, incident reporting, human oversight, and post-market monitoring. |
| 2 August 2027 and later | Later transition points for certain systems and existing models. | Product-linked high-risk systems, existing GPAI models, and any amended dates require continuing legal monitoring. |
Practical Compliance Steps
Inventory and Classification
Compliance starts with a complete AI inventory. Each system should have an owner, provider/deployer role analysis, intended purpose, users, affected persons, data categories, model type, supplier details, jurisdictional footprint, and risk classification. The inventory should identify prohibited practices, Annex III use cases, Annex I product links, GPAI dependencies, transparency duties, and systems that remain minimal risk.
Governance, Roles, and Accountability
Organizations should establish a cross-functional AI governance process involving legal, security, privacy, engineering, product, procurement, risk, compliance, and business owners. The process should decide who can approve AI use, who signs off on high-risk classification, who owns post-market monitoring, who handles regulator contact, and who maintains evidence.
Role mapping is essential. A company may be a deployer for one system, a provider for a modified system, an importer for a non-EU product, and a downstream provider for a GPAI-enabled application. Contracts should reflect those roles rather than assuming the vendor carries all responsibility.
Risk Management, DPIAs, and FRIAs
High-risk AI requires a risk management system covering foreseeable misuse, known and reasonably foreseeable risks, mitigation measures, testing, residual risk, and lifecycle updates. Where personal data are involved, GDPR DPIAs should be coordinated with AI Act risk management. For deployments covered by Article 27, Fundamental Rights Impact Assessments should evaluate rights impacts, affected groups, oversight, complaint channels, and mitigations.
Data, Model, and Technical Controls
Data governance should cover provenance, relevance, representativeness, bias, completeness, security, retention, and permitted use. Model governance should cover versioning, evaluation, robustness, cybersecurity, explainability where needed, human oversight, performance thresholds, monitoring, rollback, and change control.
Technical documentation should be built as the system is developed. It should not be reconstructed after release. The documentation needs architecture diagrams, intended use, data summaries, validation evidence, risk decisions, oversight design, residual risks, instructions for use, logs, cybersecurity controls, and monitoring plans.
Transparency, Training, and Operations
Transparency duties should be designed into user interfaces, notices, procurement disclosures, model cards, labels, metadata, and content workflows. Staff need AI literacy training calibrated to their role: developers need design and testing expectations, procurement teams need vendor due diligence, deployers need operating instructions, and executives need risk and accountability visibility.
Post-market monitoring should connect production telemetry, user feedback, incident management, model drift, complaint handling, supplier updates, and regulatory reporting. Compliance is iterative; it should be integrated into ordinary quality, security, privacy, and risk management rather than managed as a one-time legal review.
Impact on Innovation, SMEs, and Trade
The AI Act aims to increase trust and legal certainty, but it also increases compliance cost. High-risk AI providers may need legal review, technical documentation, validation testing, security controls, human oversight design, monitoring infrastructure, conformity assessment, and ongoing audit readiness. For smaller organizations, that effort can be material even when fees are reduced.
The Act includes support measures for SMEs and start-ups, including regulatory sandboxes, priority access, guidance, templates, and proportionate fees. The value of these measures will depend on national implementation, the capacity of authorities, the availability of harmonised standards, and whether guidance arrives early enough to shape engineering work rather than post hoc remediation.
Trade effects are also significant. Non-EU providers that serve EU markets must comply or limit availability. The Act may create a Brussels effect by shaping global AI governance practices, but it also creates divergence from jurisdictions that rely more heavily on voluntary frameworks. Multinational organizations should therefore map AI Act obligations against NIST AI RMF, ISO/IEC 42001, sector regulations, US state law, Chinese AI rules, and contractual commitments.
Stakeholder Positions and Legal or Political Challenges
EU institutions present the Act as a values-based trust framework that protects health, safety, fundamental rights, democracy, rule of law, and environmental interests while supporting innovation. The Parliament pushed for stronger rights safeguards during negotiations, while the Council and industry stakeholders pressed for clarity, proportionality, and workable implementation.
Member State positions differ. Some governments and regulators emphasize rights protection and strong safeguards; others focus on competitiveness, administrative burden, unclear standards, or the risk of uneven enforcement. The European AI Board, AI Office, scientific panel, advisory forum, and national market surveillance authorities are intended to coordinate interpretation, but practical enforcement may still vary across Member States.
Industry groups often support the objective of trustworthy AI while warning that compliance cost, unclear standards, overlapping laws, and tight deadlines could slow deployment. Civil society and academic organizations often argue the opposite: that some final compromises remain too weak, especially around migration, biometric surveillance, workplace monitoring, social scoring, and remedies for affected people.
The likely disputes will involve the definition of AI system, what counts as intended purpose, when an Annex III system is exempt from high-risk classification, what constitutes substantial modification, how GPAI systemic-risk duties work, how copyright and training-data transparency are enforced, and how AI Act evidence interacts with liability claims.
Case Studies and Examples
AI Hiring Platform
An AI system that screens job applicants falls within an Annex III employment use case and is generally high risk. The provider must manage training data quality, document selection criteria, test for bias, design human oversight, maintain technical documentation, perform conformity assessment, and issue the required declaration and CE marking. The employer using the system must inform relevant people where required, operate it according to instructions, preserve oversight, monitor outcomes, and escalate serious incidents or discriminatory behavior.
Consumer Chatbot
A customer-service chatbot may not be high risk, but it must tell users they are interacting with AI unless that is obvious. If the same system generates public-interest content or synthetic media, additional labelling duties may apply. No CE marking is required simply because the system is a chatbot, but GDPR, consumer protection, accessibility, security, and advertising rules can still apply.
Autonomous Driving Component
An AI braking or perception module in an autonomous vehicle may be a safety component linked to EU product legislation and therefore high risk. The provider must satisfy AI Act obligations and the relevant vehicle or product safety regime. Documentation, validation, fail-safe behavior, cybersecurity, and post-market monitoring become central evidence. If harm occurs, product-liability, contract, insurance, and national tort rules may be engaged alongside regulatory enforcement.
Facial Recognition for Law Enforcement
Real-time remote biometric identification in publicly accessible spaces for law enforcement is prohibited except for narrow, authorised situations. Even where a legal exception applies, the system remains highly controlled and requires safeguards, authorisation, documentation, and oversight. Unauthorized use would create the highest enforcement exposure.
Gaps, Ambiguities, and Recommendations
Definition and Scope
The Act’s definition of an AI system is broad and technology-neutral. That supports future-proofing but can create uncertainty for conventional statistical systems, rule-based tools, and hybrid software. Organizations should document classification decisions, especially where they decide that a system is not an AI system or is not high risk.
General-Purpose AI Models
GPAI obligations remain one of the fastest-moving parts of the regime. Questions remain around systemic-risk classification, documentation depth, training-data summaries, downstream information, copyright compliance, and how voluntary codes of practice will be used in enforcement. Providers and downstream users should preserve model documentation, supplier evidence, evaluation records, and usage restrictions.
GDPR Interaction
The AI Act references data protection but does not make GDPR compliance a substitute for AI Act compliance or vice versa. Organizations should treat GDPR as a baseline for AI systems processing personal data and should align DPIAs with AI Act risk management and FRIAs where possible.
Liability and Enforcement Coordination
The Act does not settle every liability allocation question. Courts and regulators will need to work through responsibility among model developers, application providers, deployers, data providers, integrators, and product manufacturers. Enforcement coordination will also be tested because national authorities may differ in capacity, priorities, and interpretation.
Practical Recommendations
Policymakers should prioritize sector-specific guidance, harmonised standards, conformity tools, SME support, sandbox access, and consistent enforcement coordination. Organizations should prioritize AI inventory, risk classification, role mapping, procurement controls, privacy alignment, technical documentation, human oversight, monitoring, incident response, standards participation, and executive-level accountability.
References
- Regulation (EU) 2024/1689, Artificial Intelligence Act, Official Journal text
- European Commission, AI Act overview
- European Commission, AI Office
- European Commission, General-purpose AI Code of Practice
- EDPB and EDPS Joint Opinion 5/2021 on the AI Act proposal
- Regulation (EU) 2016/679, General Data Protection Regulation
- Directive (EU) 2024/2853 on liability for defective products
- ISO/IEC 42001 AI management system standard