What are the highest penalties under the EU AI Act?

Up to €35 million or 7% of global annual turnover (whichever is higher) for violations of prohibited AI practices. High-risk AI violations can reach €15 million or 3% of global turnover.

What is a General Purpose AI (GPAI) model under the EU AI Act?

A GPAI model is an AI model trained on large amounts of data, capable of serving a wide range of downstream tasks. Examples include large language models (LLMs) like GPT-4 or Claude. GPAI models with systemic risk face additional obligations.

When do high-risk AI requirements take effect?

The core obligations for high-risk AI systems (Annex III) take effect in August 2026. Some provisions, including prohibited AI and GPAI model rules, apply earlier — from August 2025.

What is a conformity assessment under the EU AI Act?

A conformity assessment is a process through which a high-risk AI system is evaluated to verify it meets the Act's requirements before being placed on the EU market. For some categories, this can be a self-assessment; others require a third-party notified body.

Do SMEs get any relief under the EU AI Act?

Yes. SMEs and startups benefit from reduced administrative burdens, access to regulatory sandboxes, and proportionate compliance requirements. Member States must establish AI regulatory sandboxes specifically to support SME innovation.

EU AI Act: Compliance Guide (2026)

Q: Does the EU AI Act apply to non-EU companies?

Yes. The EU AI Act has extraterritorial reach — any company placing AI systems on the EU market or using AI systems that affect EU residents must comply, regardless of where the company is headquartered.

Effective

August 1, 2024

Enforcement

August 2026

Max Penalty

€35 million or 7% of global turnover

Jurisdiction

European Union

§ Timeline

Aug 2024Feb 2025Aug 2025Aug 2026Aug 2027

Entry into forceProhibitions applyGPAI obligationsMain obligationsFull enforcement

Overview

The EU AI Act (Regulation 2024/1689) entered force on July 12, 2024. It covers every organization — EU-based or not — that places AI systems on the EU market, uses AI professionally in the EU, or imports and distributes AI systems sold into EU member states.

Four risk tiers determine compliance obligations. Unacceptable-risk systems are banned outright (enforceable since February 2, 2025). High-risk systems listed in Annex I or Annex III must clear a conformity assessment, register in the EU AI database, and carry CE marking before going to market — most Annex III providers self-assess under Article 43, while biometric identification and critical infrastructure AI require third-party assessment under Annex VII procedures. Limited-risk systems — chatbots, emotion recognition tools, deepfake generators — must disclose their AI nature to users. Minimal-risk applications (spam filters, AI in video games, inventory tools) face no mandatory requirements.

Penalties follow the same four-tier logic: up to €35 million or 7% of global annual turnover for deploying prohibited AI (Article 99); €15 million or 3% for high-risk violations; €7.5 million or 1.5% for providing false or misleading information to authorities. SME penalties are capped at the lower applicable ceiling. National AI authorities handle enforcement; the European AI Office handles GPAI model oversight.

Risk Classification

Article 6 and Annex I–III define the classification. The EU does not self-certify risk tiers — providers use the criteria in the Act to determine their category, then proceed to the conformity assessment pathway that tier requires.

Tier 1 — Unacceptable Risk (Prohibited)

AI applications that pose an unacceptable risk to fundamental rights are banned outright. See the Prohibited AI Practices section below.

Tier 2 — High Risk

High-risk AI systems must meet extensive requirements before they can be placed on the EU market. There are two sub-categories:

Annex I — AI used as a safety component in products already governed by EU product safety legislation (medical devices, machinery, aviation, automotive, etc.)

Annex III — Standalone high-risk AI systems in eight sensitive areas:

Biometric identification and categorization
Critical infrastructure management (energy, water, transport)
Education — access to educational institutions, assessment of learners
Employment — recruitment, selection, promotion, termination, task allocation
Essential private and public services — creditworthiness, insurance risk assessment, social benefits
Law enforcement — risk assessments, polygraphs, evidence reliability evaluation
Migration, asylum, and border control — risk assessment, visa applications
Administration of justice — AI assisting courts

Tier 3 — Limited Risk

AI systems that interact directly with humans (e.g., chatbots, deepfake generators) must disclose their AI nature. Emotion recognition and biometric categorization systems have additional transparency requirements.

Tier 4 — Minimal Risk

The vast majority of AI applications — spam filters, AI-powered video games, inventory management tools — fall here. There are no mandatory requirements, though providers are encouraged to adopt voluntary codes of conduct.

Prohibited AI Practices

The following eight AI applications are banned across all EU member states. Enforcement began February 2, 2025. National authorities can impose penalties of up to €35 million or 7% of global annual turnover per violation under Article 99(2).

Social scoring by public authorities — government systems that classify individuals based on behavior, social characteristics, or personality to assign scores affecting their access to services or benefits.
Real-time remote biometric identification (RBI) in public spaces — using live facial recognition or similar AI in publicly accessible areas for law enforcement purposes (with narrow exceptions for specific crimes and with judicial authorization).
Biometric categorization by protected characteristics — inferring race, political opinions, trade union membership, religious beliefs, or sexual orientation from biometrics.
Subliminal manipulation — AI that exploits unconscious vulnerabilities to manipulate behavior in ways that harm the person.
Exploitation of vulnerabilities — targeting AI specifically at vulnerable groups (children, people with disabilities) to distort behavior harmfully.
Untargeted facial scraping — mass harvesting of facial images from the internet or CCTV to build facial recognition databases.
Emotion recognition in workplaces and educational institutions — inferring employees' or students' emotional states through AI.
Predictive policing based solely on profiling — risk assessments for criminal behavior based purely on profiling without objective evidence of prior activity.

High-Risk AI Requirements

Providers of high-risk AI systems listed in Annex III must meet all nine requirements below before placing the system on the EU market. This is a pre-market gate, not a post-deployment obligation — CE marking and EU AI database registration must be complete before first commercial sale.

1. Risk Management System

Implement and maintain a documented risk management system throughout the AI system's lifecycle, identifying and mitigating foreseeable risks.

2. Data Governance

Training, validation, and testing datasets must be subject to appropriate data governance practices, including examination for biases and relevance to the intended purpose.

3. Technical Documentation

Prepare comprehensive technical documentation before market placement, covering system design, development methodology, performance metrics, and known limitations.

4. Record-Keeping / Logging

High-risk AI systems must automatically log events ("traceability") sufficient to enable post-hoc auditing, including the period of operation and reference data inputs where relevant.

5. Transparency & Instructions for Use

Provide clear instructions for use to deployers, including the system's purpose, performance characteristics, circumstances that may lead to risks, and human oversight requirements.

6. Human Oversight

Design systems to allow natural persons to effectively oversee them, detect and address failures, and override, stop, or intervene in their operation.

7. Accuracy, Robustness & Cybersecurity

Meet appropriate levels of accuracy for the intended purpose, demonstrate robustness against errors and adversarial attacks, and implement cybersecurity measures.

8. Conformity Assessment

Before market placement, conduct a conformity assessment (self-assessment for most Annex III systems; third-party assessment for biometric identification and critical infrastructure AI) and draw up an EU Declaration of Conformity.

9. CE Marking & Registration

Affix CE marking and register the AI system in the EU-wide AI database operated by the European Commission.

Obligations for Deployers

Organizations using high-risk AI (deployers) must:

Use the system in accordance with the provider's instructions for use
Assign human oversight to competent individuals
Monitor operation for unexpected risks
Keep logs for at least 6 months (or longer per sectoral law)
Conduct a Fundamental Rights Impact Assessment (FRIA) for public bodies and private entities providing regulated services

General Purpose AI Models

The EU AI Act adds a separate compliance track for General Purpose AI (GPAI) models — large foundation models capable of powering multiple downstream applications. The GPAI provisions took effect August 2, 2025.

Every GPAI provider, regardless of model size, must:

Maintain and update technical documentation describing the model's training approach, architecture, capabilities, and known limitations
Share documentation with downstream providers who integrate the model into their own systems
Comply with EU copyright law and publish summaries of training data used
Comply with the EU AI Code of Practice (or demonstrate equivalent compliance directly)

GPAI Models with Systemic Risk

GPAI models trained using more than 10^25 FLOPs of compute are presumed to carry systemic risk under Article 51. This threshold currently captures models comparable in scale to GPT-4, Gemini Ultra, and Claude 3 Opus — training runs costing roughly $50–100 million or more.

Providers of systemic-risk GPAI models face five additional requirements under Article 55:

Adversarial testing (red-teaming) before each major release, with documented findings
Incident reporting to the European AI Office for serious incidents, within defined timeframes
Cybersecurity protections appropriate to the model's capabilities and deployment context
Energy consumption reporting covering training and inference
Cooperation with the European AI Office during ongoing evaluations and investigations

Providers can rebut the 10^25 FLOPs presumption by demonstrating the model does not in fact pose systemic risks, but the burden of proof rests with the provider.

Compliance Timeline

Date	Milestone
July 12, 2024	EU AI Act enters into force
August 1, 2024	Act officially takes effect (20 days after publication)
February 2, 2025	Prohibited AI provisions enforceable
August 2, 2025	GPAI model obligations and governance provisions apply
August 2, 2026	High-risk AI (Annex III) requirements enforceable
August 2, 2027	High-risk AI (Annex I — product safety integrated) requirements enforceable
August 2, 2030	High-risk AI systems already on the market before August 2026 must comply

Penalties & Enforcement

The EU AI Act establishes a tiered penalty structure:

Violation	Maximum Fine
Prohibited AI practices (Tier 1)	€35 million or 7% of global annual turnover
High-risk AI obligations (Tier 2)	€15 million or 3% of global annual turnover
Providing incorrect/misleading information to authorities	€7.5 million or 1.5% of global annual turnover

SME cap: For small and medium enterprises, fines are capped at the lower of the above amounts.

Who Enforces?

Member State authorities: Each EU country must designate a National Competent Authority (NCA) to supervise market operators.
European AI Office: Supervises GPAI model providers directly and coordinates cross-border enforcement.
Market Surveillance Authorities: Existing product safety authorities enforce compliance for AI integrated into regulated products.

Compliance Steps

Follow this roadmap to prepare for EU AI Act compliance:

Inventory your AI systems. Catalog all AI systems your organization develops, deploys, or uses in a professional context affecting EU residents.
Classify each system by risk tier. Determine if each system falls under prohibited, high-risk, limited-risk, or minimal-risk categories using Annexes I and III.
Check if any systems are prohibited. If you run social scoring, mass facial scraping, or real-time RBI systems, you must cease operation by February 2, 2025.
For high-risk AI (Annex III):
- Build a risk management system with documented procedures
- Review training data governance practices
- Prepare technical documentation
- Implement logging and human oversight mechanisms
- Conduct conformity assessment
- Register in the EU AI database
For GPAI models:
- Evaluate whether your model exceeds the 10^25 FLOP threshold (systemic risk)
- Prepare technical documentation and training data summaries
- Engage with the EU AI Code of Practice process
For limited-risk AI:
- Implement required transparency notices (chatbots must disclose their AI nature; deepfakes must be labeled)
Appoint an EU representative if your organization is established outside the EU and places high-risk AI on the EU market.
Engage with regulatory sandboxes if you are an SME — member states are required to make these available to support compliance without full-scale implementation overhead.

Frequently Asked Questions

Does the EU AI Act apply to non-EU companies? Yes. If your AI system is placed on the EU market, used in the EU, or its outputs affect EU residents, you must comply — regardless of where your company is headquartered.

What are the highest penalties? Up to €35 million or 7% of global annual turnover for prohibited AI violations. High-risk AI requirement violations: up to €15 million or 3% of global turnover.

What is a GPAI model? A general-purpose AI model capable of serving many different downstream tasks, typically a large language model. Models exceeding 10^25 FLOPs of training compute face additional systemic-risk obligations.

When do high-risk AI requirements become enforceable? August 2, 2026 for most Annex III systems. Prohibited AI was enforceable from February 2025.

Do I need a third-party assessment for all high-risk AI? No — most Annex III systems can self-certify. Third-party notified body assessment is required only for real-time remote biometric identification and certain critical infrastructure AI.

What is the EU AI Office? The European AI Office is a new body within the European Commission responsible for directly supervising GPAI model providers, coordinating national enforcement, and developing standardization.

Are open-source AI models exempt? GPAI models released under a free and open-source license are largely exempt from technical documentation and information-sharing requirements — unless they pose systemic risk (>10^25 FLOPs).

Official Sources

§ Penalties

Tier 1

€35M / 7%

global turnover · prohibited practices

Tier 2

€15M / 3%

high-risk violations

Tier 3

€7.5M / 1.5%

incorrect information

§ Source documents

Consolidated text (EUR-Lex)

Annex III — high-risk list

GPAI Code of Practice

§ Also in The Ledger

▸ Explainer

The GPAI Code of Practice finally drops

▸ Analysis

The high-risk list, annotated

▸ Comparison

AI Act vs UK Safety Bill: overlap mapped

Stay ahead of AI compliance changes

Get weekly regulation updates, enforcement news, and compliance deadlines — free.

EU AI Act.