Article 1 — Subject matter (EU AI Act)

Article 1 of Regulation (EU) 2024/1689 — Subject matter. Official text, practical interpretation, key obligations and compliance implications.

Official Text Summary

Article 1 of Regulation (EU) 2024/1689 of the European Parliament and of the Council — commonly known as the EU AI Act — establishes the subject matter of the regulation. It declares that the regulation lays down harmonised rules concerning the placing on the market, the putting into service, and the use of artificial intelligence systems in the Union.

The article identifies five principal regulatory objectives that the regulation pursues:

Rules on prohibited AI practices that pose unacceptable risks to fundamental rights, safety, and Union values.
Specific requirements and obligations for high-risk AI systems and the operators involved in their lifecycle.
Transparency obligations for certain AI systems interacting with natural persons or generating synthetic content.
Rules applicable to general-purpose AI (GPAI) models, including those with systemic risk.
Rules on market monitoring, market surveillance, governance at both Member State and Union level, and enforcement mechanisms.

Article 1 also declares that the regulation aims to improve the functioning of the internal market and to promote the uptake of human-centric and trustworthy artificial intelligence, while ensuring a high level of protection of health, safety, and fundamental rights as enshrined in the Charter of Fundamental Rights of the European Union. It thereby anchors the regulation simultaneously in internal market law (Article 114 TFEU) and fundamental rights protection.

What This Means in Practice

Article 1 is a framing provision. It does not generate direct compliance tasks in isolation, but it defines the regulatory logic that determines which obligations apply to any given actor or system.

For providers — companies or individuals that develop AI systems or general-purpose AI models and place them on the EU market or put them into service — Article 1 signals that a comprehensive, risk-tiered compliance framework governs their activities. A provider of a high-risk AI system used in credit scoring, recruitment, or critical infrastructure must understand from the outset that the regulation pursues both market harmonisation and fundamental rights protection simultaneously. These twin objectives shape how obligations in later articles are interpreted.

For deployers — entities that use AI systems in a professional context — Article 1 confirms that use within the Union is sufficient to trigger the regulation, even if the provider is based outside the EU.

For legal and compliance teams, Article 1 establishes that the EU AI Act is not a sector-specific rule but a horizontal regulation covering AI across all domains, with the exception of systems used exclusively for military, national security, or research and development purposes prior to market placement, as further specified in Article 2.

Practical example: A US-based company deploying a CV-screening AI tool for recruitment of EU-based employees falls within the regulatory perimeter Article 1 describes. The compliance journey begins with understanding Article 1's scope statement, then moves to Article 6 and Annex III to assess whether the system is high-risk.

Key Obligations

Understand the regulatory perimeter. Article 1 defines what the EU AI Act governs. Every compliance programme must begin with a clear reading of its five stated objectives to correctly map which subsequent provisions apply.
Recognise the dual legal basis. The regulation pursues internal market harmonisation and fundamental rights protection simultaneously. Compliance assessments must address both dimensions, not just technical conformity.
Account for all five regulatory pillars. Prohibited practices, high-risk system requirements, transparency obligations, GPAI model rules, and governance structures each represent a distinct compliance track stemming from Article 1's subject matter declaration.
Apply the regulation regardless of establishment location. Article 1 makes clear that systems placed on the EU market or whose output is used in the EU are within scope, establishing an extraterritorial reach confirmed in Article 2.
Anchor internal AI governance in Article 1's purpose. Internal policies, risk assessments, and conformity documentation should explicitly reference the regulation's stated aim of human-centric, trustworthy AI as a guiding interpretive principle.

Relationship to Other Articles

Article 1 must be read as the gateway to the entire regulation. It connects directly to Article 2 (scope and exclusions), which specifies precisely which actors and systems are covered or exempt, including carve-outs for military use, personal non-professional use, and limited open-source provisions.

The five objectives Article 1 enumerates map directly onto the regulation's structural chapters: Article 5 (prohibited practices), Articles 6–51 (high-risk AI systems), Articles 50 (transparency obligations), Articles 51–56 (GPAI models), and Articles 57–101 (governance and enforcement).

Article 1 also reinforces the interpretive role of the recitals, particularly Recitals 1–10, which contextualise the regulation's purpose within the EU's digital strategy and Charter of Fundamental Rights. When ambiguity arises in applying later articles, compliance teams should return to Article 1's stated objectives as the primary interpretive anchor under standard EU statutory interpretation principles.

Compliance Timeline

Article 1 entered into force on 1 August 2024, twenty days after the regulation's publication in the Official Journal of the European Union (OJ L 2024/1689, 12 July 2024). As a subject-matter provision, it is applicable from that date and has no deferred application period.

However, the operational provisions Article 1 describes follow a phased application schedule:

2 February 2025 — Provisions on prohibited AI practices (Chapter II, Article 5) became applicable.
2 August 2025 — Rules on general-purpose AI models (Chapter V, Articles 51–56), governance provisions, and confidentiality/penalty articles became applicable.
2 August 2026 — Rules for high-risk AI systems listed in Annex I (safety-component systems regulated by sectoral Union law) become applicable.
2 August 2027 — Rules for high-risk AI systems listed in Annex III (including biometric identification, critical infrastructure, employment, essential services, law enforcement, migration, and justice) become fully applicable, with the exception of certain public-sector deployers.

Understanding Article 1's framing is therefore an immediate obligation — it informs how organisations should have begun their AI inventory and risk classification exercises as of August 2024.

Official AI Act Compliance Deadline Calendar

Updated 2026-06-22 · Sources: Regulation (EU) 2024/1689 and the 2026 Digital Omnibus on AI.

Obligation	Applies to	Original date	New date	Status	Countdown	Legal basis
Prohibited Practices (Art. 5)	All providers and deployers	2 February 2025	2 February 2025	active	—	AI Act Art. 5
GPAI Rules (Chapter 5)	GPAI model providers	2 August 2025	2 August 2025	active	—	AI Act Art. 51-56
High-risk AI — Annex III (standalone)	Providers of standalone Annex III systems	2 August 2026	2 December 2027	deferred	—	AI Omnibus 2026 Art. 6(2)
High-risk AI — Annex I (embedded)	AI embedded in Annex I regulated products	2 August 2026	2 August 2028	deferred	—	AI Omnibus 2026 Art. 6(1)
AI-Generated Content Marking	Providers of generative GPAI systems	2 August 2025	2 August 2025	active	—	AI Act Art. 50(2)
Regulatory Sandboxes	National competent authorities	2 August 2026	2 August 2026	active	—	AI Act Art. 57

⬇ Download JSON · CC BY 4.0

AI Act meets DORA and NIS2

Is your organisation subject to both the AI Act and DORA? The two regulations intersect on the operational resilience of financial AI systems. Our sister site regulation-dora.eu covers DORA in depth.

Explore regulation-dora.eu ↗

Frequently Asked Questions

What does Article 1 of the EU AI Act establish?

Article 1 establishes the subject matter of Regulation (EU) 2024/1689. It sets out the purpose of the regulation: to lay down harmonised rules for AI systems placed on the market, put into service, or used in the European Union, including rules on prohibited AI practices, requirements for high-risk AI systems, transparency obligations, and governance structures. It also covers general-purpose AI models.

Does Article 1 impose direct obligations on businesses?

Article 1 is a definitional and framing provision rather than an operational article. It does not itself impose obligations but defines the regulatory perimeter. Businesses must read it in conjunction with subsequent articles — particularly Articles 5, 6, 13, and 51 — to determine which rules apply to their specific AI systems or models.

Who is covered by the EU AI Act according to Article 1?

The regulation applies to providers placing AI systems on the EU market or putting them into service in the EU, deployers using AI systems in the EU, and providers and deployers located in third countries where the output of the AI system is used within the EU. Importers and distributors are also within scope under specific conditions.

Does Article 1 cover open-source AI systems?

Article 1 does not carve out open-source systems from the regulation's scope statement. Limited exemptions for free and open-source AI components are addressed in Article 2, which governs scope exclusions. Article 1 defines what the regulation is about; Article 2 defines to whom it applies and where exceptions exist.

Stay ahead of AI Act changes

Get compliance alerts when deadlines or obligations change.

No spam. One-click unsubscribe.