§ AI Act · Article 17

Quality management system for high-risk AI systems

Regulation (EU) 2024/1689 · Article 17 · Source
Plain-language summary
Providers of high-risk AI systems must establish and maintain a documented quality management system to ensure compliance with the AI Act. The system must cover regulatory compliance strategies, design and development controls, testing and validation procedures, data management practices, risk management, post-market monitoring, incident reporting, and communication with authorities. It should also include record-keeping, resource management, and accountability frameworks for management and staff. The implementation must be proportionate to the provider's size while ensuring rigorous compliance. Providers subject to equivalent sectoral or financial services laws may integrate these requirements into existing systems.
Who it applies to
Providers of high-risk AI systems
Compliance deadline
Phased application of Regulation (EU) 2024/1689 — most provisions apply from 2 August 2026.
§ What Fontvera found

Documents that cite Article 17

edpb EU Fetched 2026-06
EDPB-EDPS Joint Opinion 03/2022 on the Proposal for a Regulation on the European Health Data Space
edpb EU Fetched 2026-06
EDPB-EDPS Joint opinion 2/2026 on the Proposal for a Regulation as regards the simplification of the digital legislative framework (Digital Omnibus)
edpb EU Fetched 2026-06
EDPB: Opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models
edpb EU Fetched 2026-04
EDPB: Automated decision & profiling
ai_office EU Fetched 2026-04
AI Act Annex III: High-Risk Use Cases
ai_office EU Fetched 2026-04
AI Act Article 71: EU Database for High-Risk AI Systems
ai_office EU Fetched 2026-04
AI Act Article 57: AI Regulatory Sandboxes
ai_office EU Fetched 2026-04
AI Act Explorer — Articles, Annexes, Recitals
§ Cross-references

Related articles

Article 9
Risk Management System for High-Risk AI Systems
Article 40
Harmonised standards and standardisation deliverables

Related Fontvera intelligence

DEADLINE
EU AI Act August 2026 Deadline: Complete Compliance Checklist
DIAGNOSTIC
AI Act High-Risk Classification: Annex III Categories and How to Determine if Your AI System Qualifies
COMPARISON
GDPR vs AI Act: Where Personal Data and AI Compliance Collide
COUNTRY
AI Act in France: National Authority and Compliance Requirements
Need a cross-border briefing on Article 17?
Search Fontvera ↵ Run the AI Act diagnostic
AI Act Article 50 transparency
50 days
until 2026-08-02, when Article 50 transparency obligations apply (unchanged). Annex III high-risk obligations move provisionally to 2 December 2027 under the Digital Omnibus agreement of 7 May 2026, pending formal adoption.
Preparing for 2 August 2026? Read the EU AI Act August 2026 deadline requirements checklist.
Intelligence · About · Pricing · Privacy · Terms
100% European infrastructure