Finland AI Act
Act on the Supervision of Certain AI Systems (Laki eräiden tekoälyjärjestelmien valvonnasta)
Finland's EU AI Act implementation using decentralized supervision model. Traficom serves as single point of contact and coordination authority. Ten market surveillance authorities share enforcement across sectors. New Sanctions Board handles fines over EUR 100,000.
Jurisdiction
Finland
Enacted
Dec 22, 2025
Effective
Jan 1, 2026
Enforcement
Traficom (coordination); Data Protection Ombudsman; Safety and Chemicals Agency; Financial Supervisory Authority; and 7 other sector authorities
Approved December 22, 2025; effective January 1, 2026. Sandbox rules effective February 1, 2026.
FinlexWhy It Matters
Model for decentralized EU AI Act enforcement. Shows how member states can distribute oversight across existing sector regulators rather than creating new AI authority.
Recent Developments
First EU member state to activate full AI Act enforcement powers. Established novel Sanctions Board structure for high-value fines.
At a Glance
Applies to
Harms addressed
Who Must Comply
- AI system providers operating in Finland
- AI system deployers in Finland
- High-risk AI in critical infrastructure and law enforcement
Safety Provisions
- Implements all EU AI Act prohibited practices
- Decentralized supervision across 10 specialized authorities
- Traficom as single point of contact and sandbox operator
- Data Protection Ombudsman monitors prohibited AI systems
- Sanctions Board for administrative fines over EUR 100,000
- Inspection, documentation, and halt-use powers
Compliance & Enforcement
Key Dates
Jan 1, 2026
Main provisions take effect
Feb 1, 2026
AI regulatory sandbox rules effective
Penalties
€35M or 7% revenue (whichever higher)
Primary Source
Finlex
https://www.finlex.fi/en/government-proposals/2025/46
View on map
Finland
Focus Areas
Compliance Help
Inherits EU AI Act requirements. Decentralized enforcement means sector-specific authorities (healthcare, finance, etc.) oversee AI in their domains.
See how NOPE helpsCite This
APA
Finland. (2025). Act on the Supervision of Certain AI Systems (Laki eräiden tekoälyjärjestelmien valvonnasta).
Related Regulations
Hungary AI Act
Hungary's comprehensive AI law implementing the EU AI Act. Designates the National Media and Infocommunications Authority (NMHH) as the primary supervisory authority, with sectoral regulators for specific domains.
Denmark AI Act
First EU member state to fully implement the EU AI Act. Designates three competent authorities, establishes penalty framework aligned with EU maximums, and grants inspection/enforcement powers. Does not add material requirements beyond EU AI Act.
Norway AI Act
Norway implementing full EU AI Act through EEA Agreement. Most comprehensively regulated non-EU jurisdiction for AI. Also implementing Digital Services Act with some Norwegian additions.
FR SREN
France's 2024 "digital space" law strengthening national digital regulation and enforcement levers via ARCOM across platform safety and integrity issues.
DE JuSchG §24a (KidD)
Requires providers of certain telemedia services to implement provider-side precautionary measures ("Vorsorgemaßnahmen") with regulator-facing evaluability via published BzKJ criteria.
CA SB 867
Proposes a 4-year moratorium on the sale and manufacturing of toys with AI chatbot capabilities for children under 12. During the moratorium, a task force would develop safety standards with input from technologists, parents, and ethicists.
Last updated January 23, 2026. Verify against primary sources before relying on this information.