The EU AI Act is the first major AI regulation. It classifies AI systems by risk, sets specific obligations on general-purpose AI (GPAI) models, and requires transparency for AI-generated content. Much of it targets model developers, but user organisations also pick up new obligations.
Timeline — what's live in April 2026
2 Feb 2025: prohibited practices and AI literacy. 2 Aug 2025: GPAI model obligations (two-year grace for models already on market). 2 Aug 2026: full AI Office enforcement + Article 50 transparency duties (labelling AI-generated content).
Why an open local model makes compliance easier
Open models ship with weights and a training-data summary — the documentation already exists. Local deployment audits on your side. Logs, terms and risk assessment stay under your control. Equivalent documentation for a closed cloud model is either impossible or depends on the provider's cooperation.
Frequently asked
- Am I a high-risk user?
- High-risk categories cover things like hiring, education assessment, critical infrastructure and law enforcement. A generic business assistant usually isn't high-risk, but your specific use case should be reviewed.
Updated 2026-04-21