The EU’s AI Code of Practice: Compliance, Operating Implications, and the Role of Integrated Risk Management

European UnionAI ActAI Code of Practice
Written By Ori Wellington

The EU AI Act entered into force on 1 August 2024 and will be fully applicable on 2 August 2026, with key provisions already active. Prohibitions and AI literacy duties have applied since 2 February 2025. Obligations for providers of general purpose AI, including transparency and copyright requirements, began on 2 August 2025. A voluntary General Purpose AI Code of Practice published on 10 July 2025 operationalizes how model providers can demonstrate compliance until harmonized standards arrive. The European Commission also issued guidelines clarifying scope and a mandatory template for the public summary of training content. Enforcement by the Commission for general purpose obligations begins in 2026, and models placed on the market before 2 August 2025 have until 2 August 2027 to comply. Maximum fines can reach 35 million euros or 7 percent of worldwide turnover for certain violations.

Ori Wellington

Orion “Ori” Wellington is the lead editor for The RiskTech Journal and The RTJ Bridge, where he helps shape editorial direction, guide strategic narratives, and support media relations across Wheelhouse Advisors. As a digital editorial advisor, Ori synthesizes trends in risk, technology, and governance, drawing from roles modeled on information security, risk analytics, and IT leadership.

Part of Wheelhouse’s AI-augmented research team, Ori works to distill complex signals into actionable intelligence—bridging expertise across domains and elevating the voice of integrated risk thinking.

https://wheelhouseadvisors.com
Sign up to read this post
Join Now
Previous

Provision 29 and the Trust Deficit: How UK Boards Can Convert a High-Stakes Declaration into Credible Assurance
Next

The Strategic Blind Spot: Closing the Boardroom Gap in AI Risk Oversight