Live Tracker — Updated March 2026

EU AI Act Implementation Tracker

The definitive real-time reference for EU AI Act compliance status, key deadlines, and obligations by risk tier. We are currently 5 months from the most critical deadline.

We are here

→ Aug 2, 2026 · High-Risk AI Systems Deadline

Annex III high-risk AI must be compliant — conformity assessment required

Implementation Timeline

Key dates from entry into force through full application

Aug 1, 2024In Effect

AI Act Entered into Force

The EU AI Act was published in the Official Journal and entered into force.

Feb 2, 2025In Effect

Prohibited AI Systems Apply

Chapter I (General Provisions) and Chapter II (Prohibited AI Practices) became applicable. AI systems that violate fundamental rights — including social scoring, subliminal manipulation, and real-time remote biometric surveillance — are now banned.

Aug 2, 2025In Effect

GPAI Rules + Governance Apply

General Purpose AI (GPAI) model obligations and the EU AI Office governance structure became applicable. Providers of GPAI models (including frontier models) must comply with transparency, copyright, and systemic risk requirements.

Aug 2, 2026Current Deadline

High-Risk AI Systems (Annex III) Apply

The core compliance deadline for high-risk AI in critical sectors: healthcare, education, employment, law enforcement, border control, administration of justice, and democratic processes. Conformity assessments, technical documentation, and human oversight mechanisms required.

Aug 2, 2027

High-Risk AI in Annex I Products Apply

High-risk AI systems embedded in regulated products (Annex I) — including machinery, medical devices, civil aviation, vehicles, and rail systems — must comply. These systems already subject to existing EU product safety legislation get an extra year.

Obligations by Risk Tier

The EU AI Act uses a risk-based approach. Your obligations depend entirely on how your AI system is classified.

Prohibited

AI practices that pose unacceptable risks to fundamental rights

Key Obligations

Real-time remote biometric surveillance in public spaces (limited exceptions for law enforcement)
Social scoring systems by public or private entities
Subliminal manipulation techniques that distort behavior
Exploitation of vulnerabilities of specific groups
AI-based predictive policing (individual crime prediction)
Emotion recognition in workplaces and education (with exceptions)
Biometric categorisation inferring race, political opinions, religion

Consequences: Outright ban — products must be withdrawn. Fines up to €35M or 7% global turnover.

High-Risk

AI systems in critical sectors requiring mandatory conformity assessment

Key Obligations

Conformity assessment before market placement
Technical documentation (Annex IV format)
Automatic event logging and audit trails
Transparency and provision of information to deployers
Human oversight measures — operators must be able to monitor, intervene, or stop the system
Accuracy, robustness, and cybersecurity requirements
Quality management system across the AI lifecycle
Registration in EU database (Article 71)
Post-market monitoring plan

Consequences: Must complete conformity assessment. Fines up to €15M or 3% global turnover.

Limited Risk

AI systems with specific transparency obligations

Key Obligations

Disclose to users that they are interacting with an AI system (chatbots, virtual assistants)
Label AI-generated content (deepfakes, synthetic media)
Inform users when emotion recognition or biometric categorization is used
Providers of GPAI models must publish summaries of training data

Consequences: Transparency obligations only. Fines up to €7.5M or 1.5% global turnover for violations.

Minimal Risk

AI systems posing little or no risk — the vast majority of AI applications

Key Obligations

No mandatory obligations under the AI Act
Encouraged (voluntary) to adopt codes of conduct
Existing product safety, consumer protection, and GDPR rules still apply

Consequences: No specific AI Act obligations. Normal product and data protection law applies.

GPAI Model Obligations (Post-Aug 2025)

General Purpose AI models — including large language models — have specific obligations under Title VIII of the AI Act, now in force since August 2025.

Technical Documentation

Maintain up-to-date technical documentation covering training methodology, data sources, compute used, and known limitations.

Copyright Compliance

Implement and maintain a copyright policy. Publish summaries of training data used for text and data mining.

Model Card & Transparency

Publish model cards describing capabilities, limitations, intended and foreseeable misuse, and evaluation results.

Systemic Risk Assessment (Frontier Models)

For frontier models (≥10²⁵ FLOPs training compute), conduct adversarial testing, incident reporting, and cybersecurity measures.

Is My AI System High-Risk?

Use our free interactive classifier to determine your AI system's risk tier under Annex III and Annex I of the EU AI Act.

Get Your Compliance Assessment

Full gap analysis, risk classification of your AI systems, and a remediation plan with deadlines — from a French Government AI Ambassador.

Don't Wait Until August 2026

The conformity assessment process for high-risk AI systems takes 3–12 months depending on complexity. Organizations that start now have the highest chance of meeting the deadline without disrupting operations.

EU AI Act Implementation Tracker

The definitive real-time reference for EU AI Act compliance status, key deadlines, and obligations by risk tier. We are currently 5 months from the most critical deadline.

We are here

→ Aug 2, 2026 · High-Risk AI Systems Deadline

Annex III high-risk AI must be compliant — conformity assessment required