CHAPTER VIII

Article 71: EU database for high-risk AI systems listed in Annex III

Plain English Summary

What this article does: Establishes an EU database for high-risk AI systems listed in Annex III. Who it applies to: Providers and deployers of Annex III high-risk AI systems, and the Commission. Key requirements: Para 1: The Commission must establish and maintain an EU-wide database, publicly accessible and free of charge. Para 2: Providers must register themselves and their systems before placing them on the market. Para 3: Deployers that are public authorities must register their use. Para 4: The database must contain the information listed in Sections A and B of Annex VIII. Para 5: The Commission is responsible for development and maintenance. Para 6: Information in the database must be accessible to the public, except for information registered by deployers for law enforcement, migration, asylum, or border control purposes.

1. The Commission shall, in collaboration with the Member States, set up and maintain an EU database containing information referred to in paragraphs 2 and 3 of this Article concerning high-risk AI systems referred to in (2) which are registered in accordance with Articles 49 and 60 and AI systems that are not considered as high-risk pursuant to (3) and which are registered in accordance with (4) and Article

49. When setting the functional specifications of such database, the Commission shall consult the relevant experts, and when updating the functional specifications of such database, the Commission shall consult the Board.

2. The data listed in Sections A and B of Annex VIII shall be entered into the EU database by the provider or, where applicable, by the authorised representative.

3. The data listed in Section C of Annex VIII shall be entered into the EU database by the deployer who is, or who acts on behalf of, a public authority, agency or body, in accordance with (3) and (4).

4. With the exception of the section referred to in (4) and (4), point (c), the information contained in the EU database registered in accordance with shall be accessible and publicly available in a user-friendly manner. The information should be easily navigable and machine-readable. The information registered in accordance with shall be accessible only to market surveillance authorities and the Commission, unless the prospective provider or provider has given consent for also making the information accessible the public.

5. The EU database shall contain personal data only in so far as necessary for collecting and processing information in accordance with this Regulation. That information shall include the names and contact details of natural persons who are responsible for registering the system and have the legal authority to represent the provider or the deployer, as applicable.

6. The Commission shall be the controller of the EU database. It shall make available to providers, prospective providers and deployers adequate technical and administrative support. The EU database shall comply with the applicable accessibility requirements. CHAPTER IX POST-MARKET MONITORING, INFORMATION SHARING AND MARKET SURVEILLANCE SECTION 1 Post-market monitoring

Cross-referenced Articles

Built by Paul McCormack — lawyer, product leader, and founder of Kormoon. This site is an independent informational resource only and does not constitute legal advice. No reliance should be placed on its contents. For the authoritative text, refer to the official EUR-Lex source linked in the Annexes tab, or consult your legal advisor.

© 2026 Paul McCormack. All rights reserved.

kormoon.aiOfficial EUR-Lex Source
Share