EU AI Act Regulation 2024/1689 creates two distinct regulatory tracks for AI systems that are often confused: the high-risk AI system track (Chapter III) and the General-Purpose AI model track (Chapter V). These are not mutually exclusive -- a single AI system can trigger obligations under both. Understanding the difference, and the overlap, is essential for any organisation developing or deploying AI in the EU.
What Is a General-Purpose AI Model?
Article 3(63) defines a General-Purpose AI (GPAI) model as an AI model -- including where trained with a large amount of data using self-supervision at scale -- that displays significant generality and is capable of performing a wide range of distinct tasks and which can be integrated into a variety of downstream systems or applications.
This covers large language models (LLMs), foundation models, and similar architectures. Crucially, the definition focuses on the model, not the application built on top of it.
What Is a High-Risk AI System?
A high-risk AI system is defined by its use case, not its architecture. Under Article 6 and Annex III, a system is high-risk if it falls into one of eight categories:
- Biometric identification and categorisation
- Management of critical infrastructure
- Education and vocational training
- Employment and worker management
- Access to essential private and public services
- Law enforcement
- Migration and border control
- Administration of justice
A system is also high-risk if it is a safety component of a product regulated under Annex I (medical devices, machinery, aviation, etc.).
The Overlap: When a GPAI Model Powers a High-Risk Application
This is where most organisations get into trouble. Consider an enterprise that fine-tunes an LLM (a GPAI model) to power a CV screening tool (a high-risk AI system under Annex III, point 4). The resulting application triggers both regulatory tracks:
| Dimension | GPAI Model Obligations (Chapter V) | High-Risk AI System Obligations (Chapter III) |
|---|---|---|
| Applies to | The model itself (even before integration) | The application built on the model, in its specific use case |
| Who bears them | The provider of the GPAI model | The provider of the high-risk AI system (may be the same or different entity) |
| Key obligations | Technical documentation, transparency, copyright policy, energy transparency | Risk management, Annex IV documentation, logging, human oversight, conformity assessment |
| Systemic risk tier | GPAI models with systemic risk (above compute threshold) have additional obligations under Articles 51-55 | N/A -- systemic risk is a GPAI concept |
| Registration | GPAI models registered in EU database (Article 71) | High-risk AI systems registered separately (Article 49) |
Systemic Risk: The Additional GPAI Tier
Articles 51-55 create a higher tier of obligation for GPAI models that are deemed to pose systemic risk. The current threshold is a training compute of more than 10^25 FLOPs (floating point operations). Models above this threshold must:
- Conduct model evaluations including adversarial testing
- Assess and mitigate systemic risks
- Report serious incidents to the European AI Office
- Ensure an adequate level of cybersecurity protection
For most organisations, the systemic risk tier applies only if they are the original developer of frontier models, not if they fine-tune or deploy them.
Practical Scenarios
| Scenario | GPAI obligations? | High-risk obligations? |
|---|---|---|
| You develop and release an LLM via API | Yes -- Chapter V applies to you as GPAI provider | Only if the LLM itself is designed for a specific Annex III use case |
| You fine-tune an open-source LLM for hiring screening | Possibly -- if your fine-tuning output qualifies as a GPAI model under Article 3(63) | Yes -- the hiring screening application is high-risk under Annex III, point 4 |
| You use an external LLM API to build a credit scoring product | No -- the LLM provider carries GPAI obligations; you are a downstream deployer | Yes -- your credit scoring product is high-risk under Annex III, point 5 |
| You build a general-purpose AI assistant with no specific Annex III use case | Yes -- if it meets the GPAI definition | No -- unless it is later integrated into a high-risk application |
What to Do First
The first step is classification. Determining whether your AI system falls under Annex III, whether your model qualifies as GPAI, and whether systemic risk thresholds apply requires a structured assessment. The Vigilens classifier covers Annex III, Article 5 (prohibited practices), and GPAI applicability in six questions.
Frequently Asked Questions
Is an LLM always considered a GPAI model under the EU AI Act?
Not automatically. The definition in Article 3(63) requires the model to be trained with a large amount of data using self-supervision at scale and to display significant generality across a wide range of distinct tasks. Small task-specific models or models with a narrow intended purpose may not qualify as GPAI.
What is the compute threshold for GPAI systemic risk?
Article 51 sets the current threshold at training compute exceeding 10^25 floating point operations (FLOPs). The European AI Office is required to update this threshold as technology evolves. Models above the threshold carry additional obligations under Articles 51-55 including model evaluations, adversarial testing, and incident reporting.