Skip to main content
NOPE
In Effect Code of Practice AI Safety

EU GPAI Code

EU General-Purpose AI Code of Practice

Voluntary code enabling general-purpose AI model providers to demonstrate compliance with EU AI Act GPAI obligations. Three chapters cover transparency (model documentation), copyright compliance, and safety/security for systemic-risk models. Adherence creates legal presumption of conformity.

Jurisdiction

European Union

Enacted

Aug 1, 2025

Effective

Aug 2, 2025

Enforcement

EU AI Office and national competent authorities

Published July 10, 2025; formally approved August 1, 2025; GPAI obligations in force August 2, 2025

European Commission — Digital Strategy

Why It Matters

Establishes the practical compliance standard for general-purpose AI model providers under the EU AI Act, covering transparency, copyright, and safety obligations. Creates a legal presumption of conformity for signatories.

Recent Developments

Signatory Taskforce established to facilitate coherent application. Signatories include Anthropic, OpenAI, Google, Microsoft, Amazon. GPAI Template for data disclosure published July 24, 2025.

At a Glance

Applies to

Foundation Model

Who Must Comply

  • General-purpose AI model providers (estimated 5-15 globally)
  • Providers of GPAI models with systemic risk (safety chapter)

Obligations fall on:

Applicability thresholds:

100000000000000.0B global FLOP (GPAI) — Indicative threshold for GPAI model classification

Safety Provisions

  • Model Documentation Form with 10-year retention requirement
  • Copyright compliance policies using state-of-the-art identification technologies
  • Safety frameworks and incident reporting for systemic-risk models
  • Information sharing with downstream providers and AI Office

Exemptions

Open Source Exemption

GPAI models released under free and open-source licenses are exempt from transparency obligations unless the model poses systemic risk

  • • Released under free and open-source license
  • • Does not pose systemic risk

Compliance & Enforcement

Key Dates

Aug 2, 2025

GPAI model provider obligations under EU AI Act take effect

Aug 2, 2026

End of enforcement grace period for GPAI obligations

Penalties

€15M or 3% revenue (whichever higher)

View on map

European Union

Focus Areas

Algorithmic accountability

Cite This

APA

European Union. (2025). EU General-Purpose AI Code of Practice.

Related Regulations

Enacted EU

EU CRA

Mandatory cybersecurity requirements for all products with digital elements placed on the EU market, including AI software. Requires security by design, vulnerability handling, incident reporting to ENISA, software bills of materials, and CE marking for market access.

In Effect EU

EU AI Act

World's first comprehensive risk-based regulatory framework for AI systems. Classifies AI by risk level with escalating requirements from prohibited practices to high-risk obligations.

Pending PL

Poland Draft AI Act

Poland's draft law implementing EU AI Act domestically, creating KRiBSI (national AI authority), regulatory sandboxes, and binding opinions mechanism.

In Effect FR

FR SREN

France's 2024 "digital space" law strengthening national digital regulation and enforcement levers via ARCOM across platform safety and integrity issues.

In Effect DE

DE JuSchG §24a (KidD)

Requires providers of certain telemedia services to implement provider-side precautionary measures ("Vorsorgemaßnahmen") with regulator-facing evaluability via published BzKJ criteria.

In Effect CH

Switzerland FADP

Switzerland's revised data protection law with Article 21 automated decision transparency requirements, human review rights, and fines up to CHF 250,000.

All regulations Check if this applies to you

Last updated March 9, 2026. Verify against primary sources before relying on this information.