EU AI ActFree Resource

EU AI Act Risk Tiers, Roles, and Timeline

Use this hub to classify an AI system or general-purpose AI model under Regulation (EU) 2024/1689: first confirm scope and role, then screen Article 5 prohibited practices, Annex III high-risk use cases, Chapter V GPAI duties, and Article 50 transparency obligations.

The application schedule is staged: Chapters I and II apply from 2 February 2025, Chapter V GPAI rules apply from 2 August 2025, most rules apply from 2 August 2026, and Article 6(1) high-risk product-safety classification duties apply from 2 August 2027.

Get an AI Act readiness review
Publication details
Editorial metadata for this artifact
Author
Sorena AI
Published
Mar 4, 2026
Updated
May 9, 2026
EU AI Act questions this hub helps resolve
Scope and role
Check whether the system, model, output, or supply-chain activity is in EU AI Act scope, then name the operator role: provider, deployer, authorised representative, importer, distributor, or product manufacturer.
Risk and obligations
Separate Article 5 stop issues from Annex III high-risk systems, Article 50 transparency duties, Chapter V GPAI provider duties, and minimal-risk cases that still need ordinary governance.
Evidence path
Translate the classification into records: risk analysis, technical documentation, logs, instructions for use, conformity evidence, EU database registration, FRIA records where required, and post-market monitoring.
By Sorena AIUpdated 2026No signup required
Quick scan
AI Act
Phased dates
Use Article 113 and transition rules to sequence 2025, 2026, 2027, and 2030 work without treating every AI Act duty as live on the same date.
Actor-role mapping
Record whether the same product, service, or model creates provider, deployer, importer, distributor, authorised representative, product manufacturer, or downstream provider duties.
Risk-tier routing
Route work by prohibited practice, high-risk system, transparency-triggered AI system, GPAI model, GPAI model with systemic risk, or minimal-risk use.
Use the timeline and linked guides to assign owners, supplier evidence, release gates, and reassessment triggers.
Art. 5
Prohibited
Annex III
High risk
Ch. V
GPAI
Art. 50
Transparency
Map roles
Screen risk tiers
Keep evidence
AI Act Timeline

Key dates for EU AI Act implementation

Track staged application under Regulation (EU) 2024/1689 so Article 5 screening, AI literacy, GPAI provider work, Article 50 transparency, high-risk conformity work, and transition cases are sequenced against the correct legal phase.

Loading timeline...

Topic guides

Deep dive pages for implementation planning, controls, reporting, and evidence.

1
EU AI Act Applicability and Roles: Scope, Actor Map, and Evidence
Determine whether the EU AI Act applies to an AI system or GPAI model, map provider, deployer, importer, distributor, and product manufacturer roles, and record evidence for classification.
Read Guide
2
EU AI Act applicability test: scope, role, and risk classification
Stepwise EU AI Act applicability test for AI-system status, exclusions, territorial scope, operator role, prohibited uses, high-risk systems, GPAI models, transparency duties, and evidence records.
Read Guide
3
EU AI Act Article 5 Prohibited AI Practices Screening Guide
Screen AI systems against the EU AI Act Article 5 prohibitions, including manipulation, exploitation, social scoring, biometric and law-enforcement exceptions.
Read Guide
4
EU AI Act Article 50 transparency, labeling, and user disclosures
Source-grounded guide to EU AI Act Article 50 duties for user interaction notices, synthetic content marking, deepfake labels, emotion recognition notices, biometric categorisation notices, and related high-risk AI instructions for use.
Read Guide
5
EU AI Act Compliance Checklist by Risk Class
A practical EU AI Act checklist for classifying AI systems, assigning operator roles, screening prohibited practices, and collecting evidence for high-risk, GPAI, transparency, monitoring, and incident duties.
Read Guide
6
EU AI Act Compliance Program: roles, high-risk evidence, GPAI and incidents
Build an EU AI Act compliance program around provider, deployer, importer, distributor, high-risk, GPAI, transparency, monitoring, and incident evidence duties.
Read Guide
7
EU AI Act conformity assessment and notified bodies for high-risk AI
Grounded guide to EU AI Act high-risk AI conformity assessment routes, provider evidence, EU declaration of conformity, CE marking, and notified body involvement.
Read Guide
8
EU AI Act deadlines and compliance calendar | Article 113 dates
source-linked EU AI Act compliance calendar for Article 113 staged application dates, Article 111 transitions, GPAI, prohibited practices, AI literacy, and high-risk AI planning.
Read Guide
9
EU AI Act FAQ: scope, roles, high-risk AI, GPAI, FRIA, and dates
Grounded EU AI Act FAQ covering scope, provider and deployer roles, prohibited practices, high-risk classification, GPAI duties, transparency notices, FRIAs, EU database registration, serious incidents, and staged application dates.
Read Guide
10
EU AI Act FRIA for high-risk AI systems: Article 27 scope and evidence
Source-grounded guide to EU AI Act Article 27 fundamental rights impact assessments: who must run a FRIA, Article 6(2) triggers, Annex III carveouts, DPIA overlap, notification, and registration evidence.
Read Guide
11
EU AI Act GPAI evidence pack checklist for Article 53 and 55
Build a source-grounded evidence pack for EU AI Act GPAI model obligations: technical documentation, downstream information, copyright policy, training-content summary, and systemic-risk records where applicable.
Read Guide
12
EU AI Act GPAI Provider Obligations: Articles 53 and 55
Grounded guide to EU AI Act duties for general-purpose AI model providers: Article 53 documentation, copyright policy, training-content summary, downstream information, and Article 55 systemic-risk controls.
Read Guide
13
EU AI Act High-Risk AI Requirements: Articles 8-16 and 26
Map the EU AI Act requirements for high-risk AI systems: risk management, data governance, technical documentation, logs, transparency, human oversight, accuracy, robustness, cybersecurity, and deployer duties.
Read Guide
14
EU AI Act high-risk AI use cases by industry | Article 6 and Annex III guide
Industry-by-industry guide to EU AI Act high-risk classification under Article 6, Annex III, Annex I product safety routes, exclusions, and provider/deployer boundaries.
Read Guide
15
EU AI Act high-risk conformity assessment route selector
Select the EU AI Act Article 43 conformity assessment route for a high-risk AI system, including Annex I product legislation, Annex III categories, notified body triggers, standards, declaration, CE marking, registration, and evidence.
Read Guide
16
EU AI Act high-risk requirements checklist: Articles 8-15
Checklist for EU AI Act high-risk AI system requirements in Articles 8-15: risk management, data governance, documentation, logs, transparency, human oversight, accuracy, robustness, and cybersecurity.
Read Guide
17
EU AI Act penalties and fines: Article 99 tiers and GPAI exposure
EU AI Act penalties explained: Article 99 fine tiers, prohibited-practice exposure, incorrect information, SME caps, Member State rules, and GPAI model fines.
Read Guide
18
EU AI Act post-market monitoring and serious incident reporting
Grounded guide to EU AI Act Articles 72 and 73 for high-risk AI: monitoring plans, serious incident reporting, deployer escalation, corrective action, and GPAI distinctions.
Read Guide
19
EU AI Act risk classification intake workflow
A grounded intake structure for classifying EU AI Act scope, prohibited practices, high-risk routes, Annex III use cases, GPAI model status, roles, and reassessment triggers.
Read Guide
20
EU AI Act serious incident reporting triage workflow: Article 73 and Article 55
Triage EU AI Act serious incidents by definition, actor, reporting route, deadline, deployer escalation, corrective action, and separate GPAI systemic-risk reporting.
Read Guide
21
EU AI Act Technical Documentation and Provider Evidence Templates
Build AI Act evidence templates for high-risk AI providers: Article 11 technical documentation, Annex IV fields, quality management, conformity, CE marking, registration, logs, and post-market monitoring.
Read Guide
22
EU AI Act Timeline and Phasing Roadmap: practical obligations and evidence guide
Practical EU AI Act guide to Timeline and Phasing Roadmap: scope, owners, evidence, edge cases, checklist steps, and external source-linked citations.
Read Guide
23
EU AI Act vs ISO/IEC 42001: legal duties, controls, and evidence limits
Compare the EU AI Act and ISO/IEC 42001 across legal status, risk classification, high-risk AI, GPAI, transparency, conformity, evidence, and assurance limits.
Read Guide
24
EU AI Act vs NIST AI RMF: legal duties, risk controls, and evidence boundaries
Compare the binding EU AI Act with the voluntary NIST AI RMF, including role classification, high-risk duties, GPAI, transparency, conformity evidence, and reuse limits.
Read Guide
Next step

Turn EU AI Act classification into owned implementation work

Use this hub as the shared entry point for AI Act inventory, role mapping, risk-tier screening, obligation assignment, and evidence governance. Route uncertain facts into cited research and convert confirmed duties into owners, records, and release gates.

What this unlocks
  • Start with one system, model, output, supplier, or deployment context and record the EU AI Act role for each operator.
  • Use Assessment Autopilot to request risk classification evidence, technical documentation, transparency notices, GPAI records, and post-market monitoring checkpoints.
  • Use Research Copilot for cited questions about Article 5 prohibitions, Annex III high-risk categories, Article 50 disclosures, Chapter V GPAI duties, and staged application dates.
  • Keep legal interpretation, engineering evidence, supplier attestations, approval history, and reassessment triggers connected to the same source-linked file.
Recommended route
Open Assessment Autopilot
Turn AI Act role, risk, transparency, GPAI, and evidence requirements into owned tasks and review checkpoints.
Supporting route
Open Research Copilot
Answer AI Act scope, role, timing, and interpretation questions with cited outputs from official sources.
Talk to Sorena
Talk through implementation
Review your current process, evidence model, and next implementation steps.
Discuss your setup
EU AI Act artifact preview
Share it internally
Download the timeline export to align legal, product, engineering, and commercial teams on milestones and deadlines.