EU AI Act Phases Start

Europe’s artificial intelligence law is no longer just a big statute on paper. On 8 April 2026, a European Commission consultation closed on draft procedure rules that spell out how officials can inspect general-purpose artificial intelligence models and run enforcement cases. (dig.watch) That shift matters because the European Union Artificial Intelligence Act was designed to start in stages, not all at once. The law entered into force on 1 August 2024, bans on certain uses started applying in early 2025, and the rules for general-purpose models started applying on 2 August 2025. (digital-strategy.ec.europa.eu 1) (digital-strategy.ec.europa.eu 2) General-purpose models are the base engines that can be reused for many jobs, like one electricity grid feeding thousands of buildings. The European Commission says these models sit underneath many downstream systems, so Brussels put separate obligations on the model makers themselves. (digital-strategy.ec.europa.eu) For all providers of those models, the first layer is paperwork and disclosure. The Commission says they must draw up technical documentation, implement a copyright policy, and publish a summary of the training content used for the model. (digital-strategy.ec.europa.eu) For the most powerful models, the rulebook gets heavier. The Act presumes “systemic risk” for models trained above 10^25 floating point operations, and those providers face extra duties on risk assessment, incident reporting, cybersecurity, and notifying the Commission. (digital-strategy.ec.europa.eu) The European Union tried to make that first wave usable before it hit. In July 2025, the Commission received a General-Purpose Artificial Intelligence Code of Practice written by 13 independent experts with input from more than 1,000 stakeholders, and it split the playbook into transparency, copyright, and safety and security chapters. (ec.europa.eu) The code is voluntary, but the timetable around it is not. The Commission said the general-purpose model rules applied from 2 August 2025, while enforcement by the European Artificial Intelligence Office would come one year later for new models and two years later for existing models. (ec.europa.eu) Now Brussels is filling in the courtroom rules around those powers. The draft procedure regulation says that when the Commission requests access to a general-purpose model, it can specify access through application programming interfaces, source code, model weights, hosting infrastructure, and even the same access levels available to the provider’s own employees. (dig.watch) The draft also gets unusually specific about secrecy and speed. It says the Commission may require a provider to disable logging that could track the Commission’s inspection, and it says providers must give access in a timely and effective manner. (dig.watch) There are safeguards on the other side too. The draft says companies facing possible fines must get preliminary findings in writing, must have at least 14 days to respond, and may get access to the file with redactions for business secrets and other confidential material. (dig.watch) The institution running much of this is the European Artificial Intelligence Office inside the Commission. Its official role is to enforce the rules for general-purpose models, conduct evaluations, request information and measures from providers, and support the wider European governance system. (digital-strategy.ec.europa.eu) This is why multinational companies are treating the Artificial Intelligence Act like a sequence problem, not a single deadline. The Commission said in December 2025 that more guidelines are still coming through 2026 on high-risk systems, transparency, incident reporting, value-chain responsibilities, substantial modification, and the law’s overlap with other European Union rules. (digital-strategy.ec.europa.eu)