Free 5-module EU AI Act fundamentals course: scope, risk classification, key obligations, deadlines, and enforcement. Certificate of completion for Art. 4 AI literacy requirements. No registration needed.
Five modules from zero to compliance-ready
The AI Act Fundamentals course covers the EU AI Act from its legal basis to practical compliance obligations. Each module builds on the previous. All content is free — no paywall, no registration.
Module 1: What is the EU AI Act?
Estimated time: 20 minutes
- The AI Act's legal basis (Art. 114 TFEU — internal market harmonisation)
- Geographic scope: who it applies to (providers, deployers, importers, distributors — even if established outside the EU)
- Definition of an "AI system" under Art. 3(1) — and what is explicitly excluded
- The relationship between the AI Act and GDPR, DORA, NIS2, and sector-specific regulation
- Key institutions: national competent authorities, EU AI Office, notified bodies
→ Read more: AI Act overview →
Module 2: Risk Classification
Estimated time: 25 minutes
- The four-tier risk pyramid: prohibited, high-risk, transparency, minimal
- Prohibited practices (Art. 5): the eight banned AI uses, in effect since 2 February 2025
- Annex I high-risk (Art. 6(1)): AI embedded as safety components in regulated products
- Annex III high-risk (Art. 6(2)): the 8 standalone high-risk AI domains
- The Art. 6(3) exclusion mechanism: how to self-assess out of high-risk
- GPAI models (Chapter V): definition, tiers, systemic risk threshold
- Transparency obligations (Art. 50): chatbots, synthetic content, emotion recognition
→ Read more: Annex III guide → · Annex I guide → · GPAI guide → · Prohibited practices →
Module 3: Core Obligations for High-Risk AI
Estimated time: 30 minutes
- Art. 9 — Risk management system: continuous, iterative, documented
- Art. 10 — Data governance: training, validation, and testing data quality requirements
- Art. 11 + Annex IV — Technical documentation: what must be in the technical file
- Art. 13 — Transparency and provision of information to deployers
- Art. 14 — Human oversight: design measures, override capability
- Art. 15 — Accuracy, robustness, and cybersecurity: performance levels and residual risk
- Art. 17 — Quality management system (QMS): from design to post-market monitoring
- Art. 43 — Conformity assessment: self-assessment vs. third-party routes
- Art. 71 — EU AI database registration: what to register, when, how
→ Read more: Compliance Checklist →
Module 4: Deadlines and the Digital Omnibus 2026
Estimated time: 20 minutes
- The original AI Act timeline (entry into force: 1 August 2024)
- What the Digital Omnibus 2026 changed — and what it did not
- Currently in force: prohibited practices (Feb 2025), GPAI obligations (Aug 2025)
- Upcoming: Annex III deadline (2 December 2027), Annex I deadline (2 August 2028)
- Practical planning implications: notified body queues, harmonised standard availability, QMS build time
- Transitional provisions for systems already on the market
→ Read more: Deadlines & Timeline → · Digital Omnibus 2026 →
Module 5: Enforcement — Who Fines Whom, and How Much
Estimated time: 20 minutes
- National market surveillance authorities: designation, powers, cross-border coordination
- The EU AI Office: role in GPAI model supervision, powers vs. national authorities
- Sanction tiers: €35M/7% (prohibited), €15M/3% (high-risk), €7.5M/1% (misleading info)
- The SME/startup lower-amount rule
- Stacking with GDPR, NIS2, and DORA fines
- How enforcement investigations are triggered: complaints, self-reporting, market surveillance
→ Use the Sanction Estimator → to calculate your exposure
Get your AI literacy certificate
After reading all 5 modules, you have covered the core EU AI Act requirements as required by Art. 4 (AI literacy obligation for providers and deployers).
Download your certificate of completion — available from the Academy page →. The certificate documents that you have completed structured training on the EU AI Act, suitable for inclusion in your AI governance records.
For the next level — risk assessment templates, technical documentation templates, and QMS extension guides — see AI Risk Management Pro →
AI Act meets DORA and NIS2
Is your organisation subject to both the AI Act and DORA? The two regulations intersect on the operational resilience of financial AI systems. Our sister site regulation-dora.eu covers DORA in depth.
Explore regulation-dora.eu ↗Frequently Asked Questions
The 5 modules take approximately 2-3 hours total to complete. Each module has an estimated reading time of 20-30 minutes and ends with a short knowledge check. You can complete modules in any order or over multiple sessions.
Yes. After completing all 5 modules and the knowledge checks, you can download a certificate of completion. This certificate can be used to document AI literacy training as required by Art. 4 of the EU AI Act.