Official definitions from the EU AI Act (Art. 3) and commonly used terms in EU AI regulation. Understanding what the Act means by 'AI system', 'provider', 'high-risk', 'substantial modification', and 'GPAI model' is essential for compliance. This glossary covers all core terms with plain-language explanations.
Core Definitions (Art. 3)
The EU AI Act contains 65 defined terms in Art. 3. The most important for compliance purposes are summarised below.
AI System (Art. 3(1))
A machine-based system that:
- Operates with varying levels of autonomy
- May exhibit adaptiveness after deployment
- Infers, from inputs, how to generate outputs (predictions, content, recommendations, decisions) that can influence physical or virtual environments
Key implication: The definition is technology-neutral. It does not require deep learning or neural networks — a rule-based system with adaptive components may qualify. Conversely, a simple if-then logic tree without learning capability likely does not qualify.
Provider (Art. 3(3))
Any natural or legal person, public authority, agency, or body that develops an AI system or has an AI system developed and places it on the market or puts it into service under its own name or trademark — whether for payment or free of charge.
Key implication: Development responsibility + market placement = provider status. A company that commissions a custom AI build from an external developer is the provider if the system is placed on the market under the company's brand.
Deployer (Art. 3(4))
Any natural or legal person, public authority, agency, or body that uses an AI system under its authority for a professional purpose — except where use is in personal non-professional activity.
Key implication: The vast majority of businesses using AI purchased from third parties are deployers. Deployer obligations are less burdensome than provider obligations but are still significant for high-risk systems.
Authorised Representative (Art. 3(5))
Any natural or legal person established in the Union who has received a written mandate from a provider of an AI system established outside the Union to carry out obligations on behalf of that provider.
Key implication: Non-EU providers of AI systems placed on the EU market must designate an EU-based authorised representative. This representative can be held legally responsible for the provider's EU AI Act obligations.
Importer (Art. 3(6))
Any natural or legal person established in the Union that places on the EU market an AI system that bears the name or trademark of a natural or legal person established outside the Union.
Distributor (Art. 3(7))
Any natural or legal person in the supply chain, other than the provider or importer, that makes an AI system available on the Union market without modifying it.
Operator (Art. 3(8))
A collective term covering providers, authorised representatives, importers, distributors, deployers, and any other person subject to obligations under the Act.
Intended Purpose (Art. 3(12))
The use for which an AI system is intended by the provider, including the specific context and conditions of use specified in the information supplied by the provider in the instructions for use, promotional or sales materials, or statements.
Key implication: The intended purpose determines which risk category applies and which requirements must be met. A system intended for credit scoring is high-risk (Annex III); the same underlying model intended for spam filtering may not be. Providers cannot escape high-risk classification by leaving the intended purpose vague — the Act looks to all information about the system's design and marketing.
Reasonably Foreseeable Misuse (Art. 3(13))
Use of an AI system in a way that is not in accordance with its intended purpose but that may result from reasonably foreseeable human behaviour or interaction with other systems.
Key implication: Providers must assess and address foreseeable misuse in their risk management systems — not just the intended use case. A facial recognition system intended for access control must address the foreseeable risk that it could be used for real-time surveillance.
Safety Component (Art. 3(14))
A component of a product or of an AI system which fulfils a safety function for that product or AI system, or the failure or malfunction of which endangers the health and safety of persons or property.
Key implication: AI systems that are safety components of products covered by Annex I sector legislation are automatically subject to the high-risk requirements, regardless of whether the AI itself poses direct risk.
Placing on the Market (Art. 3(9))
The first making available of an AI system or a general-purpose AI model on the Union market.
Putting into Service (Art. 3(11))
The supply of an AI system for first use directly to the deployer or for own use on the Union market for its intended purpose.
Key implication: Both "placing on the market" (selling to others) and "putting into service" (using yourself) trigger provider obligations. An enterprise that builds an AI system for internal use is putting it into service and is a provider subject to all obligations.
High-Risk AI System
Not defined in a single sentence — classified by reference to Annex I (safety components in regulated products) and Annex III (standalone high-risk use cases). The risk level depends on the intended purpose and deployment context, not the underlying technology.
Annex III high-risk categories:
- Biometric identification and categorisation
- Management of critical infrastructure
- Education and vocational training
- Employment, workers management, access to self-employment
- Access to and enjoyment of essential private services and public services and benefits
- Law enforcement
- Migration, asylum, border control management
- Administration of justice and democratic processes
General-Purpose AI (GPAI) Model (Art. 3(63))
An AI model, including where trained with a large amount of data using self-supervision at scale, that displays significant generality and is capable of competently performing a wide range of distinct tasks regardless of the way the model is placed on the market — which can be used in a variety of downstream applications.
Key distinction from AI system: A GPAI model is not yet an AI system. It becomes part of an AI system when integrated into a product or application. The Act imposes obligations on GPAI model providers separately from (and in addition to) obligations on providers of AI systems built using GPAI models.
GPAI Model with Systemic Risk (Art. 3(65))
A GPAI model designated as systemic-risk because it has high-impact capabilities evaluated according to appropriate technical tools and methodologies, or because of its actual or reasonably foreseeable high-impact reach.
The current indicator is cumulative training compute exceeding 10^25 FLOPs. Additional criteria may be applied by Commission delegated act.
Serious Incident (Art. 3(49))
Any incident or malfunction of an AI system that directly or indirectly leads to:
- Death of a person or serious damage to a person's health
- A serious and irreversible disruption of the management and operation of critical infrastructure
- Infringement of obligations under Union law intended to protect fundamental rights
- Serious damage to property or the environment
Substantial Modification (Art. 3(23))
A change to an AI system after placing on the market or putting into service which is not foreseen or planned in the initial conformity assessment and which affects the compliance of the AI system with the requirements of the Act or results in a change to the intended purpose.
Conformity Assessment (Art. 3(20))
The process of verifying whether a high-risk AI system meets the requirements set out in Chapter III, Section 2 of the Act. Conformity assessments may be conducted by the provider (self-assessment) or by a notified body (third-party assessment), depending on the type of system.
Notified Body (Art. 3(22))
A conformity assessment body designated by a member state to carry out third-party conformity assessment activities for high-risk AI systems. Notified bodies are the AI Act's equivalent of the CE marking bodies used in traditional product regulation.
Market Surveillance Authority (Art. 3(26))
The national authority responsible for carrying out market surveillance under the AI Act. Member states must designate at least one market surveillance authority per member state.
CE Marking (Art. 3(30))
The marking by which a provider indicates that a high-risk AI system is in conformity with the requirements of the AI Act and other applicable Union legislation providing for its affixing.
Sector-Specific Terms
Biometric Data (imported from GDPR)
Personal data resulting from specific technical processing relating to the physical, physiological or behavioural characteristics of a natural person, which allow or confirm the unique identification of that natural person.
Remote Biometric Identification System (Art. 3(40))
An AI system intended for the identification of natural persons at a distance through the comparison of a person's biometric data with the biometric data contained in a reference database, without prior knowledge of the user of the AI system whether the person will be present and can be identified.
Key implication: Real-time remote biometric identification in publicly accessible spaces is prohibited for law enforcement purposes with narrow exceptions (Art. 5).
Foundation Model
Not defined in the AI Act — the Act uses "GPAI model" instead. Foundation model is a commonly used industry term for large-scale pre-trained models. For regulatory purposes, use "GPAI model."
Fine-tuning
Not defined in the Act. Adapting a GPAI model to a specific domain or task through additional training. If fine-tuning results in a substantially different model placed on the market, the fine-tuner may become a provider of that new model.
Procedural Terms
Technical Documentation (Annex IV)
The structured documentation package that providers of high-risk AI systems must prepare before market placement and maintain throughout the system's lifecycle. It includes the system description, design logic, training data information, testing results, risk management documentation, and post-market monitoring plan.
EU Declaration of Conformity (Art. 3(37))
A formal document signed by the provider stating that the high-risk AI system complies with all applicable requirements of the Act. It is the legal basis for affixing CE marking.
Instructions for Use (Art. 3(15))
Information provided by the provider to inform the deployer of the AI system's intended purpose, performance, technical specifications, and conditions of use — including any restrictions and foreseeable risks.
Post-Market Monitoring Plan (Art. 3(32))
The documented plan established by a provider for collecting and reviewing experience gained from operating a high-risk AI system after it has been placed on the market or put into service.
Fundamental Rights Impact Assessment (Art. 27)
An assessment that deployers in the public sector (and certain private deployers) must conduct before deploying a high-risk AI system, evaluating the impact on the fundamental rights of affected persons.
Official AI Act Compliance Deadline Calendar
Updated · Sources: Regulation (EU) 2024/1689 and the 2026 Digital Omnibus on AI.
| Obligation | Applies to | Original date | New date | Status | Countdown | Legal basis |
|---|---|---|---|---|---|---|
| Prohibited Practices (Art. 5) | All providers and deployers | active | — | AI Act Art. 5 | ||
| GPAI Rules (Chapter 5) | GPAI model providers | active | — | AI Act Art. 51-56 | ||
| High-risk AI — Annex III (standalone) | Providers of standalone Annex III systems | deferred | — | AI Omnibus 2026 Art. 6(2) | ||
| High-risk AI — Annex I (embedded) | AI embedded in Annex I regulated products | deferred | — | AI Omnibus 2026 Art. 6(1) | ||
| AI-Generated Content Marking | Providers of generative GPAI systems | active | — | AI Act Art. 50(2) | ||
| Regulatory Sandboxes | National competent authorities | active | — | AI Act Art. 57 |
⬇ Download JSON · CC BY 4.0
AI Act meets DORA and NIS2
Is your organisation subject to both the AI Act and DORA? The two regulations intersect on the operational resilience of financial AI systems. Our sister site regulation-dora.eu covers DORA in depth.
Explore regulation-dora.eu ↗Frequently Asked Questions
Art. 3(1) defines an AI system as 'a machine-based system that is designed to operate with varying levels of autonomy and that may exhibit adaptiveness after deployment, and that, for explicit or implicit objectives, infers, from the input it receives, how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments.' This definition, aligned with the OECD AI definition, is intentionally broad and covers virtually all machine learning models, deep learning systems, and rule-based systems with learning components.
A GPAI model (Art. 3(63)) is an AI model trained on large amounts of data with broad general applicability across a wide range of distinct tasks. It can be used for various downstream tasks, either directly or when integrated into another AI system. Examples include large language models (GPT-4, Claude, Gemini, Llama), large image generation models (Stable Diffusion, DALL-E), and multimodal models. The defining characteristic is general applicability — not task-specific training.
The EU AI Act sets the initial threshold at a cumulative training compute exceeding 10^25 FLOPs (floating-point operations). This threshold can be revised by the Commission through delegated acts as technology evolves. Additionally, a model can be designated as systemic-risk on other grounds if it has high-impact capabilities or widespread deployment that could create significant risks regardless of training compute.
A substantial modification (Art. 3(23)) is a change to an AI system after its placing on the market or putting into service that affects the compliance of the AI system with the requirements of the Act or results in a change to the intended purpose for which the AI system has been assessed. Determining whether a modification is 'substantial' requires the provider to assess whether it changes the risk profile, performance characteristics, or intended use in ways that would have affected the original conformity assessment.
Stay ahead of AI Act changes
Get compliance alerts when deadlines or obligations change.
No spam. One-click unsubscribe.