General-purpose AI (GPAI) models and systems are subject to a tailored and tiered regulatory framework under the AI Act.
GPAI models are defined functionally (e.g. generality in the performance of tasks) and are typically integrated into GPAI systems.
The European Commission, through its AI Office, has sweeping powers to enforce the provisions applicable to GPAI models and systems. These provisions will apply from 2 August 2025 (see also AI Act Timeline).
The AI Office is facilitating the drawing-up of a code of practice on GPAI models by independent experts. The code is expected to set out "commitments to which providers [of GPAI models] may adhere to ensure compliance with their obligations under the AI Act.”
In parallel, the EU executive body opened a consultation until 22 May 2025 in preparation for its upcoming non-binding guidelines, which will aim to clarify the obligations of providers GPAI models.
This cheat sheet by Cullen International provides a summary of the core provisions on GPAI models under the AI Act:
Clients of our European Digital Economy service, can access it directly on our client portal via the following link:
more news
23 February 26
The DNA explained: universal service to serve the same goals under a revised approach
Cullen International is issuing a series of analyses on different aspects of the Digital Networks Act (DNA) proposal. This report covers universal service.
20 February 26
Revised Cybersecurity Act (CSA2) - Changes to the EU cybersecurity certification framework
Cullen International published an analysis of the proposed changes to the EU cybersecurity certification framework under the draft Cybersecurity Act 2 (CSA2) delivered by the European Commission on 20 January 2026.
19 February 26
Upper 6 GHz band: EU member states wait for EU-level decisions
Cullen International has been monitoring regulation of the upper 6 GHz band at the European level and now also benchmarks regulation at the national level in Europe.