
In three weeks the European Commission gets teeth. On 2 August 2026 its enforcement powers under the AI Act enter into application, and for the first time it can fine a provider of a general-purpose AI model — up to €15 million or 3% of global annual turnover, whichever is higher. The obligations themselves are not new; they have applied since 2 August 2025. What changes is that the year-long grace period, during which the rules existed but no one could be penalised for breaking them, is over. If you build on GPAI models and you have been treating the AI Act as a 2027 problem, you have miscalculated the calendar.
I have spent the past year wiring compliance into AI systems for regulated European clients, and the single most common mistake I see is conflating two very different deadlines. The high-risk timeline did slip. The general-purpose timeline did not. This is a pragmatic briefing on what is actually enforceable on 2 August, who is in scope, and what you can still do this month.
What actually changes on 2 August 2026
The Commission’s own guidance is unusually blunt about it. The guidelines for GPAI providers state that “from 2 August 2026, the Commission’s enforcement powers enter into application” and that it “will enforce compliance with the obligations for providers of GPAI models, including with fines.” The fining power sits in Article 101: up to 3% of worldwide annual turnover or €15 million for a provider that infringes its obligations or fails to comply with a Commission request.
The part that should focus minds is the retroactive shadow. Because the substantive duties have been in force since August 2025, the enforcement window opening in 2026 does not start the clock — it collects on a year that has already elapsed. A model you placed on the EU market in, say, October 2025 with no technical documentation and no training-data summary has been non-compliant for months. Nobody could act on that in 2025. From August 2026, somebody can. There is a narrow exception for models already on the market before 2 August 2025, which have until 2 August 2027 to come into line, but for anything shipped since then the deadline is now.
Who counts as a GPAI provider — and the fine-tuning trap
Most engineering leaders assume this is a problem for OpenAI, Google, Anthropic and Mistral, not for them. That assumption is where the exposure hides. You do not have to train a foundation model from scratch to inherit provider obligations. You can back into them by fine-tuning.
The Commission’s indicative criterion is a compute ratio: if the training compute you spend modifying an existing model exceeds one-third of the original model’s training compute, you are treated as the provider of a new GPAI model, carrying the same obligations as the lab that built the base. For a model already classed as carrying systemic risk, the threshold is replaced by one-third of the systemic-risk line — currently one-third of 1025 floating-point operations, roughly 3.3 × 1024 FLOP. Most fine-tunes never come close. But a serious continued-pretraining run on an open-weight base can, and if yours does, you are not a downstream deployer any more. You are a provider.
That 1025 FLOP figure is the other number worth memorising. A model trained above it is presumed to pose systemic risk, which triggers a heavier tier of duties — model evaluations, adversarial testing, serious-incident reporting and cybersecurity obligations — on top of the baseline. Know which side of that line your base model sits on before you touch it.
The four duties that actually bite
Strip away the annexes and the baseline obligations for a standard GPAI model come down to four concrete artefacts. None of them is exotic; all of them take real lead time to produce honestly.
- Technical documentation. A maintained description of the model — its design, training and testing process, evaluation results and known limitations — kept current for the AI Office and national authorities on request.
- Information for downstream providers. Documentation that lets the teams integrating your model understand its capabilities and limits well enough to meet their own obligations. If you ship a model to other builders, you owe them a usable integration record, not a marketing page.
- A copyright policy. A written policy for complying with EU copyright law, including honouring the machine-readable rights reservations that rightsholders use to opt out of text-and-data mining. “We scraped it, it was on the internet” is not a policy.
- A public training-content summary. A sufficiently detailed summary of the data used to train the model, following the AI Office template. This is the one most teams have simply not written, and it is the one a journalist or competitor can check against your model’s behaviour.
Signing the GPAI Code of Practice is the pragmatic route to demonstrating compliance with the first three; the Commission treats adherence to the Code as evidence of good faith. It is not a loophole, but it is a well-lit path, and refusing it means you carry the burden of proving compliance some other way.
What the Digital Omnibus did — and did not — postpone
Here is the confusion I promised to clear up. In June 2026 the Commission’s Digital Omnibus package pushed several AI Act deadlines back. High-risk systems under Annex III now have until 2 December 2027; the Annex I product-safety category slips to August 2028. That is real relief, and it is why so many teams have relaxed.
The Digital Omnibus did not touch the GPAI provisions. The general-purpose obligations, and the enforcement powers attached to them, remain exactly where they were: applicable since August 2025, enforceable from August 2026. If your mental model is “the AI Act got delayed,” you have imported the high-risk timeline into a place it does not apply. I made a version of this point when the GPAI regime first came into force — see the EU AI Act one year on — and the gap between the two timelines has only widened since.
What to do this month
Three weeks is not enough to build a compliance programme, but it is enough to know where you stand and to stop the bleeding. In priority order:
- Inventory your models. List every GPAI model you place on the EU market or substantially modify. For each, record the base model, the date you shipped it, and your fine-tuning compute as a fraction of the base. That single spreadsheet tells you who is a provider and who is not.
- Find your provider-by-fine-tuning exposure. Any continued-pretraining or large fine-tuning run is the danger zone. If you are over the one-third line, you inherit the full obligation set — plan accordingly, or scope the run down.
- Write the training-content summary. It is the most-skipped artefact and the most externally checkable. Use the AI Office template. An imperfect honest summary beats a missing one.
- Adopt the Code of Practice unless you have a reason not to. It is the cheapest way to convert “we think we comply” into a defensible position.
- Wire audit in now. Documentation you can regenerate on demand is worth more than a PDF that was true once. The same authenticated, logged, revocable discipline I argued for in the piece on agent-web plumbing is what turns “the model did something” into an answerable question when a regulator asks.
None of this is about fearing a €15 million fine in the first week; the Commission has signalled it will lead with dialogue, not dawn raids. It is about the fact that, from 2 August, “we were going to get to it” stops being an acceptable answer. The obligations have been real for a year. In three weeks, so are the consequences.