Chapter V of the EU AI Act, covering Articles 51 to 56, establishes a dedicated regulatory framework for general-purpose AI models. This framework operates separately from the high-risk AI system obligations in Chapter III. A GPAI model provider is not automatically subject to the high-risk framework, and a high-risk AI system provider is not automatically subject to the GPAI framework. The two frameworks can apply simultaneously where a GPAI model is integrated into a high-risk AI system.
The GPAI framework became enforceable on 2 August 2025. Providers of GPAI models placed on the EU market from that date are subject to the full set of obligations. Providers of models placed on the market before 2 August 2025 have until 2 August 2027 under the transitional provisions in Article 111(3).
This guide covers the definition of a GPAI model, the classification of systemic risk, the obligations applicable to all GPAI providers, the additional obligations for systemic risk models, the codes of practice, the open-source exemptions, and the Authorised Representative requirement for non-EU providers. It reflects the text of Regulation (EU) 2024/1689 and the guidance issued by the European AI Office through May 2026, including the finalised GPAI Code of Practice.
Key Definitions
| Term | Definition | Legal basis |
|---|---|---|
| General-purpose AI model | An AI model trained with a large amount of data using self-supervision at scale, that displays significant generality and is capable of competently performing a wide range of distinct tasks, and that can be integrated into a variety of downstream systems or applications | Article 3(63) |
| General-purpose AI system | An AI system based on a general-purpose AI model that has the capability to serve a variety of purposes, both for direct use and for integration in other AI systems | Article 3(66) |
| Provider of a GPAI model | A natural or legal person that develops a GPAI model and places it on the market, whether for payment or free of charge | Article 3(3) |
| Downstream provider | A provider of an AI system, including a general-purpose AI system, that integrates a GPAI model into their own product or service | Article 3(68) |
| Systemic risk | A risk specific to high-impact GPAI models with the potential for significant negative effects on public health, safety, public security, or fundamental rights at Union scale | Article 3(65) |
| High-impact capabilities | Capabilities equal to or exceeding those of the most advanced GPAI models, assessed by technical tools and benchmarks | Article 51(1) |
| Floating-point operation (FLOP) | Any mathematical operation or assignment involving floating-point numbers | Article 3(67) |
| Open-source GPAI model | A GPAI model whose parameters, architecture, and training and evaluation data are publicly disclosed under a free and open-source licence | Article 53(2) |
The GPAI Framework at a Glance
| Obligation | All GPAI providers | Systemic risk only | Legal basis |
|---|---|---|---|
| Technical documentation | Yes | Yes (enhanced) | Article 53(1)(a), Annex XI |
| Copyright transparency | Yes | Yes | Article 53(1)(b)-(c) |
| Downstream provider cooperation | Yes | Yes | Article 53(1)(d) |
| Code of practice compliance | Yes (or equivalent) | Yes (or equivalent) | Article 56 |
| Systemic risk assessment | No | Yes | Article 55(1)(a) |
| Adversarial testing | No | Yes | Article 55(1)(a) |
| Incident reporting to AI Office | No | Yes | Article 55(1)(b) |
| Cybersecurity measures | No | Yes | Article 55(1)(c) |
| Energy efficiency reporting | No | Yes | Article 55(1)(d) |
| Authorised Representative (non-EU) | Yes | Yes | Article 54 |
| Open-source exemption available | Yes (partial) | No | Article 53(2) |
1. What Is a GPAI Model
The Statutory Definition
Article 3(63) defines a general-purpose AI model as “an AI model, including where such an AI model is trained with a large amount of data using self-supervision at scale, that displays significant generality and is capable of competently performing a wide range of distinct tasks regardless of the way the model is placed on the market and that can be integrated into a variety of downstream systems or applications, except AI models that are used for research, development or prototyping activities before they are placed on the market.”
Four elements of this definition require unpacking.
The reference to training with large amounts of data using self-supervision at scale describes the training methodology associated with modern foundation models. Self-supervision means the model learns from unlabelled data by predicting parts of the input from other parts, without human-labelled training examples. At scale means the training involves compute and data volumes substantially beyond what is used for narrow task-specific models.
Significant generality means the model can perform across a broad range of tasks without being retrained for each one. A model trained only to classify images of specific industrial components is not a GPAI model. A model capable of image classification, text generation, summarisation, translation, and code writing is.
The reference to integration into a variety of downstream systems captures the supply chain dimension of GPAI regulation. The model itself may be placed on the market by one provider, then integrated by multiple downstream providers into their own products, each of which may be high-risk systems.
The research and development exclusion is temporally limited. A model used internally for research before any market placement is outside scope. The moment the model is placed on the market, including through API access, the exclusion ceases to apply.
GPAI Model versus GPAI System
The Act distinguishes between a GPAI model and a GPAI system. A GPAI model is the underlying model capable of a wide range of tasks. A GPAI system is an AI system built on a GPAI model. The obligations in Chapter V apply to providers of GPAI models. The obligations applicable to GPAI systems depend on the risk classification of the system under Article 6.
| Entity | What it is | Primary obligations |
|---|---|---|
| GPAI model | The underlying model placed on the market or made available to downstream providers | Chapter V obligations |
| GPAI system | An AI system integrating a GPAI model and serving a purpose for end users | Article 6 classification applies. If high-risk, Chapter III obligations apply |
| Downstream provider of a GPAI system | A provider integrating a GPAI model into a product they place on the market | Chapter III obligations if high-risk. Must also comply with downstream information obligations |
What Is Not a GPAI Model
The definition excludes models designed for a single specific task, regardless of how sophisticated those models are. A model trained to detect cancer in medical images is not a GPAI model. A model trained to translate between two languages is not a GPAI model. A model trained to play chess is not a GPAI model. The defining characteristic is the capacity for significant generality across distinct task types.
The exclusion for research, development, and prototyping activities applies only before market placement. A provider cannot maintain the research exclusion indefinitely by characterising an operationally deployed model as a research project.
2. Classification: Systemic Risk
The Two-Track Classification
The GPAI framework creates two tiers of provider: standard GPAI model providers, subject to the obligations in Article 53, and providers of GPAI models with systemic risk, subject to the additional obligations in Article 55.
Article 51(1) states: “A general-purpose AI model shall be classified as a general-purpose AI model with systemic risk if it has high-impact capabilities evaluated on the basis of appropriate technical tools and methodologies, including indicators and benchmarks, or if it has a significant impact on the internal market due to its reach.”
Two classification pathways exist:
Pathway One: Compute Threshold
Article 51(2) states: “A general-purpose AI model shall be presumed to have high-impact capabilities pursuant to paragraph 1, when the cumulative amount of computation used for its training measured in floating point operations is greater than 10^25.”
This threshold creates an automatic presumption of systemic risk based on training compute. Providers of models trained above 10^25 FLOPs are subject to systemic risk obligations without any further assessment being required. The threshold applies to the total compute used in training, including pre-training and any subsequent fine-tuning phases that form part of the original training run.
Pathway Two: AI Office Designation
Article 51(1) also empowers the AI Office to designate a GPAI model as posing systemic risk where it has high-impact capabilities not captured by the compute threshold, or where its reach within the internal market creates a significant impact. The AI Office must publish guidelines on the criteria and process for such designations.
A provider that considers its model should be reclassified downward from systemic risk, either because the compute threshold was triggered incorrectly or because capabilities do not justify systemic risk classification, may submit a reasoned request to the AI Office under Article 52(2).
Notification Obligation
Article 52(1) states: “A provider of a general-purpose AI model shall notify the AI Office and the relevant national competent authorities without undue delay when the cumulative amount of computation used for its training measured in floating point operations is greater than 10^25, before placing that model on the market.”
Notification must precede market placement. It is not a post-market reporting obligation. The AI Office then has the authority to conduct an evaluation and, where warranted, impose systemic risk obligations.
| Classification pathway | Trigger | Obligation | Legal basis |
|---|---|---|---|
| Compute threshold | Training compute exceeding 10^25 FLOPs | Automatic presumption of systemic risk. Notify AI Office before market placement | Article 51(2), Article 52(1) |
| AI Office designation | High-impact capabilities or significant internal market reach below threshold | Designation following AI Office evaluation. Systemic risk obligations apply from designation | Article 51(1) |
| Provider self-assessment | Provider identifies systemic risk not captured by threshold | Notify AI Office proactively | Article 52 |
| Reclassification request | Provider considers systemic risk classification unwarranted | Submit reasoned request to AI Office | Article 52(2) |
3. Obligations Applicable to All GPAI Model Providers
Technical Documentation
Article 53(1)(a) states that providers of GPAI models must “draw up and keep up-to-date the technical documentation of the model, including its training and testing process and the results of its evaluation, which shall contain, at a minimum, the information set out in Annex XI for the purpose of providing it to the AI Office and the national competent authorities upon their request.”
Annex XI specifies the content of technical documentation for GPAI models. It is less prescriptive than the Annex IV requirements for high-risk AI systems but covers the essential information required to assess the model’s capabilities, limitations, and compliance with the Act.
| Annex XI documentation component | What must be included |
|---|---|
| General description | Name of the provider, name and version of the model, description of intended use, release date |
| Architecture description | Description of model architecture, training approach, and model parameters |
| Training data | Description of training data, data sources, data governance practices, and filtering or processing steps |
| Compute used | Total floating-point operations used in training |
| Known limitations | Description of known limitations, failure modes, and risks associated with the model |
| Performance evaluation | Results of evaluations, tests, and benchmarking conducted by the provider |
| Downstream integration information | Information on how the model can be integrated and what instructions downstream providers should follow |
| Copyright policy | Description of the policy applied for compliance with Union copyright law |
The technical documentation must be kept up to date throughout the period during which the model is on the market. Changes to the model, its training data, its architecture, or its intended deployment scope must be reflected in updated documentation.
Copyright Transparency
Article 53(1)(b) requires providers to “draw up and make publicly available a sufficiently detailed summary about the content used for training of the general-purpose AI model, according to a template provided by the AI Office.”
Article 53(1)(c) requires providers to “put in place a policy to comply with Union law on copyright and related rights, and in particular to identify and comply with, including through state of the art technologies, a reservation of rights expressed pursuant to Article 4(3) of Directive 2019/790.”
The copyright transparency obligation is substantive, not merely procedural. Providers must actively implement a policy for identifying and respecting copyright reservations in training data. The reference to Article 4(3) of Directive 2019/790 concerns the opt-out mechanism for text and data mining, under which rights holders may expressly reserve the right to prevent use of their works for training purposes. GPAI model providers must use technically available means to identify and honour such reservations.
The AI Office has published a template for the training data summary. Providers must use this template for the publicly available summary. The summary is distinct from the detailed technical documentation held for authorities, which is not required to be publicly accessible.
Downstream Provider Cooperation
Article 53(1)(d) requires providers to “make available to other providers wishing to build on top of the general-purpose AI model information and documentation, pursuant to paragraph 2, point (b), and without prejudice to the need to protect trade secrets, such information and documentation that enables downstream providers to understand the capabilities and limitations of the general-purpose AI model and comply with their obligations under this Regulation.”
This obligation creates a supply chain information duty. A downstream provider building a high-risk AI system on top of a GPAI model cannot comply with their Chapter III obligations without understanding the GPAI model’s capabilities, limitations, training data characteristics, and known failure modes. The GPAI model provider must make sufficient information available to enable this compliance, even where doing so requires disclosing information that touches on commercially sensitive aspects of the model.
The obligation to protect trade secrets operates as a limit on disclosure, not as an exemption from it. Providers cannot refuse to provide all documentation to downstream providers on the basis that any disclosure involves trade secrets. They must disclose what is necessary for downstream compliance and protect only what is genuinely confidential through appropriate means, including non-disclosure agreements and technical measures.
| Downstream information obligation | What must be provided | To whom |
|---|---|---|
| Capabilities description | What the model can and cannot do, across the range of tasks it is capable of performing | Downstream providers integrating the model |
| Limitations and failure modes | Known failure modes, hallucination tendencies, bias characteristics, and other limitations | Downstream providers |
| Training data summary | Description of training data sufficient for downstream providers to assess compliance implications | Downstream providers and the public (via AI Office template) |
| Integration instructions | Technical guidance on how to integrate the model and what constraints apply | Downstream providers |
| Copyright information | Information on training data copyright and how to comply with obligations that flow through to downstream use | Downstream providers |
4. Additional Obligations for Systemic Risk GPAI Models
Systemic Risk Assessment and Adversarial Testing
Article 55(1)(a) states that providers of GPAI models with systemic risk must “perform model evaluations in accordance with standardised protocols and tools reflecting the state of the art, including conducting and documenting adversarial testing of the model with a view to identifying and mitigating systemic risks.”
The adversarial testing requirement is the most technically demanding obligation in the GPAI framework. Providers must subject their models to structured attempts to elicit harmful, dangerous, or deceptive outputs, document the results, and implement mitigations for identified risks before and after market placement.
The AI Office publishes guidance on the protocols and tools that satisfy the state of the art standard. The GPAI Code of Practice provides further detail on the specific testing methodologies considered appropriate for models at the systemic risk tier.
| Systemic risk assessment component | What is required | Legal basis |
|---|---|---|
| Model evaluation | Evaluate model capabilities against standardised protocols and benchmarks | Article 55(1)(a) |
| Adversarial testing | Conduct structured red-teaming to identify risks of harmful outputs | Article 55(1)(a) |
| Documentation | Document evaluation and testing methodology, results, and mitigations applied | Article 55(1)(a) |
| Pre-market assessment | Complete evaluation and testing before placing model on market | Article 55(1)(a) |
| Post-market evaluation | Continue evaluation throughout model lifecycle as capabilities evolve | Article 55(1)(a) |
| Mitigation implementation | Implement and document mitigations for risks identified through evaluation | Article 55(1)(a) |
Serious Incident Reporting
Article 55(1)(b) states that providers of GPAI models with systemic risk must “assess and mitigate possible systemic risks at Union level, including their sources, that may stem from the development, the placing on the market, or the use of general-purpose AI models with systemic risk.”
Article 55(1)(b) further requires providers to “report to the AI Office without undue delay, and in any event within two weeks of becoming aware of it, any relevant information about serious incidents and possible corrective measures to address them.”
A serious incident for a GPAI model is defined in Article 3(49) by reference to its effects: death, serious harm to health, serious disruption to essential services, breach of fundamental rights obligations, or serious damage to property or the environment. The two-week reporting window begins from the date the provider becomes aware of the incident, not the date the incident occurred.
| Incident reporting requirement | What is required | Legal basis |
|---|---|---|
| Reporting trigger | Serious incident or malfunction with significant negative effects at Union scale | Article 55(1)(b) |
| Reporting deadline | Without undue delay, within two weeks of becoming aware | Article 55(1)(b) |
| Report recipient | AI Office | Article 55(1)(b) |
| Report content | Information about the incident, its causes, and corrective measures taken or planned | Article 55(1)(b) |
| Corrective measures | Take and report corrective measures to address the incident and prevent recurrence | Article 55(1)(b) |
Cybersecurity Measures
Article 55(1)(c) requires providers of systemic risk GPAI models to “ensure an adequate level of cybersecurity protection for the general-purpose AI model with systemic risk and the physical infrastructure of the model.”
The cybersecurity obligation for GPAI models addresses threats specific to large foundation models: data poisoning during training, model poisoning through fine-tuning, adversarial inputs designed to elicit harmful outputs, unauthorised access to model weights, and model theft or replication by adversarial actors. Providers must implement security measures proportionate to the systemic risks the model poses.
Where a GPAI model provider is also subject to the NIS2 Directive as an operator of essential services or a digital infrastructure provider, the NIS2 cybersecurity requirements apply in addition to Article 55(1)(c). Both sets of requirements must be satisfied independently.
Energy Efficiency Reporting
Article 55(1)(d) requires providers of systemic risk GPAI models to “report to the AI Office, upon its request, information relevant to the evaluation referred to in Article 92, using the template referred to in Article 92(2), including the name and total electricity consumption of the general-purpose AI models with systemic risk it has placed on the market.”
Energy consumption reporting is triggered by a request from the AI Office. It is not a proactive periodic reporting obligation in the same way as incident reporting. The AI Office may request energy consumption data as part of its ongoing evaluation of systemic risk models under Article 92.
5. The GPAI Code of Practice
Legal Status and Effect
Article 56(1) states: “The AI Office shall encourage and facilitate the drawing up of codes of practice at Union level in order to contribute to the proper application of this Regulation, taking into account international approaches.”
Article 56(3) states: “A code of practice shall be deemed to be adequate if it ensures compliance with the obligations laid down in Articles 53 and 55 of this Regulation.”
Adherence to an approved code of practice creates a presumption of conformity with the obligations it covers. A GPAI model provider that adheres to an approved code satisfies the corresponding obligations under Articles 53 and 55 without needing to demonstrate compliance through other means. Providers not adhering to any approved code must demonstrate compliance independently and remain subject to direct AI Office supervision.
Development Process
The AI Office facilitated the development of the GPAI Code of Practice through a multi-stakeholder process running from November 2024 through to July 2025. The process involved four drafting plenaries and extensive consultation with model providers, civil society, academia, and national competent authorities.
| Date | Development milestone |
|---|---|
| November 2024 | First drafting plenary convened by AI Office |
| January 2025 | First draft of Code published for public consultation |
| March 2025 | Second draft published following consultation feedback |
| May 2025 | Third and final draft published |
| 2 August 2025 | Code enters into operation as primary compliance reference for GPAI obligations |
What the Code Covers
The finalised code addresses the transparency and copyright obligations in Article 53, the systemic risk assessment and adversarial testing obligations in Article 55(1)(a), the incident reporting framework, and the cybersecurity expectations for systemic risk models. It provides specific guidance on:
| Code section | What it addresses |
|---|---|
| Transparency measures | Specific content and format requirements for training data summaries and model cards |
| Copyright compliance | Technical measures and processes for identifying and honouring Article 4(3) opt-outs |
| Risk taxonomy | Classification of systemic risks by category and severity |
| Evaluation protocols | Specific benchmarks and testing methodologies for capability and risk assessment |
| Adversarial testing | Red-teaming methodologies and documentation requirements |
| Incident classification | Criteria for classifying incidents as serious and triggering the reporting obligation |
| Cybersecurity baseline | Minimum cybersecurity measures for systemic risk model infrastructure |
Providers Not Adhering to the Code
A provider of a GPAI model that chooses not to adhere to any approved code of practice must notify the AI Office and demonstrate compliance with Articles 53 and 55 through alternative means. The AI Office may request documentation, conduct evaluations, and where necessary impose corrective measures under Articles 91 to 93. Non-adherence does not constitute a breach of the Act in itself. Failure to comply with the underlying Articles 53 and 55 obligations does.
6. Open-Source GPAI Models
The Partial Exemption
Article 53(2) states: “Providers of general-purpose AI models that are released under a free and open-source licence that allows for the access, use, modification, and distribution of the model, and of its parameters including the weights, the information on the model architecture, and the information on model usage, may choose not to comply with the obligations set out in points (a) and (b) of paragraph 1, unless the general-purpose AI models present systemic risks.”
The open-source exemption is partial, not total. It removes the obligation to prepare and hold technical documentation under Article 53(1)(a) and the obligation to prepare the training data summary under Article 53(1)(b), provided the required information is made publicly available. It does not remove the copyright compliance obligation under Article 53(1)(c) or the downstream provider cooperation obligation under Article 53(1)(d).
The exemption is conditioned on public disclosure. A provider cannot claim the open-source exemption while withholding the information that the exemption requires to be publicly accessible. The model weights, architecture information, training data information, and usage information must all be publicly disclosed under a licence meeting the open-source definition.
What Open-Source Does Not Exempt
| Obligation | Open-source exemption available |
|---|---|
| Technical documentation (Annex XI) | Yes, if information publicly disclosed |
| Training data summary | Yes, if information publicly disclosed |
| Copyright compliance policy | No |
| Downstream provider cooperation | No |
| Systemic risk assessment | No |
| Adversarial testing | No |
| Incident reporting | No |
| Cybersecurity measures | No |
| Authorised Representative (non-EU providers) | No |
The exclusion of systemic risk models from the open-source exemption is absolute. Article 53(2) states the exemption does not apply “unless the general-purpose AI models present systemic risks.” An open-source GPAI model trained above the 10^25 FLOP threshold, or designated as systemic risk by the AI Office, is subject to the full set of Articles 53 and 55 obligations regardless of its open-source status.
The Open-Source Licence Condition
The exemption applies only to models released under a licence that allows access, use, modification, and distribution of the model and its parameters including the weights. A licence that restricts commercial use, imposes output restrictions, or otherwise limits the free use of the model does not satisfy the open-source condition for exemption purposes, even if the model weights are publicly accessible.
7. Responsibilities Along the AI Value Chain
The Provider-Downstream Provider Relationship
The GPAI framework operates within a supply chain in which a GPAI model provider places a model on the market and downstream providers integrate that model into AI systems, which may themselves be high-risk. Article 25 governs how responsibilities are allocated along this chain.
Article 25(1) states: “Where a high-risk AI system is placed on the market or put into service under the name or trademark of a natural or legal person who is not the original provider, that natural or legal person shall be considered to be the provider of the high-risk AI system and shall assume the obligations of the provider.”
A downstream provider who integrates a GPAI model into a high-risk AI system and places that system on the market under their own name becomes the provider of the high-risk AI system for the purposes of Chapter III. The GPAI model provider’s Chapter V obligations and the downstream provider’s Chapter III obligations coexist and must both be satisfied.
| Role | What triggers it | Primary obligations |
|---|---|---|
| GPAI model provider | Develops and places GPAI model on EU market | Chapter V: Articles 53-55 |
| Downstream provider of high-risk AI system | Integrates GPAI model into high-risk system placed on market under own name | Chapter III: Articles 9-17, 43-49 |
| Downstream provider of non-high-risk GPAI system | Integrates GPAI model into system not classified as high-risk | Article 50 transparency obligations where applicable |
| Deployer of GPAI system | Uses a GPAI system in professional context | Article 26 deployer obligations if system is high-risk |
What GPAI Providers Must Provide to Downstream Providers
The cooperation obligation in Article 53(1)(d) requires GPAI model providers to make available to downstream providers the information needed to comply with their own obligations. In practice, this requires GPAI providers to maintain documentation that addresses not only their own Chapter V obligations but also the questions that downstream providers will need to answer for their Chapter III compliance.
The following information is particularly relevant for downstream providers building high-risk systems:
| Information category | Why downstream providers need it |
|---|---|
| Accuracy metrics and benchmarks | Required for Article 15 accuracy declaration |
| Known failure modes and limitations | Required for Article 9 risk assessment and Article 13 instructions for use |
| Training data characteristics | Required for Article 10 data governance assessment |
| Bias characteristics and affected groups | Required for Article 10 bias examination and Article 27 FRIA |
| Cybersecurity architecture | Required for Article 15 cybersecurity assessment |
| Intended deployment scope | Required for Article 6 classification assessment |
8. Authorised Representative for Non-EU GPAI Providers
The Obligation
Article 54(1) states: “Prior to placing a general-purpose AI model on the Union market, providers established in third countries shall, by written mandate, appoint an authorised representative which is established in the Union.”
Non-EU providers of GPAI models placed on the EU market from 2 August 2025 must appoint an EU-established Authorised Representative before market placement. The obligation is unconditional for non-EU providers. It applies to standard GPAI models and systemic risk models alike. It applies whether the model is open-source or proprietary, subject to the open-source exemption applying to the underlying documentation obligations.
A UK-established entity does not qualify. The representative must be established in an EU member state.
What the Authorised Representative Must Do
Article 54(3) sets out the obligations of the Authorised Representative for GPAI model providers:
| Obligation | What is required | Legal basis |
|---|---|---|
| Mandate availability | Provide copy of mandate to AI Office upon request | Article 54(3)(a) |
| Documentation verification | Verify that technical documentation is prepared and that compliance with Articles 53 and 55 is fulfilled | Article 54(3)(b) |
| Record retention | Keep technical documentation for 10 years after the model is placed on the market, together with the provider’s contact details | Article 54(3)(c) |
| Information provision | Provide the AI Office with all information necessary to demonstrate compliance upon reasoned request | Article 54(3)(d) |
| Cooperation | Cooperate with the AI Office and competent authorities in any action concerning the model | Article 54(3)(e) |
| Mandate termination | Terminate the mandate and notify the AI Office immediately if the provider acts contrary to the Act | Article 54(4) |
Termination of the Mandate
Article 54(4) states: “The authorised representative shall terminate the mandate if it considers or has reason to consider the provider of the general-purpose AI model to be acting contrary to its obligations pursuant to this Regulation. In such a case, it shall immediately inform the AI Office about the termination of the mandate and the reasons therefor.”
The termination obligation is mandatory. An Authorised Representative that becomes aware of provider non-compliance and does not terminate the mandate and notify the AI Office is itself in breach of the Act.
9. Enforcement and Penalties
AI Office Enforcement Powers
The AI Office is the primary enforcement body for GPAI model obligations. Articles 88 to 94 set out its enforcement powers, which include requesting documentation and information from providers, conducting evaluations of GPAI models, requesting providers to take corrective measures, and imposing fines.
Article 91(1) states: “The AI Office may request providers of general-purpose AI models and third parties that have been involved in the distribution or deploying of general-purpose AI models to provide documentation or information that is necessary for the purpose of supervision and evaluation activities.”
Article 92 empowers the AI Office to conduct evaluations of GPAI models, including evaluations of systemic risk models, drawing on the Scientific Panel of Independent Experts. Providers must cooperate with these evaluations, provide access to model weights and parameters, and implement corrective measures where the evaluation identifies compliance failures.
Penalties
| Infringement | Maximum fine | Legal basis |
|---|---|---|
| Failure to comply with Chapter V GPAI obligations | EUR 15,000,000 or 3% of total worldwide annual turnover, whichever is higher | Article 99(4) |
| Failure to comply by GPAI providers with systemic risk | EUR 15,000,000 or 3% of total worldwide annual turnover, whichever is higher | Article 99(4) |
| Supplying incorrect or misleading information to AI Office | EUR 7,500,000 or 1% of total worldwide annual turnover, whichever is higher | Article 99(5) |
| Violations subject to Article 101 | Periodic penalty payments for ongoing non-compliance | Article 101 |
Article 101 provides the AI Office with the power to impose periodic penalty payments to compel providers to provide access to information, remedy non-compliance, or implement corrective measures. These payments are in addition to, not instead of, the Article 99 fines.
For SMEs and start-ups, fines are capped at the lower of the applicable percentage or fixed amount under Article 99(6).
10. Transitional Provisions and Current Status
Application Timeline
| Obligation | Application date | Transitional deadline for legacy models |
|---|---|---|
| GPAI model obligations (Articles 53-55) for new models | 2 August 2025 | Not applicable |
| GPAI model obligations for models placed on market before 2 August 2025 | 2 August 2027 | 2 August 2027 |
| Authorised Representative for GPAI providers | 2 August 2025 (new models) | 2 August 2027 (legacy models) |
| GPAI Code of Practice | 2 August 2025 | Applies from this date for new models |
Article 111(3) states: “General-purpose AI models that have been placed on the market before 2 August 2025 shall comply with the obligations set out in this Regulation by 2 August 2027.”
Providers of legacy models should not treat the 2027 transitional deadline as permission to delay compliance work. The AI Office has authority under Articles 91 to 93 to request information from and conduct evaluations of GPAI models regardless of whether the transitional deadline has passed. Providers whose models pose systemic risk are particularly likely to be subject to AI Office engagement during the transitional period.
Digital Omnibus: GPAI Position
The Digital Omnibus package published by the Commission in February 2025 does not propose substantive changes to the GPAI framework in Articles 51 to 56. The GPAI obligations that applied from 2 August 2025 are unaffected by the current proposals. The Digital Omnibus proposals concern primarily the high-risk AI system timeline and certain definitional questions that may affect whether some systems fall within the Act’s scope at all.
Frequently Asked Questions
We provide an API that gives access to our large language model. Are we a GPAI model provider?
Yes, if your model meets the definition in Article 3(63): trained with large amounts of data, capable of performing a wide range of distinct tasks, and capable of being integrated into downstream systems. Providing API access constitutes placing the model on the market. The exemption for research and development activities applies only before any market placement. API access to paying or non-paying customers constitutes market placement.
Our model was fine-tuned from an open-source base model. Are we a GPAI model provider?
Yes, if your fine-tuned model meets the definition of a GPAI model and you place it on the market. Fine-tuning does not exempt a provider from the GPAI framework. If you fine-tune a base model and make the resulting model available to others, you are the provider of the fine-tuned GPAI model and carry the obligations under Articles 53 and 55 for that model. Your obligations may overlap with those of the base model provider under the downstream provider framework.
We provide a GPAI model. One of our customers has built a high-risk AI system using our model. What are our obligations?
Your obligations remain those in Chapter V: technical documentation, copyright transparency, downstream provider cooperation, and, if your model is systemic risk, the additional Article 55 obligations. You must provide your customer with sufficient information under Article 53(1)(d) to enable them to comply with their Chapter III high-risk AI obligations. You are not responsible for your customer’s Chapter III compliance, but you are responsible for giving them the information they need to achieve it.
Our model was trained below the 10^25 FLOP threshold. Can the AI Office still designate it as systemic risk?
Yes. Article 51(1) gives the AI Office authority to designate GPAI models as posing systemic risk where they have high-impact capabilities or significant internal market reach, regardless of whether the compute threshold is met. The compute threshold creates an automatic presumption. It does not define the outer limit of systemic risk classification.
We are a non-EU provider of a GPAI model. Do we need an Authorised Representative if our model is open-source?
Yes. The open-source exemption in Article 53(2) does not affect the Authorised Representative requirement in Article 54. The obligation to appoint an EU-established Authorised Representative applies to all non-EU GPAI model providers placing their models on the EU market, regardless of open-source status, model size, or systemic risk classification.
We adhere to the GPAI Code of Practice. Does that mean we are automatically compliant?
Adherence to an approved code of practice creates a presumption of conformity with the obligations the code covers. It does not create an absolute guarantee of compliance or immunity from enforcement. The AI Office retains authority to conduct evaluations of GPAI models and request corrective measures even from providers adhering to the code. Compliance is assessed against the underlying obligations in Articles 53 and 55, with the code serving as the primary evidence of how those obligations are met.
What information must we disclose publicly and what can we keep confidential?
The training data summary under Article 53(1)(b) must be made publicly available using the AI Office template. The technical documentation under Article 53(1)(a) must be provided to the AI Office and national competent authorities upon request but is not required to be publicly accessible. Commercial confidentiality may protect specific elements of technical documentation from public disclosure, but it cannot prevent disclosure to regulatory authorities. The downstream provider cooperation obligation in Article 53(1)(d) requires disclosure to downstream providers of information necessary for their compliance, subject to trade secret protections applied through appropriate measures such as confidentiality agreements.
Our model generates content that downstream providers use in their products. Are we liable for what they do with it?
Your liability under the Act is limited to your Chapter V obligations. You are responsible for the accuracy of your technical documentation, the adequacy of your copyright compliance policy, the sufficiency of information provided to downstream providers, and, for systemic risk models, your evaluation and incident reporting obligations. You are not responsible for how downstream providers classify, deploy, or use your model in their own systems. However, where you become aware that a downstream provider is using your model in a way that creates systemic risks, your cooperation obligations under Article 55 may require you to take steps to address those risks.
We are building on a GPAI model. Do we need to conduct our own GPAI compliance, or does the model provider cover this?
If you are building a downstream product on a GPAI model, your obligations depend on what you build and how you deploy it. You are not a GPAI model provider unless you independently place a GPAI model on the market. If you integrate a GPAI model into a high-risk AI system and place that system on the market under your name, you are a high-risk AI system provider subject to Chapter III. The GPAI model provider’s Chapter V obligations are separate from and do not substitute for your Chapter III obligations.
This guide reflects the text of Regulation (EU) 2024/1689 as published in the Official Journal on 12 July 2024, the finalised GPAI Code of Practice as adopted by 2 August 2025, and applicable guidance issued by the European AI Office through May 2026. It is published for general informational purposes and does not constitute legal advice. Providers of GPAI models should obtain advice specific to their models, deployment arrangements, and market context.
