Article 53 of Regulation (EU) 2024/1689 — Obligations for providers of general-purpose AI models with systemic risk. Official text, practical interpretation, key obligations and compliance implications.
Official Text Summary
Article 53 of Regulation (EU) 2024/1689 establishes obligations that apply exclusively to providers of general-purpose AI (GPAI) models classified as presenting systemic risk pursuant to Article 51. These are models trained with compute exceeding 10^25 floating-point operations (FLOPs), or models designated by the AI Office on the basis of a capability or impact assessment.
In addition to the baseline obligations applicable to all GPAI model providers under Article 52, providers covered by Article 53 must: perform model evaluations, including adversarial testing conducted in accordance with standardised protocols or approved methodologies; assess and mitigate systemic risks at Union level; report serious incidents and malfunctions to the AI Office without undue delay; ensure an adequate level of cybersecurity protection for the model, its infrastructure, and physical environment; and document the results of model evaluations and make those results available to the AI Office upon request.
Article 53(2) provides that providers may rely on codes of practice adopted under Article 56 to demonstrate compliance. The European Commission is empowered to issue delegated acts specifying the content and procedures for evaluations, and to adapt thresholds as scientific understanding evolves. The AI Office monitors compliance and may require further information or corrective action.
What This Means in Practice
Article 53 creates a distinct compliance tier for the most capable and potentially impactful GPAI models on the EU market. Any organisation — regardless of where it is established — that provides such a model to deployers or end users in the EU must assess whether it crosses the systemic-risk threshold.
For providers above the 10^25 FLOP compute threshold, the obligations are automatic. For providers below that threshold, the AI Office can still trigger Article 53 obligations following a case-by-case evaluation based on indicators such as the number of users, the breadth of capabilities, or integration into critical sectors.
In practice, compliance requires standing up robust internal processes: a model evaluation programme capable of conducting red-teaming and adversarial probing before and after deployment; a systemic risk register and associated mitigation plan; a cybersecurity framework covering the model weights, APIs, and training infrastructure; and an incident response procedure linked to the reporting obligation toward the AI Office.
Concretely, a provider of a frontier large language model made available via API to EU-based deployers must carry out adversarial testing — such as jailbreak attempts and capability elicitation for dangerous content — document results, retain them, and be able to share them with the AI Office. If the model produces output that causes or nearly causes serious harm to a person or critical infrastructure, that incident must be reported promptly. Participation in an AI Office-approved code of practice under Article 56 provides a structured pathway to demonstrate compliance without waiting for harmonised standards.
Key Obligations
- Model evaluations and adversarial testing: Conduct thorough evaluations, including red-teaming and adversarial testing, using standardised protocols or those approved by the AI Office, before and following significant model updates.
- Systemic risk assessment and mitigation: Identify, analyse, and mitigate potential systemic risks at Union level that may arise from the development, placing on the market, or use of the model.
- Serious incident reporting: Report to the AI Office without undue delay any serious incident or malfunctioning linked to the GPAI model with systemic risk, including information on the incident and corrective measures taken.
- Cybersecurity protection: Implement and maintain appropriate cybersecurity measures protecting the model, its physical infrastructure, and supply chain — including model weights, APIs, and training pipelines — commensurate with identified risks.
- Documentation and transparency to the AI Office: Keep records of evaluation results, testing methodologies, and risk mitigation measures; make these available to the AI Office upon request.
- Codes of practice compliance pathway: Demonstrate conformity with Article 53 obligations by adhering to codes of practice developed under Article 56, pending the availability of harmonised standards.
Relationship to Other Articles
Article 53 cannot be read in isolation. It builds directly on Article 51, which defines the criteria and procedures for classifying a GPAI model as presenting systemic risk — including the 10^25 FLOP compute threshold and the AI Office's discretionary designation power. The baseline obligations of Article 52 remain fully applicable alongside Article 53; the latter adds a further layer rather than replacing the former.
Article 55 governs qualified presumptions of conformity, while Article 56 establishes the codes of practice mechanism that Article 53(2) explicitly references as a compliance pathway. The AI Office's supervisory role over Article 53 obligations is grounded in Articles 88 to 90, which set out enforcement powers and procedures. For providers who are also deployers of high-risk AI systems, the requirements of Chapter III (Articles 9–16) on risk management and technical documentation may overlap with systemic risk mitigation work required by Article 53, and coordination between compliance teams is advisable to avoid duplication.
Compliance Timeline
The EU AI Act entered into force on 1 August 2024 (twenty days after publication in the Official Journal on 12 July 2024). Article 53, as part of Title V governing general-purpose AI models, became applicable on 2 August 2025 — twelve months after entry into force, in accordance with Article 113(3).
This means providers of GPAI models with systemic risk were required to have their evaluation programmes, incident reporting procedures, and cybersecurity frameworks operational by that date. The phased application schedule for reference: prohibited AI practices under Article 5 applied from 2 February 2025 (six months); GPAI model obligations including Article 53 from 2 August 2025 (twelve months); obligations relating to high-risk AI systems under Annex I from 2 August 2026 (twenty-four months); and remaining high-risk AI system obligations from 2 August 2027 (thirty-six months). Providers should also monitor delegated acts from the European Commission that may refine Article 53 evaluation requirements or adjust the compute threshold as scientific understanding of frontier model capabilities evolves.
Official AI Act Compliance Deadline Calendar
Updated · Sources: Regulation (EU) 2024/1689 and the 2026 Digital Omnibus on AI.
| Obligation | Applies to | Original date | New date | Status | Countdown | Legal basis |
|---|---|---|---|---|---|---|
| Prohibited Practices (Art. 5) | All providers and deployers | active | — | AI Act Art. 5 | ||
| GPAI Rules (Chapter 5) | GPAI model providers | active | — | AI Act Art. 51-56 | ||
| High-risk AI — Annex III (standalone) | Providers of standalone Annex III systems | deferred | — | AI Omnibus 2026 Art. 6(2) | ||
| High-risk AI — Annex I (embedded) | AI embedded in Annex I regulated products | deferred | — | AI Omnibus 2026 Art. 6(1) | ||
| AI-Generated Content Marking | Providers of generative GPAI systems | active | — | AI Act Art. 50(2) | ||
| Regulatory Sandboxes | National competent authorities | active | — | AI Act Art. 57 |
⬇ Download JSON · CC BY 4.0
AI Act meets DORA and NIS2
Is your organisation subject to both the AI Act and DORA? The two regulations intersect on the operational resilience of financial AI systems. Our sister site regulation-dora.eu covers DORA in depth.
Explore regulation-dora.eu ↗Frequently Asked Questions
Article 53 applies to providers of general-purpose AI models that have been classified as posing systemic risk — either because they were trained using a cumulative amount of compute greater than 10^25 FLOPs, or because the AI Office has designated them as such following an evaluation under Article 51.
Article 52 sets baseline obligations for all general-purpose AI model providers, including documentation and transparency requirements. Article 53 imposes additional, more stringent obligations exclusively on providers of GPAI models with systemic risk, including adversarial testing, incident reporting, and cybersecurity measures.
Article 53 does not mandate restricting access, but it does require providers to implement policies and technical measures commensurate with systemic risk. This may include access controls where justified by the adversarial testing findings or the cybersecurity risk assessment.
A serious incident under Article 53 refers to any incident or malfunctioning of a GPAI model with systemic risk that results in, or has a reasonable probability of resulting in, death, serious harm to health, serious disruption of critical infrastructure, property damage, or significant adverse effects on fundamental rights. Providers must report such incidents to the AI Office without undue delay.
Article 53 became applicable on 2 August 2025, twelve months after the Regulation entered into force on 1 August 2024. This reflects the EU AI Act's specific timeline for Title V provisions governing general-purpose AI models.
Stay ahead of AI Act changes
Get compliance alerts when deadlines or obligations change.
No spam. One-click unsubscribe.