When is the EU AI Act enforcement deadline?

High-risk AI system obligations are fully enforceable from 2 August 2026. GPAI model obligations apply from 2 August 2025.

🇪🇺 European Union — 27 Member States

EU AI Act & GDPR Compliance

The EU AI Act is the world's first comprehensive AI regulation, enforceable across all 27 EU member states from 2 August 2026. GeraCompliance helps teams prepare the core compliance workflow: risk classification, documentation, conformity-assessment readiness, and audit-ready reporting.

Enforcement deadline: 2 August 2026 — EU AI Act provisions for high-risk and general-purpose AI systems become fully enforceable. Non-compliance penalties: up to €30M or 6% of global annual turnover.

Start Your Free EU AI Act Assessment

What Is the EU AI Act?

The EU Artificial Intelligence Act (Regulation 2024/1689) entered into force on 1 August 2024 and establishes a unified legal framework for AI systems deployed in the European Union. It applies to any provider, deployer, importer, or distributor of AI systems whose output affects persons in the EU — regardless of where the organisation is headquartered.

The Act uses a risk-based tiered approach: Unacceptable Risk (banned), High Risk (strict compliance obligations), Limited Risk (transparency obligations), and Minimal Risk (no obligations). High-risk systems — including AI used in employment, education, biometrics, healthcare, and critical infrastructure — must undergo conformity assessments, maintain technical documentation, and register in the EU AI Act database before deployment.

GeraCompliance supports the compliance lifecycle: classify your system, generate required documentation (technical file, instructions for use, incident logs), track milestones against enforcement deadlines, and export audit-ready reports.

Key EU AI Act Obligations

Risk Classification

GeraCompliance classifies your AI system across all risk tiers using the Act's Annexes. Automated analysis reduces classification errors and contested audits.

Technical Documentation

Generate Annex IV-compliant technical files, system descriptions, and conformity declarations. Auto-populated from your system data.

GPAI Model Compliance

General-purpose AI models (like LLMs) face separate obligations from August 2025 onwards. GeraCompliance tracks GPAI-specific requirements including transparency summaries.

GDPR Alignment

The EU AI Act and GDPR intersect significantly. GeraCompliance maps your AI data processing obligations across both regulations to avoid dual-compliance gaps.

Conformity Assessments

High-risk systems must undergo conformity assessment before EU deployment. GeraCompliance prepares your documentation package for notified bodies.

Ongoing Monitoring

Post-market surveillance requirements apply to high-risk systems. GeraCompliance tracks incidents, performance drift, and re-assessment triggers.

EU AI Act Enforcement Timeline

1 August 2024

Regulation entered into force

2 February 2025

Prohibited AI practices ban — unacceptable-risk systems must be withdrawn

2 August 2025

GPAI model obligations and governance rules apply

2 August 2026

Full enforcement — high-risk AI systems must be compliant

2 August 2027

High-risk systems in Annex I products (machinery, medical devices) — extended deadline

All 27 EU Member States Covered

GeraCompliance covers organisations operating or deploying AI in any EU member state. Country-specific guidance is provided where national implementation laws vary.

Austria
Belgium
Bulgaria
Croatia
Cyprus
Czech Republic
Denmark
Estonia
Finland
France
Germany
Greece
Hungary
Ireland
Italy
Latvia
Lithuania
Luxembourg
Malta
Netherlands
Poland
Portugal
Romania
Slovakia
Slovenia
Spain
Sweden

EU AI Act + GDPR: Dual Compliance

Most AI systems that process personal data of EU residents are subject to both the EU AI Act and GDPR simultaneously. GeraCompliance maps obligations across both frameworks in a single compliance view, identifying where requirements overlap, where they diverge, and where a single control satisfies both.

Key intersection areas include: Data Protection Impact Assessments (DPIA) and AI conformity assessments, human oversight requirements and data subject rights, and transparency obligations under both regulations.

Frequently Asked Questions

Does the EU AI Act apply to companies outside the EU?

Yes. The EU AI Act applies to any provider or deployer whose AI system outputs affect persons in the EU, regardless of where the company is based. US, UK, and non-EU companies deploying AI to EU users must comply.

What are the penalties for non-compliance with the EU AI Act?

Penalties vary by violation type: up to €35M or 7% of global turnover for prohibited AI practices; up to €15M or 3% for other violations; up to €7.5M or 1.5% for providing incorrect information to authorities.

What is a high-risk AI system under the EU AI Act?

High-risk systems are listed in Annex III and include AI used in employment and recruitment, access to education, credit scoring, biometric identification, healthcare, critical infrastructure, and border control, among others.

How does GeraCompliance help with GPAI model compliance?

GeraCompliance tracks obligations for general-purpose AI models including transparency summaries, copyright policy documentation, and systemic risk assessments for models with over 10^25 FLOPs training compute.

When do I need to be compliant for the August 2026 deadline?

You need to complete conformity assessment, prepare your technical documentation, and register in the EU AI Act database before 2 August 2026 for high-risk AI systems. GeraCompliance builds a milestone timeline specific to your system.

EU AI Act deadline: 2 August 2026

Don't wait until the deadline. Start your free EU AI Act risk assessment today and get a personalised compliance roadmap in under 10 minutes.

Start Free Assessment

A Gera Services product