Dive Brief:
- The European Commission unveiled the final version of its General-Purpose AI Code of Practice Thursday, which is aimed at helping enterprises comply with standards set by the EU AI Act.
- Developed by 13 independent experts with input from 1,000-plus stakeholders, the code offers practical tools to align transparency, copyright and safety and security processes with the regulatory standards. The transparency chapter, for example, includes a model documentation form to let businesses know what information is required in mandatory reporting.
- After the code of conduct is officially endorsed by member states and the Commission, businesses can become voluntary signatories to reduce administrative burden and increase legal certainty “compared to providers that prove compliance in other ways,” according to the release.
Dive Insight:
The code of conduct comes as the EU continues its steady march toward full AI Act enforcement, with its next compliance milestone less than a month away.
On August 2, the Act’s rules on general-purpose AI will enter into application, which means models built after that date will have one year to comply and models built before then will have two years to adhere to the rules.
“Today’s publication of the final version of the Code of Practice for general-purpose AI marks an important step in making the most advanced AI models available in Europe not only innovative but also safe and transparent,” Henna Virkkunen, EVP for tech sovereignty, security and democracy of the European Commission, said in a statement.
Enterprises and providers can use the code of conduct to assist in compliance efforts, along with guidance to be published ahead of the August 2025 deadline, according to the release.
Some industry groups and AI providers have called for a lessening of the current state of regulatory hoops and clearer guidance.
“Looking at the broader package of guidance the AI Act urgently needs, it is troubling that key parts of the GPAI framework – like the AI Office guidelines on rule application, which were supposed to accompany the final code – are still missing to this day,” Boniface de Champris, senior policy manager at Computer and Communications Industry Association Europe, said in a statement. “With so little time left, companies are left in the dark, and it’s clear more time is needed to finalize the overall framework and give companies a fair compliance window.”
