The Artificial Intelligence Act (AI Act) is the EU flagship legislation on the use of AI in Europe.

It was adopted in May 2024 and most provisions will be applicable two years following its entry into force, possibly around mid-2026.

The objectives of the new AI rulebook are two-fold:

• fostering the development and uptake of trustworthy AI in the EU; and
• safeguarding public interests such as health, safety and fundamental rights of EU citizens, as well as democracy, the rule of law and the environment.

The AI Act establishes a risk-based approach for the regulation and governance of AI systems in the EU. It follows the logic of “the higher the risk, the stricter the rules”.

The new regulation categorises different types of AI systems according to the risk they pose to users. More specifically:

• Certain AI systems posing an unacceptable risk (e.g. social scoring) will be banned from the EU market.
• AI systems designated as high-risk in certain areas (e.g. critical digital infrastructure) will be subject to mandatory requirements and obligations.
• AI systems presenting only limited risk will have to comply with lighter transparency obligations.

General-purpose AI (GPAI) models are also part of the scope of the new regulation. GPAI models display “significant generality” and can perform a variety of tasks. The AI Act foresees a tailored and tiered framework for their use in the EU, with stricter requirements for GPAI models which pose “systemic risks”.

Cullen International is publishing a series of reports on the different aspects of the new AI rulebook. The first two reports cover the scope of the regulation with a particular focus on high-risk AI systems and GPAI models.

See also:
Part 2: Obligations
Part 3: Governance & Enforcement
Part 4: Interplay with other EU acts

For more information and to access our AI Act report series, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.