The European Union (EU) has taken a proactive stance on regulating artificial intelligence (AI). The region’s approach is centered around the AI Act, which is touted as the first comprehensive regulation on AI that entered into force in August 2024. The AI Act also introduces rules for the general-purpose AI models, which are highly capable AI models that are designed to perform a wide variety of tasks like generating human-like text. To this end, the European Commission (EC) recently launched a consultation on a Code of Practice for providers of general-purpose Artificial Intelligence, or GPAI, models.
The Code of Practice consultation, which ends on September 10, 2024, covers transparency and copyright related issues as well as systemic risks associated with the general-purpose AI models (include the large language models). The feedback from this consultation will also inform the work of the AI Office, which will be the key implementation body for the AI Act at EU-level as well as the enforcer for the rules for general-purpose AI models. The AI Office is developing a template and guidelines for summarizing training data, used to build a general-purpose AI model. EC will adopt these guidelines and the template, which will contribute to further discussions on the Code.
The AI Act will apply to AI service providers, even those established outside the EU, and deployers, which have their place of establishment, or that are located, within the EU. The Act will also apply to both providers and deployers to the extent that the “output” of the AI system is “used in the EU.” The regulatory framework under the Act defines four levels of risk for AI systems: minimal risk, limited risk, high risk, and unacceptable risk. Systems performing functions like credit scoring have been categorized as high-risk systems, which are subject to strict obligations before they can be put on the market. Overall, the rules under the AI Act
address risks specifically created by AI applications
prohibit AI practices that pose unacceptable risks
determine a list of high-risk applications
set clear requirements for AI systems for high-risk applications
define specific obligations deployers and providers of high-risk AI applications
require a conformity assessment before a given AI system is put into service or placed on the market
put enforcement in place after a given AI system is placed into the market
establish a governance structure at the European and national levels
The majority of rules of the AI Act will start applying on August 02, 2026. However, prohibitions of AI systems deemed to present an unacceptable risk will already apply after six months, while the rules for the General-Purpose AI models will apply after 12 months. EC is developing guidelines to define and detail how the AI Act should be implemented and facilitating co-regulatory instruments like standards and codes of practice.
Related links
LEARN MORE
Find out how we can help
Moody’s brings together data, experience, and best practice capabilities, with our specialized and agile intelligence.