An EU AI Act Article is a numbered, self-contained legal clause within the regulation that defines a specific rule, such as a prohibited AI practice, a high-risk classification requirement, or a transparency obligation for general-purpose AI models. Each Article carries the full force of law and is directly enforceable.
Glossary
EU AI Act Article

What is an EU AI Act Article?
A specific, legally binding provision within the European Union's Artificial Intelligence Act that establishes a distinct regulatory requirement, prohibition, or obligation for AI systems.
Articles are the primary operational units of the Act, detailing precise compliance mandates like conformity assessments, human oversight mechanisms, and post-market surveillance duties. They are structured hierarchically under Titles and Chapters, and non-compliance with a specific Article triggers distinct penalties.
Key Characteristics of an EU AI Act Article
Each article within the EU AI Act functions as a precise legal mechanism, defining obligations, prohibitions, or governance structures. Understanding the anatomy of these provisions is critical for mapping technical system requirements to specific regulatory mandates.
Risk-Based Classification Logic
Articles define the category of risk (Unacceptable, High, Limited, Minimal) based on the system's intended purpose. The classification triggers a cascade of obligations. For example, an article may prohibit a specific subliminal manipulation practice outright, while another mandates conformity assessments for biometric categorization systems. The logic hinges on the potential for adverse impact on health, safety, or fundamental rights.
Obligation Triggers for Specific Actors
Articles precisely assign legal duties to distinct entities in the AI value chain:
- Providers: Bear primary responsibility for compliance, documentation, and CE marking.
- Deployers: Must follow use instructions, ensure human oversight, and monitor operations.
- Importers & Distributors: Act as gatekeepers, verifying provider compliance before placing a system on the EU market.
- Authorized Representatives: Fulfill obligations for non-EU providers.
Technical Documentation Mandates
A core function of many articles is to prescribe the exact contents of technical documentation. This is not a vague suggestion but a rigid checklist including:
- System architecture and design specifications.
- Training methodologies and data lineage.
- Performance metrics and accuracy levels.
- Risk management and human oversight protocols. This documentation must be kept for 10 years and be intelligible to authorities.
Transparency and Information Provisions
Articles establish the right to explanation and notification. They mandate that deployers inform individuals when they are interacting with an AI system (e.g., a chatbot), are subject to emotion recognition, or are exposed to deep fakes. The provisions require clear, conspicuous, and timely disclosure, ensuring the output of the AI system is marked in a machine-readable format where feasible.
Conformity and Enforcement Mechanisms
Articles detail the pathways to legal market entry, including internal control procedures and third-party conformity assessments by notified bodies. They grant market surveillance authorities the power to demand documentation, conduct unannounced inspections, and mandate corrective actions or recall of non-compliant systems. Penalties are defined as a percentage of global annual turnover.
General-Purpose AI (GPAI) Tiered Rules
Specific articles create a two-tier framework for foundation models. All GPAI models must provide a technical documentation summary and respect copyright law. Models posing a systemic risk—identified by a cumulative compute threshold of 10^25 FLOPs—face stricter obligations: model evaluations, adversarial testing, serious incident reporting, and robust cybersecurity protection.
Frequently Asked Questions
Clear, technical answers to the most common questions about specific articles and provisions within the European Union's Artificial Intelligence Act, designed for developers, compliance officers, and enterprise architects.
An Article is a specific, numbered legal provision within the text of the EU AI Act that establishes a distinct rule, definition, prohibition, or obligation. Each Article is the primary unit of law, directly addressing a single regulatory point, such as defining a 'high-risk AI system' (Article 6), listing prohibited practices (Article 5), or detailing transparency obligations (Article 52). For engineers and compliance officers, an Article is the atomic, actionable requirement that must be translated into a technical control or governance process. The Act's structure is hierarchical: Titles group thematic areas, Chapters subdivide those areas, and Articles contain the operative legal text. When performing a gap analysis, teams map each applicable Article to a specific system capability, such as implementing human oversight mechanisms for Article 14 or establishing a post-market monitoring system for Article 61.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Essential concepts for navigating the regulatory landscape established by the European Union's Artificial Intelligence Act.
High-Risk Classification
A regulatory designation for AI systems that pose significant potential harm to health, safety, or fundamental rights. These systems—including those used in critical infrastructure, education, employment, and law enforcement—must undergo conformity assessment before deployment. Obligations include risk management systems, human oversight mechanisms, and technical documentation. The classification triggers the most stringent requirements under the Act, including mandatory fundamental rights impact assessments and registration in the EU database.
General Purpose AI Obligation
A set of regulatory requirements specifically imposed on foundation models with broad applicability. Providers must:
- Draft and publish a transparency report detailing training data, compute, and capabilities
- Implement a policy to respect copyright law and disclose training data summaries
- Cooperate with the AI Office and downstream providers Models exceeding a systemic risk threshold (measured in FLOPs) face additional mandates including model evaluation, adversarial testing, and cybersecurity protections.
Conformity Assessment
The formal process of verifying that a high-risk AI system meets the essential requirements of the EU AI Act before market placement. This involves internal checks by the provider or third-party notified body involvement for specific use cases. The assessment evaluates the quality management system, technical documentation, and risk mitigation measures. Successful completion results in CE marking affixation, signaling compliance. Re-assessment is required after substantial modifications to the system.
Human Oversight Mechanisms
Protocols ensuring meaningful human control over AI system outputs, mandated for high-risk systems. These include:
- Human-in-the-loop: A human must approve each decision before action
- Human-on-the-loop: Real-time monitoring with the ability to intervene
- Human-in-command: Overarching governance of system design and operational limits Oversight must prevent automation bias and enable operators to override, ignore, or reverse AI outputs. The interface must provide interpretable explanations of system reasoning.
Systemic Risk Threshold
A compute-based benchmark that triggers additional regulatory scrutiny for general-purpose AI models. Initially defined as training runs exceeding 10^25 FLOPs, this threshold identifies models with potentially dangerous emergent capabilities. Providers must:
- Conduct adversarial testing and red-teaming
- Report serious incidents to the AI Office
- Ensure cybersecurity protections for model weights
- Assess and mitigate systemic risks at the Union level The threshold is dynamic and may be updated by the Commission.
Post-Market Surveillance
The continuous, systematic monitoring of an AI system's real-world performance and safety after deployment. Providers must:
- Collect and analyze performance data and incident reports
- Implement a feedback loop from users and affected persons
- Report serious incidents and malfunctions to market surveillance authorities
- Update risk assessments based on operational evidence This creates a living compliance obligation that persists throughout the system's lifecycle, not just at launch.

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us