Practice intelligence Current as of Jun 20, 2026
OlenderFeldman

PracticeEU AI Act

EU AI Act — General Purpose AI Model obligations now in force for providers above threshold

What the law is now

The EU AI Act imposes tiered obligations on providers of AI systems classified by risk. The General Purpose AI chapter covers providers of models that power multiple downstream uses. As of August 2025, all GPAI model providers serving the EU must meet baseline transparency obligations. Providers whose models reach the systemic risk threshold (currently 10^25 FLOP training compute) face additional adversarial testing and incident-reporting requirements.

What just shifted

Shift EU Primary source

What this adds: The August 2025 effective date moved GPAI obligations from a future compliance target to an active legal duty. Providers must now maintain technical documentation, publish a summary of training data including copyright policy and opt-out compliance, and put in place downstream deployer information obligations. Providers above the systemic risk threshold must additionally conduct model evaluations, red-team testing, and notify the AI Office of serious incidents.

What this puts in question: Whether companies that fine-tune or adapt a GPAI model for their own product are themselves GPAI providers subject to these obligations, or whether only the original model developer bears them — the AI Office's codes of practice are expected to clarify this boundary.

What clients should weigh

·If you develop, fine-tune, or distribute an AI model that can be used for multiple downstream tasks by other businesses or consumers in the EU, you may be a GPAI provider subject to these obligations — assess this now, before the AI Office begins enforcement referrals.
·Do you have technical documentation covering your model architecture, training data, and intended use cases in the form the regulation requires, and is your training-data copyright policy and opt-out mechanism documented and current?
·Do your contracts with downstream deployers — companies that build applications on top of your model — include the information and assistance obligations the AI Act requires you to pass down?
·The GPAI chapter imposes obligations that are now active law, but the AI Office's codes of practice — which will define how compliance is demonstrated — are not yet final. Operating under interim uncertainty is the current state; the codes are the thing to watch.
Regulation (EU) 2024/1689, Arts. 51–56, GPAI Chapter (effective August 2025) ›

Watch for

· European AI Office GPAI code of practice, final version expected Q4 2026

· AI Office designation of which existing models meet the systemic risk threshold

· UK AI Regulation Bill and its relationship to the EU AI Act for UK-EU dual-operating companies

Ready to use

These are drafts. Edit before sending to a client.

Client alert

Draft — edit before sending to a client.

This corpus reflects one attorney's personal review. It is not a comprehensive survey. Verify scope and currency before relying on it for any matter.