Risk tiers
Four tiers. Different obligations.
The Act sorts every system into one of four tiers. Which tier you land in determines the entire compliance surface. Most agents we see in production fall into either high-risk or limited-risk.
Roles
Provider or deployer?
A deployer (Art. 3(4)) is any entity using an AI system under its authority in a non-personal capacity. If your company runs an agent that affects users, customers, or employees, you are almost certainly a deployer of that system.
A provider (Art. 3(3)) is the party that puts the system on the market under its own name. Different obligations: Annex IV technical file, CE marking, conformity assessment, the works.
The Art. 25(4) trap
If a deployer substantially modifiesa high-risk system, they silently become a provider of the modified system — and inherit the full provider obligation surface. Wrapping a base model with a custom system prompt is usually fine. Fine-tuning with your own data on a high-risk task usually isn’t. This is the most common way a deployer accidentally becomes a provider.
Fuze’s position
Fuze itself is not a provider of a high-risk system: under Art. 25(4) it is a component supplier. Customers run the SDK inside their own agent, which makes them the deployer (and possibly the provider, depending on how they built the system).
Annex III
The eight high-risk domains.
Annex III enumerates the domains where an AI system is classified as high-risk. If your agent operates inside one of these and materially influences the outcome, the high-risk obligations apply.
The checklist
What you must do — by deadline.
The Articles, deconstructed into the actual tasks. Each one is tagged with whether Fuze covers it, partially helps, or leaves it entirely on your team.
Before you ship
Before the first prompt hits a real user.
Scoping decisions: who you are under the law, what the system is, what risk tier it sits in. Most of these are one-offs.
Decide whether you are a provider, a deployer, or both
Article 25(4) silently flips a deployer into a provider if you substantially modify a high-risk system. Get this wrong and your obligations triple.
Art. 3(3) · Art. 3(4) · Art. 25(4)
Classify the risk tier of every agent in scope
Prohibited, high-risk, limited-risk, or minimal-risk. Most of this checklist only applies if you land in high-risk.
Art. 5 · Annex III · Art. 50
Run a Fundamental Rights Impact Assessment (FRIA) where required
Public bodies and deployers of certain Annex III high-risk systems. A documented assessment before deployment, kept current afterwards.
Art. 27
Compile the Annex IV technical file
Required for high-risk systems. Maps to ISO 42001 controls if you already maintain one. Fuze Control compiles the file from the evidence stream the SDK emits.
Annex IV · Art. 11
By Aug 2, 2026
Before the full high-risk regime is enforceable.
The operational obligations. Penalties of up to €15M or 3% of global annual turnover apply (Article 99(4)).
Automatic, tamper-evident logs of system operation
Hash-chained or otherwise integrity-protected records of every relevant run. Six-month retention floor for high-risk systems. The SDK emits these automatically.
Art. 12
A working human-oversight surface
Operators must be able to monitor in flight, intervene, override, and stop. Approval gates and the kill-switch primitive in the SDK; the queue lives in Fuze Control.
Art. 14
Risk-management process across the system lifecycle
A continuous, documented process — identify, mitigate, monitor, repeat. The runtime gives you the evidence; the process itself is on you.
Art. 9
Accuracy and robustness — measured and documented
Demonstrated performance under realistic conditions, resilience to error and attack. Eval suites and jailbreak logging are on the Fuze roadmap today.
Art. 15
Working procedures for serious-incident reporting
A serious incident must be reported to the national authority within 72 hours. You need a procedure, an owner, and a way to compile the report. Fuze Control drafts it from the evidence stream.
Art. 73
Ongoing
While the system is live.
Compliance isn't a launch event — these obligations run forever once the system is in operation.
Post-market monitoring of operational data
Systematic collection and analysis of how the system behaves in production. Drift, performance regression, anomalies. Fuze Control surfaces the data; the analysis is yours.
Art. 72
Retain logs for the required period
Minimum six months for high-risk; longer where sector law requires it (financial-services rules push it to seven years). Configurable per-deployment in Fuze Control.
Art. 19 · Art. 26(5)
Train and authorise the humans in the oversight role
Natural persons with sufficient competence and authority to oversee the system. Hiring, training, access governance — entirely on you.
Art. 14(4) · Art. 26(2)
Report a serious incident within 72 hours of becoming aware
From the moment you know, the clock starts. Have the report draft, the owner, and the regulator's submission channel ready before you need them.
Art. 73
Co-operate with market-surveillance authorities
On request, you make logs, technical documentation, and the system itself available to the national authority. Fuze Control exports are designed to be handed over as-is.
Art. 26(11) · Art. 74
Enforcement timeline
Phased through 2027.
The Act came into force in August 2024 but applies in stages. The date you care about depends on what you ship and what tier it sits in.
Penalties
Article 99 caps.
Three tiers of administrative fines, expressed as the higher of a cash cap or a percentage of global annual turnover. Enforcement is by national authorities; the actual amounts imposed are at their discretion.
Where Fuze sits
Want the Article-by-Article coverage?
The companion page maps every Article to the specific Fuze feature (or package) that satisfies it. Auditor-friendly: covers, partial, roadmap, or on you.
See Fuze coverageNext
Screen your system in five minutes.
The classifier walks you through Annex III, names which Articles apply, and shows what evidence Fuze would start emitting on day one.