EU Publishes AI Code to Ease Compliance With the AI Act

AI
Written By Nathalie Pouderoux

The European Commission has received the final version of the General-Purpose AI Code of Practice, a voluntary guidance tool designed to help businesses comply with the upcoming AI Act. Developed by 13 independent experts with input from over 1,000 stakeholders, including AI providers, SMEs, academics, safety specialists, rightsholders, and civil society, the Code represents a big step toward making AI regulation more practical and manageable for industry.

Understanding the AI Act and General-Purpose AI

The AI Act is the EU’s landmark regulation for artificial intelligence, aiming to ensure that AI systems are safe, transparent, and respectful of fundamental rights. Its provisions cover a broad range of AI technologies, with special rules for general-purpose AI models, the foundational models that power many AI applications, including chatbots, recommendation engines, image generators, and other tools widely used across industries.

The AI Act introduces a phased approach: it came into application on 2nd August 2025, with enforcement by the EU’s AI Office beginning one year later for new models and two years later for existing ones. This staged rollout is intended to give providers time to adapt while addressing the risks associated with the most powerful AI systems.

What the General-Purpose AI Code of Practice Covers

The Code is divided into three key chapters:

  1. Transparency: Encourages providers to document their AI models clearly and consistently. The Code introduces a Model Documentation Form, helping businesses consolidate all necessary information in a single, accessible place. This ensures transparency for regulators, users, and downstream developers integrating the AI models into their own products.

  2. Copyright: Provides practical guidance for complying with EU copyright law when using or building upon existing works in AI training data. This helps providers avoid legal pitfalls while developing or deploying AI solutions.

  3. Safety and Security: Relevant for providers of high-impact AI models, this chapter outlines best practices for managing systemic risks, such as threats to fundamental rights, safety hazards, or the potential misuse of AI in areas like chemical or biological research. High-risk models are those with capabilities that could significantly impact the EU market, including models trained with massive amounts of computational power.

Why the Code Matters for Businesses

While voluntary, the Code offers a practical, industry-driven route to compliance with the AI Act. For businesses, this brings several advantages, including the following:

  • Reduced administrative burden: By following the Code, companies can demonstrate compliance without building entirely new internal compliance frameworks.

  • Legal certainty: Adhering to the Code provides a strong indication that the provider is meeting AI Act obligations.

  • Clear guidance on risk management: Companies deploying high-impact AI models gain structured advice on mitigating systemic risks, from safety to ethical concerns.

  • Enhanced transparency and trust: Thorough documentation and compliance with copyright rules help build confidence with regulators, customers, and partners.

The Code will also be complemented by Commission guidelines on general-purpose AI, which will clarify which models fall under the AI Act’s rules, who qualifies as a provider, and how systemic risk is defined.

The Bigger Picture

As AI becomes increasingly central to business and society, European regulators are signalling a new era where innovation and accountability must coexist. The General-Purpose AI Code of Practice offers more than compliance; it provides a strategic framework for companies to embed transparency, copyright respect, and systemic risk management into their AI initiatives.

For businesses, this is an opportunity to rethink how AI is deployed, not just to meet legal obligations, but to build trust, resilience, and competitive advantage. The Code transforms the AI Act from abstract rules into actionable guidance, giving providers clarity on responsibilities, confidence in their governance practices, and a roadmap to safeguard both users and society from unintended harms.

How Can Gerrish Legal Help?

Gerrish Legal is a dynamic digital law firm. We pride ourselves on giving high-quality and expert legal advice to our valued clients. We specialise in many aspects of digital law such as GDPR, data privacy, digital and technology law, commercial law, and intellectual property. 

We give companies the support they need to successfully and confidently run their businesses whilst complying with legal regulations without the burdens of keeping up with ever-changing digital requirements. 

We are here to help you, get in contact with us today for more information.


Nathalie Pouderoux
Next

What You Need To Know About the Digital Fairness Act