Article 60 of Regulation (EU) 2024/1689 — Testing of high-risk AI systems in real-world conditions outside AI regulatory sandboxes. Official text, practical interpretation, key obligations and compliance implications.

Official Text Summary

Article 60 of Regulation (EU) 2024/1689 establishes the conditions under which providers and prospective providers of high-risk AI systems may conduct testing in real-world conditions outside the structured framework of AI regulatory sandboxes established under Articles 57 to 59. This provision recognises that meaningful evaluation of high-risk AI systems often requires exposure to genuine operational environments, while maintaining safeguards commensurate with the risks involved.

The article requires that testing outside sandboxes be carried out only where a set of cumulative conditions are met. The provider or prospective provider must submit a notification to the competent national authority at least 30 days prior to commencing testing. The notification must include a test plan describing the scope, duration, geographical area, categories of persons involved, and the risk mitigation measures in place.

Informed consent of subjects is a central requirement. Where the AI system interacts with or makes decisions affecting identifiable natural persons, those persons must be informed of their participation and must consent explicitly, unless applicable sectoral law provides otherwise. Testing must not exceed what is strictly necessary to achieve the stated objectives, and must not expose subjects to unacceptable risk or harm.

The article further requires that the testing be conducted under the supervision of the provider, that results be recorded, and that serious incidents encountered during testing be reported to the competent authority. Member States retain the ability to authorise or refuse testing activities in their territory and may impose additional conditions.

What This Means in Practice

Article 60 is primarily relevant to organisations developing or deploying high-risk AI systems — as defined under Article 6 and Annex III of the Regulation — who need to validate system performance or safety properties in genuine operational settings before or alongside formal conformity assessment. This includes, for example, a hospital piloting an AI-assisted diagnostic tool in a live clinical environment, or a financial institution testing a creditworthiness model with real applicants outside a controlled sandbox.

In practice, compliance means establishing an internal process for managing real-world tests that mirrors the obligations of the article. Before any test begins, the organisation must prepare a structured test plan, verify that all consent mechanisms are in place, and lodge the required notification with the competent authority at least 30 days in advance — leaving adequate time for the authority to raise objections or impose conditions.

During the test, the organisation must maintain active human oversight, document all material incidents, and be prepared to suspend testing immediately if risks exceed anticipated levels. Data collected during testing remains subject to applicable GDPR obligations, and the processing of special categories of data requires a specific legal basis.

Organisations should also ensure their contracts with deployers or third-party test operators clearly allocate responsibility for compliance with Article 60 conditions, since the obligation sits primarily with the provider or prospective provider regardless of who physically conducts the test. Internal governance frameworks — including a designated responsible person and a documented risk register for the test — are strongly advisable.

Key Obligations

Relationship to Other Articles

Article 60 is part of Title VI (Measures in Support of Innovation) and should be read alongside Articles 57 to 59, which establish the primary framework for AI regulatory sandboxes. Article 60 functions as a complementary pathway for testing that does not take place within a formal sandbox, but it does not replace or lower the substantive safety and transparency obligations that apply to high-risk AI systems under Title III (particularly Articles 8 to 15 on provider obligations, risk management, and technical documentation).

The consent and data protection requirements of Article 60 intersect directly with Regulation (EU) 2016/679 (GDPR), particularly Articles 6, 9, and 22 on lawful processing and automated decision-making. Article 60 also connects to Article 71 on the EU database, which governs registration obligations, and to Article 73 on market surveillance, since competent authorities may inspect real-world tests. Providers should additionally consider Article 26 on obligations of deployers, as real-world testing frequently involves deployer-side infrastructure and data.

Compliance Timeline

The EU AI Act entered into force on 1 August 2024, twenty days after its publication in the Official Journal of the European Union. Its provisions apply in phases:

Organisations planning real-world testing programmes should begin designing compliant test governance frameworks and notification procedures well in advance of the 2 August 2026 date to avoid delays when the obligation becomes enforceable.

Official AI Act Compliance Deadline Calendar

Updated · Sources: Regulation (EU) 2024/1689 and the 2026 Digital Omnibus on AI.

Obligation Applies to Original date New date Status Countdown Legal basis
Prohibited Practices (Art. 5) All providers and deployers active AI Act Art. 5
GPAI Rules (Chapter 5) GPAI model providers active AI Act Art. 51-56
High-risk AI — Annex III (standalone) Providers of standalone Annex III systems deferred AI Omnibus 2026 Art. 6(2)
High-risk AI — Annex I (embedded) AI embedded in Annex I regulated products deferred AI Omnibus 2026 Art. 6(1)
AI-Generated Content Marking Providers of generative GPAI systems active AI Act Art. 50(2)
Regulatory Sandboxes National competent authorities active AI Act Art. 57

Download JSON · CC BY 4.0

AI Act meets DORA and NIS2

Is your organisation subject to both the AI Act and DORA? The two regulations intersect on the operational resilience of financial AI systems. Our sister site regulation-dora.eu covers DORA in depth.

Explore regulation-dora.eu ↗

Frequently Asked Questions

Providers and prospective providers of high-risk AI systems may conduct real-world testing outside sandboxes, provided they notify the relevant national competent authority at least 30 days before testing begins and meet the conditions set out in Article 60, including obtaining informed consent from subjects and putting appropriate risk mitigation measures in place.

No. Article 60 establishes a distinct pathway for real-world testing that takes place outside the formal AI regulatory sandboxes governed by Articles 57 to 59. It provides a lighter-touch mechanism but still imposes mandatory safeguards, notification requirements, and conditions for the protection of subjects involved in testing.

Subjects involved in real-world testing must give explicit informed consent, except where applicable sectoral law allows otherwise. They must be informed of their right to withdraw without detriment, protected from any undue negative effects, and the provider must ensure that any harm arising from testing is addressed. Special protections apply to vulnerable groups.

Article 60 falls under Title VI and applies from 2 August 2026, which is the general application date for most provisions of the EU AI Act. High-risk AI systems listed in Annex III face staged obligations, with some categories under the extended timeline of 2 August 2027.

Not necessarily at the testing phase, but the testing must be conducted under conditions that are consistent with the intended use and risk management requirements of the AI Act. Providers must register the planned testing in the EU database and ensure that the test plan, safeguards, and oversight mechanisms satisfy the conditions listed in Article 60(4).

Stay ahead of AI Act changes

Get compliance alerts when deadlines or obligations change.

No spam. One-click unsubscribe.