Is my model a general-purpose AI model under the EU AI Act?

The legal test is Article 3(63): an AI model that displays significant generality and is capable of competently performing a wide range of distinct tasks. The Commission's Guidelines (section 2.1, paragraph (17)) add an indicative criterion for that threshold question: a model trained with more than 10²³ floating-point operations (FLOP) that can generate language (text or audio), text-to-image, or text-to-video. This is indicative and rebuttable both ways — per paragraph (18) and the surrounding text, a model below 10²³ FLOP may still be a GPAI model if it displays significant generality, and a model above it may exceptionally not be one if it does not. The 10²³ criterion (≈ the compute to train a one-billion-parameter model on a large dataset) is distinct from the separate 10²⁵ FLOP presumption that marks a GPAI model with systemic risk.

If I fine-tune or modify someone else's GPAI model, do I become a provider?

Per the Guidelines section 3.2 (paragraph (60)), a downstream modifier becomes a provider of a general-purpose AI model where the training compute used for the modification is greater than a third of the original model's training compute. Where the original model's training compute is not known (paragraph (61)), the Commission's reading is to use a third of the relevant indicative threshold — a third of 10²⁵ FLOP for a model with systemic risk, or a third of 10²³ FLOP otherwise. This is the GPAI-model analogue of the Article 25 substantial-modification rule that operates at the AI-system level. This downstream-modifier test applies to a different actor modifying the model; a model's own provider continuing to develop it after release is the separate same-model lifecycle case — see the lifecycle rule.

Do my built-in safety measures get my model out of systemic-risk classification?

Per the Guidelines section 2.3.3, the argument for contesting the systemic-risk presumption is that the model does not, or will not, have high-impact capabilities — capabilities that match or exceed those recorded in the most advanced GPAI models (Article 3(64)). The companion AI Act Service Desk GPAI FAQ states that built-in safety measures do not by themselves remove the classification: mitigations reduce the realisation of systemic risk, but the presumption keys off the model's capabilities, which the mitigations do not change. This is the Commission's interpretation of the Article 52(2) rebuttal, not a separate statutory rule.

What training compute counts toward the thresholds, and does synthetic data count?

Per the Guidelines Annex (section A.2), cumulative training compute can be estimated by a hardware-based approach or an architecture-based approach. Per paragraph (117), compute used to generate synthetic data that is not publicly accessible counts, as does the compute used to train on it. The Annex excludes, among others, compute used to generate publicly-accessible synthetic data, compute spent on failed experiments, and compute used to train parent models in distillation. The Annex states the estimate should be accurate within an overall error margin of 30%.

Are AI agents regulated as a separate category under the EU AI Act?

Per the AI Act Service Desk GPAI FAQ (not the scope Guidelines, which do not address agents), AI agents are not a separate regulatory category. They are typically AI systems that contain one or more general-purpose AI models. Where a model has the autonomy and tool-use characteristics that feed the systemic-risk criteria, those can bear on a systemic-risk designation under Annex XIII (including point (e)) and Article 51(1)(b); they are an input to designation, not an automatic trigger. The applicable obligations follow the AI-system rules (including Article 5 prohibitions, Article 6 high-risk classification, and Article 50 transparency) and, where a GPAI model is involved, Chapter V.

Are GPAI obligations enforceable now, or is there a grace period until 2026?

Obligations under Chapter V apply from 2 August 2025; there is no grace period from the obligations themselves. What shifts is enforcement: per the Guidelines section 5, the AI Office's enforcement powers over GPAI-model providers — information requests (Article 91), model evaluations (Article 92), measures including withdrawal (Article 93), and fines of up to 3% of global annual turnover or EUR 15 million, whichever is higher (Article 101) — become exercisable from 2 August 2026. The Commission states it expects good-faith cooperation in the interim; that is an expectation, not a statutory holiday. Models placed on the market before 2 August 2025 have until 2 August 2027 to be brought into conformity (Article 111(3)).

Commission guidance on general-purpose AI models

This is the Commission's interpretive guidance on the scope of the obligations for providers of general-purpose AI (GPAI) models — adopted as Communication C(2025) 7719 final on 19 November 2025 (first published 18 July 2025), with a companion AI Act Service Desk GPAI FAQ. It is the soft-law counterpart to the General-purpose AI models law page, which sets out the Chapter V obligations themselves (Articles 51–56).

Status

Commission interpretive guidance, not binding law. The EU AI Act text and any Court of Justice of the European Union (CJEU) interpretation prevail in case of conflict. The Commission states the Guidelines are issued under Article 96 and concern only the AI Act.

Quick decision

You want to know whether your model is a GPAI model at all → Article 3(63) governs (significant generality + a wide range of distinct tasks); the Commission's indicative 10²³ FLOP + generative-capability criterion is rebuttable both ways. See the 10²³ indicative criterion.
You fine-tuned or modified someone else's model → you become a provider if your modification training compute is greater than a third of the original model's (or a third of 10²³ / 10²⁵ FLOP when the original is unknown). See the one-third-compute rule.
You keep changing your own model after release → same-provider development downstream of the large pre-training run is part of the same model's lifecycle, not a new model. See model lifecycle.
You think built-in safety measures take you out of systemic-risk → the Commission's reading is that mitigations do not by themselves rebut the classification. See systemic-risk classification.
You want the obligations themselves (Articles 53/55), the 10²⁵ presumption, the open-source exemption mechanics, or Codes of Practice → those are the law, not this interpretive reading. See the General-purpose AI models law page.

TL;DR

The legal test for "is this a GPAI model" is Article 3(63) (significant generality + wide range of distinct tasks). The Guidelines add an indicative, rebuttable-both-ways criterion (section 2.1): >10²³ FLOP + capability to generate language / text-to-image / text-to-video (≈ a one-billion-parameter model).
That 10²³ criterion is the threshold question (am I a GPAI model). It is distinct from the 10²⁵ FLOP presumption that marks a GPAI model with systemic risk — which is on the law page.
A downstream modifier becomes a provider when its modification training compute exceeds a third of the original model's (Guidelines section 3.2) — the GPAI analogue of Article 25.
A model's lifecycle begins at the large pre-training run; the same provider's later development is the same model, not a new one (section 2.2).
Training compute can be estimated hardware- or architecture-based; non-public synthetic-data compute counts; parent-model distillation compute is excluded; the Annex targets an error margin of 30%.
AI agents are not a separate regulatory category (per the FAQ): typically AI systems containing a GPAI model; autonomy + tool use can feed a systemic-risk designation under Annex XIII + Article 51(1)(b).
Obligations apply from 2 August 2025; the AI Office's enforcement powers over GPAI providers (including Article 101 fines up to 3% / EUR 15 million) become exercisable from 2 August 2026. Not a grace period on the obligations.

Primary source

What this guidance adds (and what stays on the law page)

This page is the Commission's scope reading. The obligations themselves stay on the law page — this page does not restate them.

On the law page: the Article 53 baseline obligations (technical documentation, downstream-provider documentation, copyright policy, training-data summary); the Article 55 systemic-risk obligations; the 10²⁵ FLOP systemic-risk presumption and the Article 52 procedure; the free-and-open-source exemption mechanics under Article 53(2); the Article 54 authorised representative; Article 56 Codes of Practice; the Article 3(63) model vs Article 3(66) system distinction.

Here (the net-new interpretive layer): the indicative 10²³ FLOP criterion for being a GPAI model at all; the one-third-compute downstream-modifier rule; training-compute estimation; the model lifecycle (what counts as the same model); how the Commission reads the systemic-risk rebuttal; provider determination; the open-source monetisation boundary; the 2 August 2026 enforcement-powers date; and the AI-agents treatment (FAQ-sourced).

When is a model a GPAI model at all: the 10²³ indicative criterion

The legal test (Article 3(63))

The binding test is Article 3(63): a general-purpose AI model is an AI model that displays significant generality and is capable of competently performing a wide range of distinct tasks, regardless of how it is placed on the market, except models used for research, development or prototyping before being placed on the market. Everything below is the Commission's operationalisation of that test, not a replacement for it.

The Commission's operationalisation

Per the Guidelines section 2.1 (paragraph (17)), the Commission sets an indicative criterion (rebuttable both ways — see below): a model is a GPAI model when its training compute is greater than 10²³ FLOP and it can generate language (text or audio), text-to-image, or text-to-video. Paragraph (18) explains that 10²³ FLOP is approximately the compute used to train a model with one billion parameters on a large amount of data.

Rebuttable both ways

The criterion is indicative, not a bright line, and it cuts in both directions. Per section 2.1, a model that meets the compute-and-modality criterion but exceptionally does not display significant generality or perform a wide range of distinct tasks is not a GPAI model; and a model below 10²³ FLOP that does display significant generality is a GPAI model. The Article 3(63) qualitative test always controls; the 10²³ figure is a starting indicator.

This 10²³ "am I a GPAI model at all" question is upstream of, and distinct from, the 10²⁵ FLOP presumption that marks a GPAI model with systemic risk (Article 51(2)) — see the law page.

Model lifecycle: when obligations attach and what counts as the "same model"

Per the Guidelines section 2.2 (paragraph (22)), the Commission understands a model's lifecycle to begin at the start of the large pre-training run. Any subsequent development of the model downstream of that run, performed by the provider or on its behalf, is part of the same model's lifecycle rather than giving rise to new models. The companion GPAI FAQ glosses this as "same pre-training run = same model".

The distinguishing axis here is who does the development, not how much changes:

Same provider (or on its behalf) doing later development → still one model, no new provider, no new model obligations triggered by the change itself.
A different actor modifying the model → may become a new provider — see the next section. The test there is a compute threshold, but the gateway is that it is a different actor.

When a downstream modifier becomes a provider: the one-third-compute rule

Per the Guidelines section 3.2 (paragraph (60)), a downstream actor that modifies a general-purpose AI model becomes a provider of a general-purpose AI model where the training compute used for the modification is greater than a third of the original model's training compute.

Where the original model's training compute is not known (paragraph (61)):

for a model with systemic risk, use a third of 10²⁵ FLOP;
otherwise, use a third of 10²³ FLOP.

This is the GPAI-model-level analogue of the Article 25 substantial-modification rule that transfers provider obligations at the AI-system level — see Roles and responsibilities. The two operate on different objects (the model vs the system); a downstream actor can cross one threshold without crossing the other. A modification below the one-third threshold does not make the modifier a provider of the model.

Estimating cumulative training compute

The Guidelines Annex (section A.2) addresses how to estimate the cumulative training compute the thresholds turn on.

Two estimation approaches

Hardware-based approach (section A.2.1) — estimate from the hardware used and its utilisation over the training run.
Architecture-based approach (section A.2.2) — estimate from the model architecture and the training workload.

The provider chooses the method; the Annex provides the framing for both.

What counts and what is excluded

Counts: per paragraph (117), where a model is trained on synthetic data that is not publicly accessible, the compute used to generate that data counts, as does the compute used to train on it.
Excluded: among others, compute used to generate synthetic data that is publicly accessible; compute spent on failed experiments; and compute used to train parent models in distillation.

Estimates, not exact counts

The Annex frames these as estimates and states the estimate should be accurate within an overall error margin of 30% of the reported figure. The threshold determinations are therefore made on estimated, documented compute, not exact operation counts.

Determining who the provider is

Per the Guidelines section 3.1 (Article 3(3) defines the provider), determining who the provider is can require a case-by-case assessment where the actor that trains a model is not necessarily the actor in charge of its development. An important factor is who has control over the model's development; contractual arrangements and economic relationships also bear on the assessment. For the parallel AI-system-level mechanics — including how an actor putting its name on a system, or substantially modifying it, becomes a provider — see Roles and responsibilities.

Open-source status and where it stops

The mechanics of the free-and-open-source exemption (which Article 53 obligations it lifts, and the condition that it never applies to systemic-risk models) are on the law page. The Guidelines (section 4) add the boundary conditions: the exemption applies only to a genuinely free and open-source release, and the Commission's reading addresses monetisation (section 4.2.2) — a model behind a paid access or a model whose open-source status is otherwise lost does not benefit. The copyright policy and training-data-summary obligations apply regardless of open-source status.

Systemic-risk classification: what the Guidelines clarify

The 10²⁵ FLOP presumption (Article 51(2)) and the Article 52 notification procedure are on the law page. The Guidelines' interpretive addition (section 2.3.3) concerns the rebuttal: the argument for contesting the presumption is that the model does not, or will not, have high-impact capabilities — capabilities that match or exceed those recorded in the most advanced GPAI models (Article 3(64)). (The systemic-risk concept itself is defined in Article 3(65).)

The companion GPAI FAQ adds that built-in safety measures do not by themselves rebut the classification. The Commission's reasoning: the presumption keys off the model's capabilities; mitigations reduce the realisation of systemic risk but do not change the underlying capabilities. This is the Commission's interpretation of the Article 52(2) rebuttal, not a separate rule in the Regulation.

AI agents

Source note

The treatment of AI agents below is drawn from the AI Act Service Desk GPAI FAQ, not the scope Guidelines (C(2025) 7719 final), which do not address agents. Treat it as the Commission's informal interpretive position.

Per the FAQ:

AI agents are not a separate regulatory category under the EU AI Act. This is the load-bearing point.
They are typically AI systems that contain one or more general-purpose AI models. The applicable obligations therefore follow the AI-system rules — Article 5 prohibitions (notably 5(1)(a)–(b) manipulation and exploitation), Article 6 high-risk classification where the intended purpose is in Annex III or Annex I, and Article 50 transparency where they interact with people or generate content — and, where a GPAI model is involved, Chapter V.
Where a model has autonomy and tool-use characteristics, those can bear on a systemic-risk designation under Annex XIII (including point (e)) and Article 51(1)(b). They are an input the Commission may weigh in a designation, not an automatic trigger.

Enforcement timeline and the AI Office's powers

Obligations under Chapter V apply from 2 August 2025 (Article 113(b)); models placed on the market before that date have until 2 August 2027 to be brought into conformity (Article 111(3)). See the law page for the obligations themselves.

What changes on 2 August 2026 is the AI Office's power to enforce those obligations against GPAI-model providers. Per the Guidelines section 5, from that date the AI Office can:

request information (Article 91);
conduct model evaluations (Article 92);
require measures, including withdrawal of the model from the market (Article 93); and
impose fines of up to 3% of global annual turnover or EUR 15 million, whichever is higher (Article 101).

This is not a grace period on the obligations — they bind from 2 August 2025. What shifts in 2026 is the enforcement instrument. The Commission states it expects good-faith cooperation in the interim; that is a stated expectation, not a statutory holiday.

Do not confuse the two "2 August 2026" dates

The 2 August 2026 date here is the AI Office's enforcement powers over GPAI-model providers. It is a different event from the 2 August 2026 date that (in the original EU AI Act timeline) governs Annex III high-risk AI-system obligations — see High-risk classification. The provisional AI Omnibus agreement would shift the Annex III system-level date; it does not change the GPAI Chapter V dates.

How to operationalise GPAI-model scoping in Modulos

The net-new scoping determinations on this page map onto existing Modulos requirements — no new codes. The Article 53/55 obligation requirements are detailed on the law page and are not re-listed here.

Guidance topic	Guidelines section	Modulos requirement	Code
10²³ "am-I-a-GPAI-model" determination	section 2.1	GPAIM Classification (app)	`MRF-120`
Downstream-modifier one-third-compute threshold	section 3.2	GPAIM Classification (app) — provider-status re-assessment	`MRF-120`
Cumulative-compute estimate (method + figure)	Annex A.2	GPAIM Classification (app)	`MRF-120`
Rebuttal of the systemic-risk presumption	section 2.3.3	GPAIM Classification Exemption (app)	`MRF-121`
Provider determination	section 3.1	GPAIM Classification (app)	`MRF-120`

The 10²³ determination, the one-third-modifier analysis, and the compute estimate are owner-authored documentation recorded as evidence on MRF-120 (the platform's Product:GPAIM scoping tag flips this requirement in). A rebuttal under Article 52(2) is documented on MRF-121. MRF-38 (AI System Classification) links to Article 51 globally but does not parse the 10²³-vs-10²⁵ split — that parsing is recorded on MRF-120. The lifecycle "same model" rule is a scoping fact that prevents spurious re-classification; it is documented in the classification rationale rather than tracked as a separate control.

For the full template details see Operationalizing the EU AI Act in Modulos.

Cross-framework mapping (preview)

GPAI scope concept	Adjacent reading
10²³ GPAI-model criterion / 10²⁵ systemic-risk presumption	NIST AI RMF Generative AI Profile (model characterisation); OECD definitions of AI models / systems.
Training-compute estimation	ISO/IEC 42001 documentation controls; emerging compute-reporting practice (e.g. US reporting thresholds).
Downstream-modifier provider transfer	EU AI Act Article 25 (system-level substantial modification); ISO/IEC 42001 supply-chain controls.
Systemic-risk capability rebuttal	NIST AI RMF MEASURE (capability evaluation); ISO/IEC 23894 risk management.
AI agents (FAQ)	NIST AI RMF GenAI Profile; OWASP Agentic AI security guidance.

Settled vs vague (per Commission guidance)

Settled in the Guidelines:

The 10²⁵ FLOP systemic-risk presumption is in the EU AI Act itself (Article 51(2)); the open-source exemption never applies to systemic-risk models.
A model's lifecycle begins at the large pre-training run; same-provider later development is the same model (section 2.2).
The downstream-modifier provider transfer turns on the one-third-compute threshold (section 3.2).
Training-compute estimates target a 30% error margin (Annex).

Left vague / interpretive:

The 10²³ criterion is indicative; the Article 3(63) qualitative test is the real boundary, and edge models near the threshold turn on a generality judgement.
The one-third rule's application when the original model's compute is unknown rests on the Commission's reading, not an explicit Regulation rule.
The AI-agents treatment is FAQ-sourced, not in the scope Guidelines, and the systemic-risk relevance of autonomy / tool use is an input to designation rather than a defined trigger.
The "good-faith cooperation" expectation before 2 August 2026 is a Commission expectation, not a statutory position.

General-purpose AI models (law)

The Chapter V obligations themselves: Articles 53/55, the 10²⁵ presumption, FOSS exemption, Article 54, Codes of Practice

Commission guidance overview

Hub: legal status of Commission guidance, the source documents, how to use them

Definition of an AI system (Commission guidance)

The Article 3(1) AI-system test — distinct from the Article 3(63) GPAI-model test

High-risk classification (Commission guidance)

Article 6 classification — a GPAI model integrated into a high-risk system triggers both regimes

Roles and responsibilities

Article 25 substantial modification at the AI-system level — the analogue of the one-third-compute rule

Operationalizing in Modulos

OFF-1 + MFF-1; the GPAIM scoping tags and requirement mapping

Source attribution

Commission Communication C(2025) 7719 final, Brussels, 19 November 2025 — Commission Guidelines on the scope of the obligations for providers of general-purpose AI models established by Regulation (EU) 2024/1689 (AI Act) (first published 18 July 2025). © European Union. Adopted under Article 96(1) AI Act. Companion: the AI Act Service Desk GPAI FAQ. Section references on this page (e.g. "section 2.1", "Annex A.2") are to the numbered sections of that Communication; paragraph references in the form (N) are to the Commission's paragraph numbering. The underlying EU AI Act — Regulation (EU) 2024/1689 — is published in the OJ L of 12 July 2024 under CELEX 32024R1689.

Disclaimer

This page is for general informational purposes and does not constitute legal advice.

Comparison

EU AI Act

Commission guidance

ISO Standards

ISO/IEC 42001

ISO/IEC 27001

ISO/IEC 27701

NIST AI RMF

GDPR (EU)

NIS2 (EU)

DORA (EU)

OWASP for AI Security

UAE AI Ethics

MAS FEAT

Microsoft Supplier DPR

Commission guidance on general-purpose AI models

Quick decision

TL;DR

What this guidance adds (and what stays on the law page)

When is a model a GPAI model at all: the 10²³ indicative criterion

The legal test (Article 3(63))

The Commission's operationalisation

Rebuttable both ways

Model lifecycle: when obligations attach and what counts as the "same model"

When a downstream modifier becomes a provider: the one-third-compute rule

Estimating cumulative training compute

Two estimation approaches

What counts and what is excluded

Estimates, not exact counts

Determining who the provider is

Open-source status and where it stops

Systemic-risk classification: what the Guidelines clarify

AI agents

Enforcement timeline and the AI Office's powers

How to operationalise GPAI-model scoping in Modulos

Cross-framework mapping (preview)

Settled vs vague (per Commission guidance)

Source attribution

Commission guidance

ISO/IEC 42001

ISO/IEC 27001

ISO/IEC 27701

Commission guidance on general-purpose AI models ​

Quick decision ​

TL;DR ​

What this guidance adds (and what stays on the law page) ​

When is a model a GPAI model at all: the 10²³ indicative criterion ​

The legal test (Article 3(63)) ​

The Commission's operationalisation ​

Rebuttable both ways ​

Model lifecycle: when obligations attach and what counts as the "same model" ​

When a downstream modifier becomes a provider: the one-third-compute rule ​

Estimating cumulative training compute ​

Two estimation approaches ​

What counts and what is excluded ​

Estimates, not exact counts ​

Determining who the provider is ​

Open-source status and where it stops ​

Systemic-risk classification: what the Guidelines clarify ​

AI agents ​

Enforcement timeline and the AI Office's powers ​

How to operationalise GPAI-model scoping in Modulos ​

Cross-framework mapping (preview) ​

Settled vs vague (per Commission guidance) ​

Related pages ​

Source attribution ​

Commission guidance on general-purpose AI models

Quick decision

TL;DR

What this guidance adds (and what stays on the law page)

When is a model a GPAI model at all: the 10²³ indicative criterion

The legal test (Article 3(63))

The Commission's operationalisation

Rebuttable both ways

Model lifecycle: when obligations attach and what counts as the "same model"

When a downstream modifier becomes a provider: the one-third-compute rule

Estimating cumulative training compute

Two estimation approaches

What counts and what is excluded

Estimates, not exact counts

Determining who the provider is

Open-source status and where it stops

Systemic-risk classification: what the Guidelines clarify

AI agents

Enforcement timeline and the AI Office's powers

How to operationalise GPAI-model scoping in Modulos

Cross-framework mapping (preview)

Settled vs vague (per Commission guidance)

Related pages

Source attribution