§ EU AI Act · Article 15

AI Act Article 15: Obligations, Deadlines & Penalties

Regulation (EU) 2024/1689, Article 15 · All obligations · EU AI Act · Full article analysis
At a glance
Article 15 of the AI Act imposes 6 obligations on provider.
§ Obligations

All obligations under Article 15

Obligation 1
High-risk AI systems shall be designed and developed to achieve an appropriate level of accuracy, robustness, and cybersecurity, performing consistently throughout their lifecycle. Regulation (EU) 2024/1689, Article 15, Article 15
Obligated entity
provider
Action required
design
Deadline
Penalty
Obligation 2
The levels of accuracy and the relevant accuracy metrics of high-risk AI systems shall be declared in the accompanying instructions of use. Regulation (EU) 2024/1689, Article 15, Article 15
Obligated entity
provider
Action required
document
Deadline
Penalty
Obligation 3
High-risk AI systems shall be as resilient as possible regarding errors, faults, or inconsistencies, with technical and organisational measures taken, including technical redundancy solutions like backup or fail-safe plans. Regulation (EU) 2024/1689, Article 15, Article 15
Obligated entity
provider
Action required
implement
Deadline
Penalty
Obligation 4
High-risk AI systems that continue to learn after being placed on the market shall be developed to eliminate or reduce the risk of biased outputs influencing future operations and ensure feedback loops are addressed with mitigation measures. Regulation (EU) 2024/1689, Article 15, Article 15
Obligated entity
provider
Action required
mitigate
Deadline
Penalty
Obligation 5
High-risk AI systems shall be resilient against attempts by unauthorised third parties to alter their use, outputs, or performance by exploiting system vulnerabilities. Regulation (EU) 2024/1689, Article 15, Article 15
Obligated entity
provider
Action required
secure
Deadline
Penalty
Obligation 6
Technical solutions to address AI specific vulnerabilities shall include measures to prevent, detect, respond to, resolve, and control for attacks such as data poisoning, model poisoning, adversarial examples, confidentiality attacks, or model flaws. Regulation (EU) 2024/1689, Article 15, Article 15
Obligated entity
provider
Action required
implement
Deadline
Penalty
§ Deadlines

EU AI Act compliance deadlines

§ Frequently asked

Questions about Article 15

Who must comply with Article 15 of the AI Act? +
provider.
What does Article 15 of the AI Act require? +
design document implement
Need a cross-border briefing on AI Act Article 15?
Search Fontvera ↵
All EU obligation pages  ·  All EU AI Act articles  ·  AI Act Article 15 deep analysis