The EU AI Act, article by article
A plain-English reference to the articles people actually search for — what each one requires, who it binds, and the points that matter.
Article 5 of the EU AI Act bans certain AI practices outright — social scoring, untargeted facial scraping, most emotion recognition at work. In force since 2 Feb 2025.
Article 6 defines which AI systems are high-risk under the EU AI Act — via Annex I product safety and the Annex III use-case list. Learn how classification works.
Article 9 requires providers of high-risk AI to run a continuous, documented risk-management system across the lifecycle. Here's what it must cover.
Article 10 requires high-risk AI training, validation and test data to be relevant, representative and examined for bias. Learn the data-governance duties.
Article 11 requires providers of high-risk AI to draw up Annex IV technical documentation before market and keep it current. See what the file must contain.
Article 14 requires high-risk AI to be designed for effective human oversight — so a person can understand, monitor, intervene and stop the system. Here's how.
Article 16 sets out the obligations of providers of high-risk AI — from the quality management system to conformity assessment, CE marking and registration.
Article 26 sets the obligations of deployers of high-risk AI — human oversight, using the system per instructions, monitoring, logs, and informing affected people.
Article 27 requires certain deployers of high-risk AI to complete a Fundamental Rights Impact Assessment (FRIA) before first use. Learn who must do one and what it covers.
Article 43 sets the conformity-assessment procedures for high-risk AI — internal control (Annex VI) or notified body (Annex VII). Learn which applies and when.
Article 47 requires providers of high-risk AI to draw up a written EU declaration of conformity and keep it for ten years. Learn what it must state.
Article 50 requires disclosure when people interact with AI, and labelling of AI-generated or manipulated content (deepfakes). Applies from 2 August 2026.
Article 53 sets the duties of general-purpose AI model providers — technical documentation, downstream information, a copyright policy and a training-data summary.
Article 72 requires providers of high-risk AI to run a documented plan that collects and reviews real-world performance data after the system is on the market.
Article 73 requires providers of high-risk AI to report serious incidents to authorities within strict deadlines — as short as immediately, up to 15 days by severity.