Obligations of Providers and Operators of AI Systems in the EU – Summary taking into account the trilogue of May 7, 2026

The EU Regulation on Artificial Intelligence (AI Regulation, Regulation (EU) 2024/1689) entered into force on August 1, 2024, and will become fully applicable in phases. It applies to all actors – including those outside the EU – who place an AI system on the EU market, put it into service, or use it, provided that the results of the AI system are used in the EU. The AI Regulation takes a risk-based approach and distinguishes between prohibited AI practices, high-risk AI systems, AI systems with limited risk (transparency obligations), and AI with minimal risk. The obligations arising from the AI Regulation depend largely on whether a company is classified as a provider or a deployer of an AI system.

1. Definitions: Provider and Deployer

Provider

According to Article 3(3) of the AI Regulation, a provider is a natural or legal person, public authority, agency, or other body that develops or has developed an AI system or a general-purpose AI model and places it on the market or puts the AI system into service under its own name or brand – regardless of whether this is done for remuneration or free of charge. The provider is not required to have technically developed the system themselves; what matters is that they place it on the market or put it into service under their own name or brand. Even the purely internal use of a self-developed AI system makes the developer a provider, as they are “putting the system into service.”

Deployer

According to Article 3(4) of the AI Regulation, a deployer is a natural or legal person, public authority, agency, or other body that uses an AI system under its own responsibility, unless the use takes place in the context of a personal, non-professional activity. The operator thus uses an AI system provided by a provider within their own operational context without placing it on the market themselves. Typical examples include a company that uses a third-party AI-powered applicant management tool, or a bank that uses a third-party AI-based credit scoring system.

Distinction and Role Shift

This distinction is of central importance, as providers bear significantly more extensive obligations than operators. In practice, a company can simultaneously be a provider for one AI system and an operator for another—for example, if it develops its own AI recruitment tool (provider) while also using an external AI analytics tool (operator).

Of particular practical relevance is the shift in role from operator to provider under Article 25(1) of the AI Regulation. An operator becomes a provider if they place a high-risk AI system on the market under their own name or brand, make a substantial change to a high-risk AI system, or change the intended use of an AI system in such a way that it becomes a high-risk AI system. 

In these cases, the operator assumes full provider obligations for the system in question. 

2. Prohibited AI Practices

As of February 2, 2025, certain AI applications are completely prohibited, including social scoring, subliminal manipulation, real-time biometrics in public spaces (with narrow exceptions), and biometric categorization for the derivation of sensitive characteristics. Furthermore, following the trilogue outcome of May 7, 2026, the use of AI systems that generate non-consensual sexually explicit or intimate content (so-called “nudifier apps”) or child sexual abuse material is prohibited. This ban takes effect on December 2, 2026, and applies to both providers and operators of such systems.

3. Obligations of Providers of High-Risk AI Systems

An AI system is considered high-risk if it is either used as a safety component in a product covered by EU product safety law or if it is intended for specific use cases listed in Annex III (e.g., biometrics, critical infrastructure, education, employment, law enforcement, migration).

Providers bear the main burden of compliance obligations under the AI Regulation. 

Specifically, they must:

• Establish and maintain a comprehensive risk management system throughout the system’s entire lifecycle (Art. 9). 
• Ensure appropriate data governance, i.e., training, validation, and test data must be relevant, representative, and as error-free as possible (Art. 10). 
• Prepare comprehensive technical documentation demonstrating the system’s conformity (Art. 11, Annex IV). 
• Design the system for automatic logging of relevant events (Art. 12). 
• Provide operators with appropriate instructions for use that cover the intended purpose, performance characteristics, limitations, and requirements for human oversight (Art. 13).
• Design the system to enable effective human oversight by the operator (Art. 14). 
• Ensure adequate accuracy, robustness, and cybersecurity (Art. 15). 
• Establish a quality management system (Art. 17).
• Conduct a conformity assessment prior to placing the system on the market, draw up an EU declaration of conformity, and affix the CE marking (Art. 43, 47, 48). 
• Register the system in the EU public database (Art. 49). 
• Operate a post-market surveillance system after placing the device on the market, report serious incidents, and take necessary corrective actions (Art. 72, 73). 
• Cooperate with the competent authorities and demonstrate conformity upon request.

4. Obligations of operators of high-risk AI systems

The obligations of operators are less extensive than those of providers, but by no means insignificant. 

In particular, operators must:

• Use the high-risk AI system in accordance with the provider’s instructions for use and implement appropriate technical and organizational measures (Art. 26). 
• Ensure human oversight by qualified personnel and designate appropriate individuals (Art. 26). 
• Check the input data for relevance and representativeness, to the extent that they have control over the data (Art. 26). 
• Monitor the operation of the AI system and, in the event of identified risks or serious incidents, inform the provider or the competent market surveillance authority (Art. 26).
• Inform natural persons affected by the AI system when the system makes or supports decisions regarding them, and provide a comprehensible explanation of the decision upon request (Art. 26, 86). 
• In the case of public authorities or certain sensitive use cases, conduct a Fundamental Rights Impact Assessment (FRIA) prior to the first deployment (Art. 27).
• When using the equipment in the workplace, inform the affected employees and their representatives in advance (Art. 26).
• Retain the automatically generated logs (Art. 26).

You can find a summary of this section of our article here in chart form.

5. Transparency obligations for providers and operators (Art. 50)

Starting August 2, 2026, the transparency obligations under Art. 50 of the AI Regulation will apply equally to both roles. 

The obligations are distributed differently:

Providers must ensure that AI systems that interact directly with natural persons (e.g., chatbots) are designed in such a way that the data subject is informed that they are communicating with an AI system. 

In addition, AI-generated content must be labeled in a machine-readable format and be recognizable as artificially generated (watermarking).

Operators must inform individuals when they are subject to an emotion recognition or biometric categorization system. 

They must also disclose when deepfakes – that is, AI-generated or manipulated image, audio, or video content – are used. 

Similarly, operators must disclose when AI-generated or manipulated texts are published that serve to inform the public about matters of public interest.

The deadline for implementing watermarking and transparency solutions for AI-generated content was set by the trilogue on May 7, 2026, to December 2, 2026 (shortening the transition period from 6 to 3 months).

6. Obligations for Providers of General-Purpose AI Models (GPAI)

Since August 2, 2025, specific obligations have applied to providers of general-purpose AI models (GPAI). These obligations apply exclusively to providers; operators have no independent obligations with respect to GPAI models alone – but they do have obligations regarding AI systems built on GPAI models. 

All GPAI providers must:

• Create and maintain technical documentation. 
• Provide downstream providers with sufficient information and documentation. 
• Implement a policy for compliance with EU copyright law. Publish a summary of the training content. 

For GPAI models posing systemic risk (10²⁵ FLOPs of computing power or more), the following additional obligations apply: 

• Conduct model evaluations and adversarial testing, 
• Reporting serious incidents, 
• Assess and mitigate systemic risks, and Ensure adequate cybersecurity.

7. Changes resulting from the trilogue of May 7, 2026 (Digital Omnibus on AI)

The provisional agreement of May 7, 2026, between the Council and the European Parliament introduces significant changes that affect both providers and operators.

Postponed application deadlines for high-risk obligations: For standalone high-risk AI systems (Annex III), the obligations apply as of December 2, 2027 (instead of August 2, 2026). For high-risk AI systems in regulated products, the obligations apply as of August 2, 2028 (instead of August 2, 2027).

Other significant changes include:

• Avoiding duplicate regulation for machinery: For AI systems in mechanical engineering products, compliance with sector-specific safety regulations (Machinery Directive) is sufficient; they are exempt from the direct application of the AI Regulation.
• Narrower definition of “safety component”: AI systems that merely assist users or optimize performance are not automatically considered high-risk if their failure does not cause health or safety risks.
• Extension of SME privileges to small mid-cap companies (SMCs): Certain exemptions that previously applied only to SMEs are being extended to small mid-cap companies.
• Processing of sensitive data for bias detection: Under the strict standard of “strict necessity,” personal data may be processed to detect and correct biases—for both high-risk and non-high-risk AI systems.
• Registration requirement for self-exemption: Providers who classify their systems as non-high-risk pursuant to Article 6(3) must nevertheless register them in the EU database.
• Strengthening the AI Office: The enforcement powers of the EU AI Office will be expanded for certain AI systems, particularly those based on GPAI models.
• Regulatory Sandboxes: The deadline for establishing national AI regulatory sandboxes is postponed to August 2, 2027.

8. AI Literacy

As of February 2, 2025, both providers and operators of AI systems are required to ensure a sufficient level of AI literacy among their employees and other persons involved in the operation and use of AI systems (Art. 4). 

9. Sanctions

Violations of the AI Regulation may result in substantial fines that can affect both providers and operators:

• Up to €35 million or 7% of global annual turnover for prohibited AI practices.
• Up to €15 million or 3% for violations of other obligations (including high-risk obligations and GPAI obligations).
• Up to €7.5 million or 1.5% for providing inaccurate information to authorities.

10. Next Steps

The provisional agreement of May 7, 2026, must still be formally adopted by the European Parliament and the Council; this is expected to take place before August 2, 2026. Providers and operators should already begin classifying their AI systems, determining their respective roles, assessing whether their systems fall under the high-risk or prohibited categories, and starting to establish the necessary compliance structures. The additional transition period secured through the trilogue provides an opportunity to thoroughly prepare for the new requirements.