Finland AI Act
Act on the Supervision of Certain AI Systems (Laki eräiden tekoälyjärjestelmien valvonnasta)
Finland's EU AI Act implementation using decentralized supervision model. Traficom serves as single point of contact and coordination authority. Ten market surveillance authorities share enforcement across sectors. New Sanctions Board handles fines over EUR 100,000.
Jurisdiction
Finland
Enacted
Dec 22, 2025
Effective
Jan 1, 2026
Enforcement
Traficom (coordination); Data Protection Ombudsman; Safety and Chemicals Agency; Financial Supervisory Authority; and 7 other sector authorities
Approved December 22, 2025; effective January 1, 2026. Sandbox rules effective February 1, 2026.
FinlexWhy It Matters
Model for decentralized EU AI Act enforcement. Shows how member states can distribute oversight across existing sector regulators rather than creating new AI authority.
Recent Developments
First EU member state to activate full AI Act enforcement powers. Established novel Sanctions Board structure for high-value fines.
At a Glance
Applies to
Harms addressed
Who Must Comply
- AI system providers operating in Finland
- AI system deployers in Finland
- High-risk AI in critical infrastructure and law enforcement
Safety Provisions
- Implements all EU AI Act prohibited practices
- Decentralized supervision across 10 specialized authorities
- Traficom as single point of contact and sandbox operator
- Data Protection Ombudsman monitors prohibited AI systems
- Sanctions Board for administrative fines over EUR 100,000
- Inspection, documentation, and halt-use powers
Compliance & Enforcement
Key Dates
Jan 1, 2026
Main provisions take effect
Feb 1, 2026
AI regulatory sandbox rules effective
Penalties
€35M or 7% revenue (whichever higher)
Primary Source
Finlex
https://www.finlex.fi/en/government-proposals/2025/46
View on map
Finland
Focus Areas
Cite This
APA
Finland. (2025). Act on the Supervision of Certain AI Systems (Laki eräiden tekoälyjärjestelmien valvonnasta).
Related Regulations
Hungary AI Act
Hungary's comprehensive AI law implementing the EU AI Act. Designates the National Media and Infocommunications Authority (NMHH) as the primary supervisory authority, with sectoral regulators for specific domains.
Denmark AI Act
First EU member state to fully implement the EU AI Act. Designates three competent authorities, establishes penalty framework aligned with EU maximums, and grants inspection/enforcement powers. Does not add material requirements beyond EU AI Act.
Norway AI Act
Norway implementing full EU AI Act through EEA Agreement. Most comprehensively regulated non-EU jurisdiction for AI. Also implementing Digital Services Act with some Norwegian additions.
EU DSA Minors Guidelines
Commission guidelines under DSA Article 28(1) establishing measures for online platforms to protect minors, including age assurance, default privacy settings, anti-addictive design restrictions, recommender system safeguards, and protections against grooming and exploitation.
China Minor Content Classification Measures
Establishes a four-category classification framework for online content that may harm minors' physical and mental health. Prohibits platforms from displaying classified harmful content in prominent positions (homepage, pop-ups, trending, recommendations). Requires preventive measures against content risks from algorithmic recommendations and generative AI.
FR SREN
France's 2024 "digital space" law strengthening national digital regulation and enforcement levers via ARCOM across platform safety and integrity issues.
Last updated January 23, 2026. Verify against primary sources before relying on this information.