All you need to know about the new AI Act – Part 2: Who is bound by the EU Artificial Intelligence Act? 27 June 24 Elisar Bashir

The Artificial Intelligence Act (AI Act) contains binding rules and obligations for key actors across the value chain of a high-risk AI system, as well as for providers of general-purpose AI (GPAI) models.

Providers of high-risk AI systems will need to comply with a series of mandatory requirements (e.g. on data and cybersecurity), conduct an ex ante conformity assessment, and develop a post-market monitoring system.

Meeting harmonised EU standards or certain common specifications will lead to a presumption of conformity with the AI Act requirements.

Public authorities and private actors providing public services will need to conduct a fundamental rights impact assessment (FRIA) if they deploy a high-risk AI system.

Providers of GPAI models will be subject to transparency requirements, e.g. publishing a detailed summary of the data used to train the model.

Cullen International is publishing a series of reports analysing different aspects of the new AI rulebook. The third report covers the core obligations for providers of AI systems and GPAI models, and for other actors in the AI value chain.

See also:
Part 1: Scope
Part 3: Governance & Enforcement

For more information and to access our AI Act report series, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service. 


stay in touch