EU AI Act
Regulation (EU) 2024/1689
All Annexes (I–XIII)
Tools
OJ L, 2024/1689 · In force 1 Aug 2024
The EU AI Act contains 13 Annexes that provide detailed technical, procedural, and classificatory substance supporting the main regulatory articles.
Identifies existing EU harmonisation legislation that intersects with the AI Act. If an AI system is a safety component of, or is itself, a product covered by this legislation, the high-risk classification under Article 6(1) applies.
Defines the scope of serious criminal offences for which certain real-time remote biometric identification systems may be permitted, subject to strict conditions under Article 5.
Provides the standalone classification of high-risk AI systems, independent of product safety legislation. These are systems whose use in these eight areas poses significant risks to fundamental rights, health, or safety.
Defines the minimum content required for the technical documentation of high-risk AI systems. Must be drawn up before the system is placed on the market or put into service and kept up to date.
Specifies the mandatory content of the EU Declaration of Conformity referenced in Article 47, which is the formal statement by a provider that a high-risk AI system meets regulatory requirements.
Defines the self-assessment route for providers of high-risk AI systems that do not require third-party (notified body) involvement. This is the simpler of the two conformity assessment paths.
Defines the conformity assessment route involving a notified body that evaluates both the provider's quality management system and the technical documentation for each AI system. This is the more rigorous conformity path, required for certain high-risk AI systems (particularly those in Annex III areas 1, 6, 7, and 8).
Specifies what information providers and deployers must submit to the EU database for high-risk AI systems. Divided into three sections covering provider information, non-high-risk designation information, and deployer information.
Specifies information required when registering high-risk AI systems listed in Annex III that are undergoing real-world testing conditions, ensuring transparency and traceability for experimental deployments.
Lists the EU legislative acts governing the major EU-wide information technology systems in the justice and security domain. AI systems that are components of these IT systems are classified as high-risk under Article 6(2) when listed in Annex III.
Specifies the technical documentation that providers of general-purpose AI (GPAI) models must draw up and make available to the AI Office and national competent authorities.
Specifies what technical documentation GPAI model providers must share with downstream providers who integrate the model into their own AI systems, to enable understanding, compliance, and proper integration.
Establishes the criteria the Commission uses, complementing the computational threshold of 10^25 FLOPs set in Article 51(2), to determine whether a GPAI model presents systemic risk.
Powered by Claude
Get plain-English answers about obligations, classifications, timelines, and compliance requirements.
Responses are AI-generated and may not reflect the latest guidance
