The EU AI Act: How It Changes AI development and What It Means for Custom AI

25 mins |

In force vs comingIn force vs coming

TL;DR

The EU AI Act doesn’t just regulate what AI you ship — it regulates how you build it. Prohibitions and GPAI rules are already in force; transparency obligations apply from August 2026; high-risk requirements were deferred to December 2027 — but harmonized standards will land close to the deadlines, so the clock is already running. This guide translates the Act into development decisions: how risk tiers shape scoping, why extensive fine-tuning can turn you from deployer into provider, and how compliance-by-design — risk classification, logging, evaluation, and documentation built into the lifecycle — beats bolting it on later.


“The EU AI Act doesn’t just regulate what AI you ship — it regulates how you build it.” That’s the sentence to keep. The Act’s scope is deliberately wide. It applies to anyone placing AI systems on the EU market, and to anyone whose AI outputs are used in the EU. So, like GDPR, it reaches across borders. A US SaaS with EU users is in scope.

Legal teams can read the obligations. But only engineering can implement them. Consider the list: risk management systems, data governance, automatic logging, human oversight, accuracy testing, technical documentation. These are Articles 9–15 of the Regulation. And every one is a build-process requirement, not a policy memo. The penalties are real and worth stating once. They reach €35M or 7% of global annual turnover for prohibited practices, and €15M or 3% for high-risk violations. But we’ll leave it at that. Fear is not a compliance strategy, and this audience doesn’t need it.

So here’s what this guide gives you. First, an accurate timeline, because most of what you’ve read is stale. Then a role-classification heuristic including the fine-tuning trap, and a map of what actually changes in the development lifecycle. Our own readiness research says most AI initiatives stall on unglamorous foundations. Regulation now adds a layer to those foundations, so an AI readiness assessment should cover both.

A note on what this is: a practitioner’s guide grounded in official EU sources, not legal advice. Classification decisions in edge cases deserve counsel.

The real timeline — what’s in force, what moved, what it means

The Digital Omnibus is the most misreported fact on this topic. Half the articles ranking today still present August 2, 2026 as the operative high-risk deadline. It isn’t. The Omnibus was adopted by the European Parliament on June 16 and the Council on June 29, 2026. Publication in the Official Journal follows, with entry into force on the third day after. Crucially, it moved some dates and left others exactly where they were. So here’s the full picture, all dates from official EU sources:

  • Aug 1, 2024 — Regulation (EU) 2024/1689 entered into force.
  • Feb 2, 2025 — prohibited practices banned (social scoring, exploitative manipulation, certain biometric surveillance), and the Article 4 AI-literacy duty applies. Both are live today; the Omnibus touched neither.
  • Aug 2, 2025 — obligations for general-purpose AI (GPAI) model providers apply; the AI Office and national authorities are operational.
  • Aug 2, 2026 — Article 50 transparency obligations apply. Not deferred. Users must be told they’re interacting with AI; deployer disclosure duties go live.
  • Dec 2, 2026 — the Article 50(2) marking/watermarking deadline for providers of generative systems already on the market on Aug 2, 2026. The Omnibus cut that grace period from six months to three, and new systems comply at placement. The same day, the new Article 5 prohibition on AI-generated non-consensual intimate imagery and CSAM takes effect.
  • Dec 2, 2027 — Annex III stand-alone high-risk obligations apply (deferred from Aug 2, 2026).
  • Aug 2, 2028 — Annex I embedded high-risk systems (deferred from Aug 2, 2027).
Timeline

What the deferral actually buys you

In short: breathing room, not a snooze button. The co-legislators framed the delay as implementation time. Harmonized standards and guidance are expected to land close to the new deadlines, so teams that start late will be adapting under compressed time. And the grandfathering clause has teeth. Systems placed on the market before the deadlines escape high-risk obligations only until they undergo substantial modification. What counts as “substantial” is not yet precisely defined, which is a reason for caution, not comfort. If you’re shipping anything Annex III-shaped, the design work belongs in this year’s roadmap.

The four risk tiers in five minutes

Everything in the Act hangs off classification. Four tiers:

Unacceptable systems are banned outright: social scoring, exploitative manipulation, certain biometric surveillance. These cannot be built for the EU market at all.

High-risk systems (Annex III stand-alone plus Annex I embedded) carry the full obligation stack of Articles 8–15. That means risk management, data governance, technical documentation, logging, human oversight, accuracy and robustness, conformity assessment, and EU database registration. Typical contexts: hiring, credit scoring, education, critical infrastructure, medical devices, worker management.

Limited-risk systems carry transparency duties under Article 50: tell users they’re talking to AI, mark generated content, disclose emotion recognition.

Minimal-risk systems — the vast majority, from spam filters to recommendation engines to most internal tooling — carry no new obligations.

TierWhat triggers itCore obligationsTypical examples
UnacceptablePractices banned by Article 5Cannot be placed on the EU marketSocial scoring, exploitative manipulation
High-riskAnnex III use contexts; Annex I regulated productsArticles 8–15: risk management, data governance, docs, logging, oversight, conformity assessmentHiring tools, credit scoring, medical devices
Limited riskInteraction with people; generated contentArticle 50 transparency: disclose, mark contentChatbots, generative content features
Minimal riskEverything elseNone newSpam filters, recommendations, internal tooling

But here’s the nuance that trips teams: classification follows use context, not model type. The same underlying model can be minimal-risk in one deployment and high-risk in another. For example, pipe developer telemetry into a manager-facing productivity dashboard and you’ve built worker management. So classify the deployment, not the model. And sometimes the right answer is the honest one: we say no to unfeasible ideas. Some use cases should be redesigned or dropped, not engineered around the rules.

Risk tiers

Provider, deployer — and the fine-tuning trap

The two roles

The Act assigns obligations by role. A provider develops an AI system or places it on the EU market. Providers own the heavy stack: conformity assessment, technical documentation, post-market monitoring, EU database registration. A deployer uses an AI system in its own operations. Deployers own the operational duties instead: human oversight, log retention of at least six months, fundamental-rights impact assessments where required, and transparency to affected users. One company can be a provider for one system and a deployer for another, because the role attaches to the system, not the org chart.

The trap: substantial modification

So here’s the part almost nobody covers, and the reason this section exists. Under Article 25, which governs responsibilities along the AI value chain, a deployer that substantially modifies a high-risk system, puts its name on it, or changes its intended purpose can take on provider obligations. In other words, the full stack. Extensive fine-tuning is the scenario where development teams hit this in practice. “Fine-tune a model far enough and you stop being a deployer and become a provider — with a provider’s obligations.”

The Omnibus made this sharper, not softer: grandfathered systems lose their protection the moment they undergo substantial modification. So the architecture decision your team makes in week two shapes your regulatory role for the life of the system. Fine-tune, RAG, or prompt engineering on a hosted model: that choice is now regulatory, not just technical. Whether a given modification crosses the line is a legal call in edge cases. But the engineering duty is simpler: know the line exists before choosing the architecture.

RAG as regulatory posture

“RAG isn’t just an architecture choice anymore; it’s a regulatory posture.”

Retrieval-augmented generation (RAG) retrieves your documents at query time instead of training them into the model. So it keeps proprietary data inside your own boundary and leaves the foundation model unmodified, which typically preserves deployer status. Fine-tuning can still be the right call: domain adaptation, latency, cost at scale. But it should be made knowingly, with the compliance delta priced in. That’s exactly how we scope RAG development engagements, and a step that belongs in any plan for custom AI automation.

Role ladder

What changes in AI development generally

In practice, the shifts are five, each with a sprint-level implication:

  • Risk classification enters scoping. Every AI feature gets a tier assessment before development starts, the way a DPIA became standard under GDPR. Output: a classification memo per system.
  • Logging becomes an architecture requirement. Article 12 requires automatic event logging; deployers retain logs at least six months, and provider technical documentation is kept for ten years. Design the audit trail in — retrofitting logging into a probabilistic pipeline is the expensive way to do it.
  • Transparency becomes UX. From Aug 2, 2026, users must be told they’re talking to AI. From Dec 2, 2026, providers of generative systems need content marking in place. This is frontend and content-pipeline work with a shipping deadline, not a legal memo.
  • Human oversight becomes a design pattern. Article 14 means interfaces where a human can meaningfully intervene: review queues, confidence thresholds, kill switches. A checkbox in a policy document doesn’t satisfy it.
  • Documentation becomes a build artifact. Article 11 technical documentation is drawn up before market placement and kept current — model cards, data lineage, eval results. Teams that generate these from the pipeline win; teams that write them retroactively suffer.

One line of ecosystem context. The Act lands alongside the Cyber Resilience Act, the Data Act, and the revised Product Liability Directive, so a single AI SaaS product can sit in scope of all four. That’s a mapping exercise for another day; the official EU pages are the place to start.

What changes in custom AI development specifically

Custom AI is where compliance-by-design is actually possible

With off-the-shelf AI products, you inherit the vendor’s compliance posture and bolt process around it. In custom development, every requirement in the Act can be a design input instead. Data governance is shaped during dataset engineering, since Article 10 expects relevant, representative data. Logging and traceability sit in the architecture from sprint one. Evaluation harnesses produce the accuracy and robustness evidence Article 15 expects, and oversight interfaces are designed with the actual workflow. Go beyond off-the-shelf solutions. This is where that matters most, because custom is the only place the compliance layer can be engineered rather than inherited.

The compliance cost economics

“Compliance designed in from the first sprint is cheaper than compliance bolted on after the build.”

Designed in, compliance is an increment: a classification memo, logging infrastructure, eval evidence, documentation generated from the pipeline. Much of it is good engineering you’d want anyway, and part of any honest cost model for running AI. Bolted on, it means re-architecting logging, reconstructing data lineage, retro-writing documentation, re-testing, and delaying launch. We won’t invent a percentage for that gap; no official source publishes one. Still, the one citable timing fact is enough. Harmonized standards are expected to land close to the deadlines, so teams that defer the groundwork will be adapting under compressed time. The co-legislators framed the deferral as implementation time, not waiting time.

Outsourcing development does not outsource compliance

“Outsourcing development does not outsource compliance — accountability stays with whoever places the system on the EU market.”

So you remain responsible for your supply chain, your dependencies, and your development partners. The practical consequence: vendor regulatory competence just became a hard selection criterion. A development partner should be able to show where compliance lives in their lifecycle, how they document, and what security certifications they hold. Above all, their architecture recommendations should account for your regulatory role. That’s the reason the EU AI Act question sits in our 10 questions to ask an AI development company. A lifecycle with governance built in, like ADLC, is what a good answer looks like.

The Compliance-by-Design Map — Articles 9–15 as development practices

The Act’s high-risk obligations read like statute, but they map cleanly onto lifecycle practices a good team already recognizes. In short: seven obligations, seven practices:

Act obligationDevelopment practice
Art 9 — Risk management systemRisk register and threat modeling at scoping, revisited each release
Art 10 — Data governanceDataset engineering standards: provenance, representativeness checks, documented preprocessing
Art 11 — Technical documentationModel cards and system docs generated from the pipeline, versioned with the code
Art 12 — Record-keepingStructured event logging designed into the architecture, retention configured
Art 13 — Transparency to deployersInstructions-for-use as a deliverable: capabilities, limitations, oversight requirements
Art 14 — Human oversightReview queues, confidence thresholds, intervention and kill-switch UX
Art 15 — Accuracy, robustness, cybersecurityEval harnesses, red-teaming, adversarial testing, drift monitoring in CI/CD
Compliance

This mapping isn’t theoretical. It’s how a governed AI lifecycle already works. And the last row matters most in production, because models degrade the second they go live — so Article 15’s expectations and good MLOps point at the same monitoring. We built our Agentic Development Lifecycle (ADLC) around these practices before the Act made governance a regulatory expectation. In practice that means risk gates, red-teaming, evaluation on every change, controlled deployment, and continuous monitoring. If you want the methodology itself, here’s what ADLC is and how its phases work.

Common mistakes teams are making right now

  1. Waiting for the deferred deadline. Standards will land close to the dates, and inventory and classification don’t get easier with time. December 2027 is closer than it looks.
  2. Classifying by model instead of by use. The same model can be minimal-risk in one deployment and high-risk in another. Worker management and credit scoring are the classic surprises.
  3. Fine-tuning without pricing the role change. Becoming a provider mid-project, without noticing, is the expensive version of the trap.
  4. Treating transparency as a legal memo. Article 50 is UX and content-pipeline work, and it needs sprint time before August 2026.
  5. Retrofitting logging and documentation. The single most expensive bolt-on in the whole Act. Design them in.
  6. Assuming the vendor owns compliance. Accountability stays with whoever places the system on the market, so vet your partner’s regulatory competence like you’d vet their security.

Frequently asked questions

Does the EU AI Act apply to US companies?

Yes, when their AI systems are placed on the EU market or the systems’ outputs are used in the EU. The Act is extraterritorial in the same way GDPR is, so a US SaaS with EU users is in scope regardless of where the company or its servers sit.

What are the EU AI Act deadlines in 2026 and 2027?

Article 50 transparency obligations apply from August 2, 2026 — the Digital Omnibus did not defer them. December 2, 2026 brings the content-marking deadline for generative systems already on the market and the new prohibition on AI-generated non-consensual intimate imagery. Annex III high-risk obligations apply from December 2, 2027.

What counts as a high-risk AI system under the EU AI Act?

Systems used in Annex III contexts — hiring, credit scoring, education, critical infrastructure, worker management, and similar — plus AI embedded in regulated products under Annex I, such as medical devices. Classification follows the use context, not the model, so the same model can be high-risk in one deployment and not in another.

Does fine-tuning a model make my company a provider under the EU AI Act?

It can. “Fine-tune a model far enough and you stop being a deployer and become a provider — with a provider’s obligations.” Under Article 25, substantially modifying a high-risk system, rebranding it, or changing its intended purpose can shift provider obligations onto you. Edge cases are a legal call, so involve counsel before committing the architecture.

What does the EU AI Act require developers to build?

For high-risk systems: a risk management process, governed datasets, automatic event logging, technical documentation kept current, transparency to deployers, human-oversight interfaces, and demonstrated accuracy, robustness, and cybersecurity — Articles 9–15. In practice that means logging in the architecture, eval harnesses, model cards, and review or intervention UX.

What are the penalties for non-compliance with the EU AI Act?

Up to €35M or 7% of global annual turnover for prohibited practices, and up to €15M or 3% for violations of high-risk obligations, whichever is higher in each case. National authorities and the AI Office share enforcement, which has been operational since August 2025.

Does outsourcing AI development transfer EU AI Act obligations to the vendor?

No. “Outsourcing development does not outsource compliance — accountability stays with whoever places the system on the EU market.” Your development partner’s competence affects your risk, but not your responsibility, which is why vendor regulatory literacy is now a selection criterion rather than a nice-to-have.

Is RAG safer than fine-tuning under the EU AI Act?

Often, from a purely regulatory angle. “RAG isn’t just an architecture choice anymore; it’s a regulatory posture.” Retrieval leaves the foundation model unmodified and typically preserves deployer status, while extensive fine-tuning can trigger provider obligations. Fine-tuning can still be right technically — the point is to price the regulatory delta into the choice.

Conclusion — build like governance is a feature

The EU AI Act rewards teams that were already building responsibly. Logging, evaluation, oversight, and documentation are good engineering before they are compliance. So the best response to the Act looks a lot like the best response to GDPR: treat it as a design constraint, handle it early, and it becomes a trust asset and a market-access advantage instead of a tax. “Compliance designed in from the first sprint is cheaper than compliance bolted on after the build.” The teams that struggle will be the ones that bolt it on in 2027 under compressed time, next to deadlines the standards bodies are still writing toward. “The EU AI Act doesn’t just regulate what AI you ship — it regulates how you build it.” That cuts both ways, because the build is also where the problem gets cheap to solve.

Where we stand

We at SumatoSoft build from inside the EU regulatory perimeter, with US headquarters and a delivery center in Warsaw. Our processes are ISO 27001- and ISO 9001-certified and GDPR- and EU AI Act-aligned, with a lifecycle built for governed AI before governance was mandatory. That’s 350+ products over 14+ years, with a 98% satisfaction rate. As enforcement matures through 2027–2028, regulatory competence stops being a differentiator and becomes table stakes. The advantage goes to the teams that started early.

Next step

Assess your AI Act exposure with our engineers. Bring your AI roadmap. Then leave with a per-system risk classification, a provider/deployer read on your architecture choices, and a compliance-by-design plan that fits your delivery timeline. ISO 27001 certified. EU-based delivery. Not legal advice — engineering readiness. Schedule a readiness call

Or download the AI Act Development Readiness Checklist. One page per risk tier: classification questions, the Articles 9–15 practice map, logging and documentation checklist, vendor due-diligence questions.

Choosing a development partner? See the 10 questions to ask an AI development company before signing.

Let’s start

You are here
1. Submit your project brief
2. Connect with our strategy team
3. Finalize scope & investment
4. Start achieving your goals

If you have any questions, email us info@sumatosoft.com

    Please be informed that when you click the Send button Sumatosoft will process your personal data in accordance with our Privacy notice for the purpose of providing you with appropriate information.

    Vlad Fedortsov (Account Manager)
    Vlad Fedortsov
    Account Manager
    Book an intro call
    Thank you!
    Your form was successfully submitted!
    If you have any questions, email us info@sumatosoft.com

      Please be informed that when you click the Send button Sumatosoft will process your personal data in accordance with our Privacy notice for the purpose of providing you with appropriate information.

      Vlad Fedortsov (Account Manager)
      Vlad Fedortsov
      Account Manager
      Book an intro call
      Thank you!
      We've received your message and will get back to you within 24 hours.
      Do you want to book a call? Book now