EU AI Act high-risk obligations apply from 2 August 2026
Is your company's use of AI compliant with the EU AI Act?
KomplAI checks your AI systems' documents and source code against the EU AI Act, DORA and the GDPR — every citation to these regulations is machine-verified against the official EUR-Lex texts. Report, action plan and Word/Excel export in minutes.
Provider routing without data retention · A product by Tippel
What is the EU AI Act?
The EU AI Act (Regulation (EU) 2024/1689) is the world's first comprehensive law on artificial intelligence. It takes a risk-based approach: some AI practices are banned, “high-risk” AI is strictly regulated, and other systems carry transparency obligations.
It applies extraterritorially: any company that develops, provides or uses AI systems whose output affects people in the EU is in scope — regardless of where the company is based.
Why it matters
Fines up to €35M / 7%
Breaches of the prohibited-practice rules can be penalised with up to €35M or 7% of worldwide annual turnover.
More systems in scope than you think
Everyday AI applications are in scope — some as high-risk (e.g. hiring, credit scoring, biometric systems), others only via transparency duties (e.g. chatbots, labelling AI-generated content). Which tier applies depends on the specific use case — the same chatbot can move from the transparency tier into high-risk depending on how it is used.
The clock is ticking
Bans and AI-literacy duties have applied since February 2025. The major high-risk obligations kick in on 2 August 2026 — preparation takes time.
The stages & key dates (Art. 113)
⏱ 27 days left until the EU AI Act's high-risk obligations (2 August 2026).
-
01 Aug 2024 in forceEntered into force
The EU AI Act enters into force. -
02 Feb 2025 in forceBans & AI literacy
Prohibited AI practices (Art. 5) and the AI-literacy duty (Art. 4) apply — for providers AND deployers. -
02 Aug 2025 in forceGPAI models & penalties
Obligations for general-purpose AI (GPAI) models, the governance structure and the penalty framework apply. -
02 Aug 2026 upcomingHigh-risk obligations (Annex III)
The core obligations for high-risk AI systems under Annex III (e.g. recruitment, credit scoring, critical infrastructure) apply — risk management, data governance, documentation, human oversight, conformity assessment. -
02 Aug 2027 upcomingHigh-risk via product law (Annex I)
Obligations for high-risk AI systems that are safety components under existing product legislation (Art. 6(1)).
How it works
Create a case & upload
system description, contracts, DPIA, technical docs or your code repository.
Choose a profile
full check, high-risk deep dive, code audit, DORA, GDPR or transparency documentation.
Get your result
risk classification, obligation gap analysis with applicability dates, gap list and prioritised measures.
Every citation to the AI Act, DORA and GDPR is machine-verified against the official EUR-Lex texts. How we check →