GPAI Compliance: Template for General-Purpose AI per Art. 53-55

1. What is GPAI?

Art. 3(63) EU AI Act defines a general-purpose AI model as an AI model that (1) is trained with large amounts of data through self-supervision at scale, (2) displays significant generality and competently performs a wide range of distinct tasks, (3) regardless of how it is placed on the market, and (4) can be integrated into a variety of downstream systems or applications.

Pure research models, development prototypes and models before placing on the market do not fall under this definition (Recital 97). Once the model is made accessible via API, download or as a service, it is considered on the market.

Examples of GPAI: GPT-4 / GPT-5 (OpenAI), Claude 4.x (Anthropic), Gemini 2.x (Google DeepMind), Llama 3.x / 4.x (Meta), Mistral Large (Mistral AI), Falcon (TII).

Important: A GPAI system (AI system based on a GPAI model, Art. 3(66)) is a separate category. A provider of ChatGPT-Pro is thus simultaneously (a) provider of a GPAI system and (b) potentially provider in the usual sense vis-à-vis downstream applications.

2. GPAI vs. GPAI with Systemic Risk

Art. 51 distinguishes between regular GPAI and those with systemic risk:

2.1 Quantitative Presumption (Art. 51(2))

Above 10^25 FLOPS of cumulative training compute, a model is automatically deemed systemic. This threshold roughly corresponds to GPT-4 (estimated ~2 × 10^25), Claude 3 Opus (~2 × 10^25), Gemini Ultra. Most mid-tier and all open-source models in the 7B-70B parameter range fall below.

2.2 Qualitative Designation (Art. 51(1)(a))

The AI Office can additionally designate models based on qualitative criteria — Annex XIII lists: number of parameters, data quality, input/output modalities, state-of-the-art benchmarks, reach, internal market impact, number of end users.

2.3 Self-Notification (Art. 52)

Providers exceeding the FLOPS threshold must notify the AI Office within 2 weeks. Providers arguing they are not systemic despite the threshold can submit justified arguments — burden of proof lies with the provider.

3. Art. 53 Duties — All GPAI Providers

3.1 Technical Documentation (Annex XI)

Annex XI requires at minimum:

• General description: tasks, integration possibilities, license
• Detailed description: architecture, number of parameters, modalities (text, image, audio, video), I/O format
• Acceptable Use Policy
• Training methodology: key choices, design decisions, trade-offs
• Data: data types, data sources, provenance, pre-processing, bias detection
• Compute resources: training hardware, training time, energy consumption (relevant for frontier models)
• Known limitations

Documentation must be available to the AI Office and national authorities on request, not publicly.

3.2 Downstream Information Package (Annex XII)

For downstream providers (integrators building the GPAI model into an AI system). Mandatory content:

• General description including tasks and modalities
• Acceptable Use Policy
• Release date and distribution methods
• How the model interacts with hardware/software not part of the model
• Software versions where relevant
• Architecture and parameter count
• Input/output modalities and format
• Model license

This package must be made available so downstream providers can fulfill their own obligations (Art. 16 ff.).

3.3 Copyright Compliance Policy (Art. 53(1)(c))

Providers must respect Reservation of Rights under Art. 4(3) DSM Directive (Directive (EU) 2019/790) — when rightsholders express text-and-data-mining opt-outs (e.g., via robots.txt, machine-readable opt-out), that data must not be used in training.

Template: copyright compliance policy with crawler configuration, opt-out detection, license tracking, rightsholder complaint mechanism.

3.4 Summary of Training Data (Art. 53(1)(d))

A public, sufficiently detailed summary of content used for training, per a template provided by the AI Office. Goal: rightsholders should be able to exercise their rights (e.g., sue for unlawful exploitation).

Template typically covers: data source categories (web crawls, licensed data, user data, synthetic data), orders of magnitude, time range, languages, top domains; trade-secret redactions allowed but require justification.

3.5 Open-Source Exception (Art. 53(2))

Providers of open-source GPAI models are exempt from Annex XI (tech doc) and Annex XII (downstream info), provided: (a) model weights, architecture and usage information are publicly available, (b) no systemic risk. Copyright policy and training data summary remain mandatory.

4. Art. 55 Duties — GPAI with Systemic Risk

4.1 Model Evaluations (Art. 55(1)(a))

Providers must perform model evaluations using state-of-the-art protocols and tools — including red teaming and adversarial testing — both before placing on the market and continuously.

Scope: capability evaluations (what the model can do, where its limits lie), safety evaluations (CBRN risks, cyber-offense, manipulation), specific risk categories from Recital 110.

4.2 Systemic Risk Assessment + Mitigation (Art. 55(1)(b))

Foreseeable systemic risks at Union level must be assessed and mitigated, including risks from development, market placement and use. Template: systemic risk register with risk description, severity, probability, mitigation measures.

4.3 Incident Reporting (Art. 55(1)(c))

Report serious incidents and mitigation measures without delay to the AI Office and national authorities. Deadlines per Code of Practice:

• 2 days: notification of serious incidents with immediate threat
• 5-15 days: full report depending on severity

4.4 Cybersecurity (Art. 55(1)(d))

Adequate cybersecurity protection for model weights and training infrastructure. Insider threat protection, zero trust, model exfiltration prevention, secure supply chain.

5. Code of Practice (May 2025)

The AI Office moderated General-Purpose AI Code of Practice was finalized in May 2025. It is not legally binding, but:

• Providers who join the CoP are deemed compliant with Art. 53-55 (presumption of conformity) until harmonized standards exist
• Providers who do not join must independently demonstrate their measures meet at least the CoP level
• The CoP has 3 main chapters: transparency (all GPAI), copyright (all GPAI), safety + security (systemic risk only)

Signed up (as of 2026): OpenAI, Google, Anthropic, Microsoft, IBM, Mistral, Aleph Alpha. Meta has declined. xAI has accepted only parts.

6. GPAI Providers in Practice

7. Deadlines + Sanctions

• 2025-08-02: Art. 53-55 in force. Providers must comply from this date.
• 2025-05-09: Code of Practice finalized
• 2026-08-02: Code of Practice binding as compliance path. Providers without CoP signature must be fully compliant from here.
• 2027-08-02: Sanctions for GPAI breaches active. Fines up to EUR 15m or 3% of global annual turnover (Art. 101). For systemic-risk GPAI breaches the same maxima apply as for provider breaches.
• Transition for existing models: GPAI models on the market before 2025-08-02 have until 2027-08-02 to fully comply (Art. 111).

Summary

For most companies, the practical question is not whether their company itself becomes a GPAI provider — that requires building a frontier foundation model. Instead, the question is whether the GPAI provider (OpenAI, Anthropic, etc.) has supplied the necessary downstream package (Annex XII), so that downstream provider/deployer obligations under Art. 16 / Art. 26 can be met. Always request the Annex XII package and copyright policy from your GPAI supplier before integrating their model into a product.

View EU AI Act Kit →