GPAI Compliance Deadline:
August 2, 2026
The Act rolls out in phases through 2027. See where your AI systems fall — and what you need to do.
EU AI Act — Phased Enforcement Timeline
Feb 2, 2025
Prohibited AI
Bans on unacceptable-risk AI (social scoring, real-time biometric surveillance) apply now.
Aug 2, 2025
GPAI Codes of Practice
General-purpose AI providers must follow codes of practice and transparency requirements.
Aug 2, 2026
GPAI Obligations
Full GPAI model compliance required — documentation, copyright, systemic risk assessment.
Aug 2, 2027
High-Risk AI Systems
Pre-existing high-risk AI systems (Annex I) must comply. New systems already from Aug 2026.
Source: EU AI Act (Regulation 2024/1689). Dates reflect official enforcement phases.
What You Need to Do
The EU AI Act imposes 8 key obligations on organizations deploying or providing AI systems. Read the EU AI Act full text or visit the EU AI Office for official guidance.
AI Literacy
Ensure all staff working with AI systems have sufficient AI literacy and training.
Prohibited Practices
Audit AI systems against prohibited use categories — subliminal manipulation, social scoring, real-time biometric identification.
Risk Management
Establish and maintain a continuous risk management system throughout the AI lifecycle.
Technical Documentation
Produce Annex IV compliant technical documentation before market placement.
Human Oversight
Design systems to be effectively overseen by natural persons during use.
Record-Keeping
10-year log retention with full decision traceability for high-risk AI systems.
Quality Management
Implement a quality management system ensuring ongoing regulatory compliance.
Post-Market Surveillance
Draw up and implement a post-market surveillance plan for each high-risk AI system.
Deployer Obligations
Monitor AI systems, conduct DPIAs, and maintain logs as required for deployers of high-risk AI.
GPAI & Systemic Risk
Systemic risk assessment, training data transparency, compute provider notification, and deployment monitoring for GPAI models.
Regulatory Sandbox
Document and track participation in EU or national AI regulatory sandboxes.
Incident & Post-Market
Incident register, information sharing, recall procedures, right of access, and EU database reporting.
Whistleblower Protection
Establish internal channels for reporting AI Act breaches with whistleblower protections.
TruthVouch automates all 37 EU AI Act articles — 53 obligations
How TruthVouch Gets You Compliant
Six steps from discovery to board-ready reporting.
Discover
Find all AI systems in your organization
Classify
Determine risk levels per EU AI Act
Document
Auto-generate Annex IV technical docs
Govern
Enforce policies on live AI traffic
Evidence
Collect compliance proof automatically
Report
Generate board-ready compliance reports
Discover
Find all AI systems in your organization
Classify
Determine risk levels per EU AI Act
Document
Auto-generate Annex IV technical docs
Govern
Enforce policies on live AI traffic
Evidence
Collect compliance proof automatically
Report
Generate board-ready compliance reports
Compliance + Enforcement = Only TruthVouch
Other tools help you fill out forms. We fill out forms AND enforce the rules.
| Capability | Documentation-Only Tools | TruthVouch |
|---|---|---|
| Risk Assessment | ||
| Auto-Documentation | ||
| Runtime Enforcement | ||
| Automated Evidence Collection | ||
| Multi-Model Governance | ||
| Hallucination Detection |
Deploying Foundation Models?
Companies fine-tuning or deploying general-purpose AI models face additional obligations under the EU AI Act.
Training Data Documentation
Detailed summaries of training data sources, methodologies, and preprocessing steps as required by Article 53.
Copyright Compliance
Automated copyright policy enforcement and documentation for training data provenance.
Capability Evaluations
Structured model evaluation frameworks aligned with EU AI Act capability assessment requirements.
Transparency Requirements
Machine-readable model cards, usage policies, and downstream provider notification systems.
Start Your Compliance Journey Today
Professional
$1,199/mo
EU AI Act compliance automation for growing teams
Enterprise
Custom Compliance Packages
Dedicated support, custom integrations, and priority onboarding
EU AI Act Questions
What is the EU AI Act?
The EU AI Act (Regulation 2024/1689) is the world's first comprehensive legal framework for artificial intelligence, adopted by the European Union in 2024. It establishes risk-based requirements for AI systems — from prohibited uses (social scoring, real-time biometric surveillance) to high-risk applications (hiring, credit scoring, critical infrastructure) to general-purpose AI (GPAI) models like GPT-4 and Claude. Organizations deploying or providing AI systems in the EU must comply with obligations across 8 key articles covering risk management, technical documentation, human oversight, and incident reporting.
When does the EU AI Act take effect?
The EU AI Act rolls out in phases. Prohibited AI practices (e.g., social scoring, real-time biometric surveillance) have been banned since February 2, 2025. GPAI providers — companies using or providing foundation models like GPT-4, Claude, or Gemini — must comply with transparency and documentation requirements by August 2, 2026. Full high-risk AI system compliance (Annex I) is required by August 2, 2027 for pre-existing systems; new high-risk systems must comply from August 2026.
How does TruthVouch help with EU AI Act compliance?
TruthVouch automates all 8 key EU AI Act obligations: risk management (Art. 9), technical documentation with Annex IV templates (Art. 11), human oversight guardrails (Art. 14), quality management systems (Art. 17), GPAI provider documentation and copyright compliance (Art. 53), post-market monitoring (Art. 72), incident reporting workflows (Art. 73), and phased timeline tracking (Art. 113). Most organizations reach compliance-ready status in under 14 days. The platform also provides runtime enforcement via the AI Firewall — something documentation-only tools cannot offer.
Find out where you stand
Take our free 5-minute EU AI Act Readiness Assessment