⚠️ This overlay is a framework operationalization, not legal advice. The EU AI Act is a complex regulation with delegated acts, guidance, and case law still emerging. Your General Counsel and a qualified EU AI Act specialist must validate scope and obligations for your company.
1. When this overlay applies
Apply this overlay at the program level (template 01 risk appetite) if any of the following is true:
- The company places AI systems on the EU market (sells, distributes, or makes available)
- The company puts AI systems into service in the EU
- The output of the company's AI system is used by persons located in the EU
- The company is established in the EU
- The company's AI system is used to provide services to the public in the EU
The Act's extraterritorial scope (Article 2) is broad. Non-EU companies whose AI outputs reach EU users are in scope.
Apply additional per-agent overlay sections when the agent falls into one of the following categories (described in detail in Section 3):
- Article 5 prohibited practices — automatic kill (don't build)
- High-risk (Annex III) — full obligations apply, automatic High tier in the framework
- Limited risk (Article 50) — transparency obligations apply
- Minimal risk — no specific Act obligations beyond general principles
- GPAI (general-purpose AI model) — applies to model providers, not typical deployers
2. Regulatory references
| Citation | Subject | Applies to |
|---|---|---|
| Article 5 | Prohibited AI practices | All AI in EU scope |
| Article 6 + Annex III | High-risk AI system definition | All AI in EU scope |
| Article 9 | Risk management system for high-risk | High-risk only |
| Article 10 | Data and data governance | High-risk only |
| Article 11 | Technical documentation | High-risk only |
| Article 12 | Record-keeping (logs) | High-risk only |
| Article 13 | Transparency / instructions for deployers | High-risk only |
| Article 14 | Human oversight | High-risk only |
| Article 15 | Accuracy, robustness, cybersecurity | High-risk only |
| Article 16 | Provider obligations | If you provide AI to others |
| Article 19 | Provider log retention (≥ 6 months) | High-risk providers |
| Article 25 | Deployer obligations | If you use AI placed on market by others |
| Article 26 | Deployer use of high-risk AI | High-risk deployers |
| Article 50 | Transparency for limited risk | All AI in scope |
| Article 52 | Codes of practice for GPAI | GPAI providers |
| Article 72 | Post-market monitoring | High-risk providers |
| Article 73 | Serious incident reporting (within 15 days) | High-risk providers |
| Article 99 | Penalties (up to €35M or 7% global turnover) | All |
3. Annex III — High-risk categories (enumerated)
If an agent falls into any of these categories, it is automatically High tier and the full Articles 9–15 + 72 + 73 obligations apply. CoE Lead + Legal + Security + Department Head must sign approval.
- Biometrics — remote biometric ID, biometric categorization on sensitive attributes, emotion recognition (excludes biometric verification confirming identity)
- Critical infrastructure — safety components for digital infra, road traffic, water/gas/heating/electricity supply
- Education + vocational training — admission, evaluation, level assessment, behavior monitoring during exams
- Employment, worker management — recruitment, screening, promotion, termination, task allocation, performance monitoring
- Essential private and public services — public assistance eligibility, creditworthiness / credit scoring (excluding fraud detection), life/health insurance risk assessment + pricing, emergency dispatch prioritization
- Law enforcement — victimization risk, polygraph, evidence evaluation, offending/re-offending risk, profiling
- Migration, asylum, border control — polygraph, security/migration risk assessment, visa/asylum decisions, identification (excluding travel document verification)
- Administration of justice and democratic processes — judicial fact-finding assistance, voting-behavior influence
Note: many B2B AI use cases (sales pipeline scoring, internal Q&A, document summarization, AP reconciliation) are not in Annex III. Most internal-process agents fall into "minimal risk" or "limited risk" tiers, not high-risk.
4. Article 5 — Prohibited practices (in force since 2025-02-02)
These are not "high risk" — they are forbidden. If a proposed agent falls into any of these, the answer at triage is automatic rejection.
- Cognitive behavioral manipulation causing harm
- Exploitation of vulnerability (age, disability, socio-economic)
- Social scoring by public authorities causing detrimental treatment
- Predictive policing targeting individuals (narrow exceptions)
- Untargeted scraping of facial images for facial-recognition databases
- Emotion recognition in workplaces or education (narrow exceptions)
- Biometric categorization on sensitive attributes (race, religion, political opinion, etc.)
- Real-time remote biometric ID in public spaces by law enforcement (narrow exceptions)
5. Additions to each core template
templates/01-risk-appetite.md (Risk Appetite Statement)
Add to Section 5 (Jurisdictions in scope):
EU AI Act in scope: Yes (reason: [we have EU customers / we operate in the EU / our outputs reach EU users]).
Annex III high-risk categories that could apply: [enumerate which categories the company's business COULD touch — even if no current agent is in one. This is the watchlist.]
Article 5 prohibited practices: company-wide ban (the framework explicitly excludes any proposed use case in this category).
Article 50 transparency: all AI-generated customer-facing content will be machine-readably marked as AI-generated. Chatbot-style interactions disclose AI nature.
GPAI provider obligations: [N/A if you're a deployer / applies if you produce general-purpose models].
Add to Section 6 (Risk appetite per tier):
Any agent falling into Annex III → automatic High tier. Approval requires CoE Lead + Department Head + Security + Legal AND a formal pre-deployment conformity assessment per Articles 16–28 (if you are the provider).
templates/02-intake-form.md (Intake Form)
Add to Section 11 (Known constraints):
EU AI Act check (mandatory at intake):
- Annex III category match? [None / specify category 1–8]
- Article 5 prohibited practice match? [None / specify]
- Customer-facing AI requiring Article 50 transparency? [Yes / No]
- Any Article 14 human oversight requirement implications? [Yes / No]
templates/03-agent-card.md (Agent Card)
Add new section after §13:
### §14 — EU AI Act compliance map
| Article | Obligation | Evidence in this Agent Card |
|---|---|---|
| Art. 9 (risk management) | Continuous risk management throughout lifecycle | §4, §10, §13, threat model (template 05) |
| Art. 10 (data governance) | Quality criteria for training/validation/test data | §5, §12 (eval), §11 (monitoring) |
| Art. 11 (technical documentation) | Comprehensive design + performance documentation | This entire Agent Card serves as Annex IV documentation |
| Art. 12 (record-keeping) | Automatic event logging over lifetime | §11 observability + audit log retention |
| Art. 13 (transparency) | Information to deployers | This Agent Card; runbook (template 09); user training |
| Art. 14 (human oversight) | Effective human oversight measures | §7 autonomy + §9 HITL gates + kill switch |
| Art. 15 (accuracy, robustness, cybersecurity) | Appropriate levels achieved + resistance to adversarial attacks | §12 eval (template 08) + threat model (template 05) |
| Art. 19 (log retention) | ≥ 6 months retention | §11 retention policy |
| Art. 50 (transparency) | Disclosure to humans interacting + synthetic-content marking | Where applicable: see §3 scope + §6 outputs |
| Art. 72 (post-market monitoring) | Continuous post-market monitoring | Quarterly reviews (template 15) + per-agent monitoring (template 09) |
| Art. 73 (serious incident reporting) | Notify within 15 days for serious incident | Post-mortem (template 10) §9 regulatory check |
templates/04-responsible-ai-checklist.md (RAI Checklist)
For EU-scope agents, items 5 (transparency) and 10 (synthetic content) become mandatory pass (no N/A allowed) per Article 50.
Item 9 (audit retention) is mandatory ≥ 6 months per Article 19, not just recommended.
templates/05-threat-model.md (Threat Model)
Section 7 (Communication-channel security): add explicit reference to Article 15 (cybersecurity) — the threat model satisfies this obligation for high-risk agents.
Section 5 (Red-team scenarios): document the scenarios + results — these are evidence for Article 15 robustness.
templates/07-pilot-to-prod-checklist.md (Pilot-to-Prod Gate)
Add new items 11–13 for EU-scope agents:
| 11 | EU AI Act technical documentation complete (Art. 11) | [✅ / ❌] | Agent Card §14 map populated |
| 12 | Post-market monitoring plan documented (Art. 72) | [✅ / ❌] | Plan in registry + quarterly review schedule |
| 13 | Serious incident reporting path documented (Art. 73) | [✅ / ❌] | Post-mortem template §9 + General Counsel contact + market surveillance authority contact |
templates/10-post-mortem.md (Post-Mortem)
Section 9 (Regulatory considerations): the EU AI Act Article 73 reporting trigger must be explicitly considered for every Sev-2+ involving a high-risk agent. If the incident meets the "serious incident" definition (death/serious harm to person, serious damage to property/environment, infringement of fundamental rights, serious damage to critical infrastructure), reporting to the national competent authority is required within 15 days.
templates/14-30-day-review.md + 15-quarterly-exec-readout.md
Add explicit EU AI Act compliance status section showing:
- Article 9–15 obligations met (per high-risk agent)
- Article 72 post-market monitoring evidence
- Any Article 73 serious incidents reported (or "none this period")
6. New evidence artifacts required
When this overlay applies, the program must additionally maintain:
- EU AI Act applicability log — for each agent in registry: Annex III mapping (none / category 1–8), Article 50 applicability, GPAI applicability.
- Technical documentation per Article 11 — the Agent Card plus supporting artifacts (eval reports, threat models, runbooks, post-mortems) collectively form the "technical documentation."
- Post-market monitoring records — the quarterly review (template 15) becomes the post-market monitoring record. Retain.
- Serious incident reports (if any) — copies of any Article 73 notifications.
- Conformity assessment records (if you are a provider of high-risk AI) — outside the framework's scope; involve EU AI Act counsel.
7. New approver roles
When this overlay applies:
| Decision | Add to approver list |
|---|---|
| Risk appetite (template 01) | EU AI Act SME (often via outside counsel) reviews jurisdictional scope |
| High-tier agent approval (M8 — template 02) when Annex III | Mandatory: General Counsel signs with explicit EU AI Act analysis |
| Article 50 disclosure decisions (transparency labeling) | General Counsel sign-off on disclosure language |
| Article 73 serious incident reporting | General Counsel + Executive Sponsor make notification decision within 15 days |
8. Per-agent decision tree
For each new agent, walk this tree at triage (M7):
1. Does the agent fall under Article 5 prohibited practices?
├── YES → REJECT at intake. Document. Communicate to requester.
└── NO → continue
2. Does the agent fall under any Annex III category (1–8)?
├── YES → Automatic High tier. Full Articles 9–15 obligations.
│ Add §14 to Agent Card. General Counsel + CISO sign.
│ Plan conformity assessment if you are the provider.
└── NO → continue
3. Does the agent interact with humans OR generate synthetic content?
├── YES → Article 50 transparency applies.
│ Disclosure language + machine-readable marking required.
└── NO → continue (likely "minimal risk" under the Act)
4. Are you placing the agent on the EU market or putting it into service?
├── YES → Article 25 + 26 deployer obligations apply (if you're not the provider).
│ OR Article 16+ provider obligations (if you are).
└── NO → only general principles apply
9. Article 99 penalties (for context)
| Violation | Maximum fine |
|---|---|
| Prohibited practices (Art. 5) | €35M or 7% global turnover (whichever higher) |
| Operator obligations (Arts. 16, 22, 23, 24, 26, 31, 33, 34, 50, etc.) | €15M or 3% |
| Incorrect / misleading info to authorities | €7.5M or 1% |
SME provision: for SMEs and startups, fines capped at the lower of the percentage or fixed amount.
10. Common pitfalls
| Pitfall | Reality |
|---|---|
| "We're not in the EU, the Act doesn't apply" | Article 2 extraterritorial scope: applies if outputs reach EU users. Check honestly. |
| "Internal AI doesn't count" | If your internal AI affects EU employees or processes EU personal data, the Act may still apply. |
| "Our agent isn't decision-making" | Article 50 transparency applies to any AI interacting with humans, regardless of decision authority. |
| "We're a deployer, not a provider, so Article 11 doesn't apply" | True for documentation creation — but Article 25/26 obligations still apply, and you may need the provider's documentation. |
| "Article 73 reporting is just for catastrophic incidents" | The definition includes infringement of fundamental rights — that's broader than catastrophic harm. |
| "We'll comply when the deadlines arrive" | 2026-08-02 most provisions activate. Article 5 has been in force since 2025-02-02. Lead time matters. |
| "GPAI rules don't apply to us, we just use ChatGPT" | True — GPAI rules apply to model providers, not their users. But Article 53 obligations flow down through transparency. |
11. References
- Primary: Regulation (EU) 2024/1689 — EUR-Lex link
- Annex III categories: artificialintelligenceact.eu/annex/3
- Article 99 penalties detail: artificialintelligenceact.eu/article/99
- European Commission AI Act page: digital-strategy.ec.europa.eu
framework.md§22.1 (full framework section on EU AI Act)articles.mdInput #3 (primary-source extraction)