The three tiers and what they attach to
| Tier | Ceiling | Higher of | What triggers it |
|---|---|---|---|
| 1 | Article 99(1) | €35,000,000 or 7% worldwide turnover | Article 5 prohibited AI practices — subliminal manipulation, vulnerability exploitation, social scoring, predictive policing on individuals, untargeted facial-image scraping, emotion inference at workplace and school, biometric categorisation by sensitive attributes, real-time remote biometric identification in public spaces by law enforcement. |
| 2 | Article 99(2) | €15,000,000 or 3% worldwide turnover | Breach of obligations under Articles 16 (provider), 22 (authorised representative), 23 (importer), 24 (distributor), 26 (deployer), 31/33/34 (notified body), 50 (transparency). |
| 3 | Article 99(3) | €7,500,000 or 1.5% worldwide turnover | Supplying incorrect, incomplete or misleading information to notified bodies or competent national authorities, including in conformity assessment, market surveillance, registration in the EU database, or post-market monitoring reports. |
Source: Article 99 of Regulation (EU) 2024/1689. The ceiling is the higher of the cash amount or the percentage; for any business with worldwide annual turnover above €500 million, the percentage will always bind.
Tier 2 — the eight obligation buckets at €15M / 3%
From Fontvera's obligations table (mapped at regulation = 'AI Act' AND article_number = '99'), Tier 2 covers the following obligation rows:
| Article | Who carries it | Plain English |
|---|---|---|
| Article 16 | Provider | Conformity assessment, EU database registration, technical documentation, post-market monitoring, transparency to deployers, accessibility, the Article 9 risk management system. |
| Article 22 | Authorised representative | EU-based mandate for non-EU providers — keep documentation, terminate mandate on non-compliance, report to surveillance authorities. |
| Article 23 | Importer | Verify provider has completed conformity assessment, indicate name and contact on the system or its packaging, do not place non-compliant systems on the market. |
| Article 24 | Distributor | Verify CE marking, EU declaration of conformity and instructions for use; suspend distribution of non-compliant systems. |
| Article 26 | Deployer | Use system per instructions, ensure human oversight, retain logs, monitor operation, inform provider of risks, conduct Article 27 FRIA where applicable. |
| Articles 31, 33, 34 | Notified body | Independence, competence, scope of designation, sub-contracting controls, refusal/withdrawal/restriction of certificates. |
| Article 50 | Provider and deployer | Transparency — chatbot disclosure, generative-AI marking, deepfake disclosure, emotion-recognition / biometric-categorisation notification, accessibility. |
Each row above attracts the same Tier 2 ceiling. A breach of Article 16 by a provider, a breach of Article 26 by a deployer, and a breach of Article 50 by either are all priced at €15,000,000 or 3% of worldwide turnover, whichever is higher.
SME proportionality — Article 99(6) is real but narrow
Article 99(6) requires authorities, "when deciding whether to impose an administrative fine and when deciding on the amount of the administrative fine in each individual case, [to] take into account all relevant circumstances of the specific situation and, as appropriate, give due regard to (...) the size and the annual turnover of the undertaking and its market share." Source: Article 99(6), Regulation (EU) 2024/1689.
This is fine relief, not exemption. The substantive obligations — conformity assessment, risk management, post-market monitoring, transparency — are unchanged for SMEs and start-ups. SMEs do gain priority access to regulatory sandboxes (Article 57) and the AI Office is mandated to issue templates and simplified guidance under Article 56.
Article 99(7) — the seven factors authorities must weigh
When setting the actual fine within the tier ceiling, authorities must consider:
- The nature, gravity and duration of the infringement and its consequences.
- Whether other authorities have already imposed administrative fines on the same operator for the same conduct.
- Whether the operator infringed intentionally or negligently.
- The degree of cooperation with the competent authority to remedy the infringement and mitigate possible adverse effects.
- The degree of responsibility of the operator, taking into account technical and organisational measures.
- The manner in which the infringement became known to the competent authority — disclosure by the operator weighs in their favour.
- The financial benefit gained, or losses avoided, directly or indirectly.
The most consequential of these in practice is factor 4 — cooperation and mitigation. Operators who self-report and remediate quickly land below the ceiling.
Stacking with other EU regimes
AI Act fines do not absorb fines under other regulations. Where the same incident breaches multiple regimes, ceilings stack:
- GDPR — up to €20,000,000 or 4% worldwide turnover under Article 83(5). Triggered when the AI system processes personal data unlawfully.
- DSA — up to 6% worldwide turnover under Article 74(3) for VLOPs (Very Large Online Platforms) and VLOSEs. Triggered when AI is used in content moderation or recommender systems on a covered platform.
- DMA — up to 10% worldwide turnover under Article 30(1) for gatekeepers. Triggered when AI features cross gatekeeper conduct rules.
- DORA — administrative penalties under national law plus periodic penalty payments up to 1% of average daily worldwide turnover per day on ICT third-party providers under Article 35.
For a single coordinated breach by a VLOP gatekeeper using a high-risk AI for content moderation in the EU, theoretical maximum exposure is the sum of all four ceilings on different legal bases.
Real numbers Fontvera tracks
- Penalty-bearing obligations under Article 99 in Fontvera's structured corpus: 8 entries mapping each tier to the underlying article (Articles 5, 16, 22, 23, 24, 26, 31/33/34, 50).
- 743 AI Act obligations total — every one resolvable to a tier under Article 99 because every substantive obligation in the AI Act is enforced through one of the eight Article 99 buckets above.
- 15,480 GDPR enforcement decisions in the cross-reference corpus — useful proxy for how European DPAs already scale fines in the AI-data-processing intersection.
What this means in the next 50 days
- Map every system to a tier. If you cannot point at the specific Article 99 paragraph that would price a breach of your system, you do not yet have an audit-ready map.
- Treat Article 99(7) factor 4 as design. The mitigation playbook — incident detection, internal escalation, regulator notification — should be written before an incident, not during.
- Plan stacking exposure if you operate in finance (DORA), as a VLOP / gatekeeper (DSA / DMA), or process personal data (GDPR). Single audits will not surface stacked ceilings.
- Document SME status if you intend to invoke Article 99(6). National implementing law may require pre-registration of SME status; do not assume the authority will infer it.
Run your free AI Act compliance diagnostic
Returns the classification, the article list, and the Article 99 tier each obligation maps to.