Author: MCP Service

  • NIST AI Risk Management Framework Playbook Guide for Research Offices

    The NIST AI Risk Management Framework Playbook is a voluntary, non-mandatory companion resource that translates the four functions of the NIST AI RMF — Govern, Map, Measure, Manage — into suggested actions research offices can adapt into a working AI-tool review checklist, without adopting the document as a rigid audit standard.

    The AI RMF Playbook is a reference companion to NIST AI RMF 1.0, published by the U.S. National Institute of Standards and Technology on 26 January 2023, that maps suggested implementation actions to each subcategory in the framework’s Core (Tables 1–4). Research administration offices evaluating AI writing tools, manuscript-screening systems, grant-matching algorithms, or peer-review assistants are increasingly being asked — by faculty, ethics committees, or funders — to show some structured basis for that review. The Playbook is the most directly usable NIST artefact for building one, but most explainers stop at describing the four functions rather than showing how a research office turns them into an actual intake form. This walkthrough does that conversion.

    What is the NIST AI RMF Playbook?

    The NIST AI Risk Management Framework Playbook is a living, voluntary implementation resource published alongside AI RMF 1.0. NIST’s AI Resource Center states plainly that the Playbook “is neither a checklist nor set of steps to be followed in its entirety” — organisations are meant to borrow “as many – or as few” suggestions as fit their use case.

    Each suggestion in the Playbook is tied to a specific subcategory under one of the framework’s four functions:

    • Govern — establishes the culture, policies, and accountability structures for managing AI risk across the organisation.
    • Map — establishes context: what the AI system does, who it affects, and what could go wrong.
    • Measure — analyses, benchmarks, and tracks identified risks using quantitative and qualitative methods.
    • Manage — allocates resources to risks by priority and monitors the system after deployment.

    NIST distributes the Playbook as a PDF, CSV, Excel workbook, and JSON file via the AI Resource Center, and it is updated approximately twice per year as AI technology and community feedback evolve. That release cadence matters operationally: a review checklist built from the Playbook should be version-dated and re-checked against each update rather than treated as a one-time policy document.

    Turning the four functions into a research-office AI-tool checklist

    The Playbook’s value for a research office is not the four function names — it is the subcategory-level actions underneath them, which read almost like intake-form questions once relabelled. Below is a working mapping from AI RMF 1.0 Core subcategories to the questions a research administration office can ask when a faculty member or department proposes adopting an AI tool (a manuscript screener, grant-matching assistant, or peer-review support system).

    AI RMF subcategory (paraphrased) Research-office checklist question
    GOVERN 1.1 — legal and regulatory requirements are understood and documented Does this tool trigger institutional research-ethics, data-protection, or funder AI-disclosure obligations?
    GOVERN 2.1 — roles and responsibilities for AI risk are assigned Who in the office owns ongoing oversight of this tool once it is approved?
    MAP 1.1 — intended purpose and deployment context are understood What specific research-administration task is this tool being used for, and by whom?
    MAP 5.1 — likelihood and magnitude of impacts are assessed What happens to a manuscript, grant application, or reviewer assignment if the tool errs?
    MEASURE 2.6 / 2.7 — safety, security, and resilience are evaluated Has the vendor supplied evidence of testing for bias, data leakage, or hallucinated citations?
    MANAGE 1.1 — determination of whether the system meets its objectives Did a pilot period show the tool actually improves the workflow it was bought for?
    MANAGE 4.1 — post-deployment monitoring plans are implemented Who re-reviews this tool annually, and what triggers an early re-review?

    Built this way, the checklist stays traceable to a named NIST subcategory for every question an ethics committee or auditor might ask “why do you check this?” — which is the practical benefit of using the Playbook rather than writing a bespoke policy from scratch.

    NIST AI RMF Playbook vs ISO 42001 vs the EU AI Act Code of Practice

    Research offices operating internationally increasingly need to know how the voluntary US framework relates to certifiable and regulatory instruments used elsewhere. None of the three is a substitute for the others; they serve different purposes and audiences.

    Framework Status Best fit for a research office
    NIST AI RMF 1.0 + Playbook Voluntary US guidance, published January 2023 Building an internal AI-tool review process and shared vocabulary
    ISO/IEC 42001:2023 Certifiable international AI management-system standard Institutions seeking third-party certification of their AI governance programme
    EU AI Act General-Purpose AI Code of Practice Regulatory compliance mechanism under Regulation (EU) 2024/1689, applying to GPAI providers from August 2025 Institutions in, or contracting with, the EU that procure general-purpose AI models

    A practical pattern for a research office with European partners: use the AI RMF Playbook’s subcategories to build the internal checklist, use ISO 42001’s clause structure if formal certification is the goal, and treat the EU AI Act Code of Practice as a due-diligence question to put to any GPAI vendor — “can you show your Code of Practice commitments?” — rather than as a framework the research office itself must implement.

    Answer-first questions about the AI RMF Playbook

    What is the NIST AI RMF Playbook?

    The NIST AI RMF Playbook is a voluntary companion resource to NIST AI RMF 1.0 that provides suggested actions for each subcategory across the framework’s four functions — Govern, Map, Measure, and Manage. It is not a checklist to complete in full; organisations select the suggestions relevant to their own AI use case.

    What are the two main parts of the NIST AI RMF?

    NIST AI RMF 1.0 is structured in two parts: Part 1 sets out foundational context — the framing of AI risks and the characteristics of trustworthy AI — and Part 2 contains the Core, organised into the four functions, their categories, and subcategories that the Playbook then operationalises.

    Is NIST AI RMF compliance mandatory?

    No. The AI RMF and its Playbook are voluntary for private organisations and most research institutions; there is no certification body. Some US federal agencies reference it in AI-procurement guidance, and funders or partner institutions may ask an office to show alignment as a matter of due diligence rather than legal obligation.

    What are the seven steps of the NIST Risk Management Framework?

    The seven-step RMF — Prepare, Categorize, Select, Implement, Assess, Authorize, Monitor — comes from NIST SP 800-37, a separate cybersecurity authorisation framework for federal information systems. It is distinct from the AI RMF’s four functions; research offices should not conflate the two when a vendor or auditor cites “the NIST framework.”

    Implications for research offices

    Research administration is adopting AI tools faster than most offices have built governance for: manuscript-screening assistants, grant-matching engines, and reviewer-recommendation systems are already in use across publishers and institutions. Building the intake checklist directly from AI RMF Playbook subcategories gives a research office a defensible answer when asked how a tool was vetted, without waiting for a mandatory US or UK regulatory framework to arrive.

    Because NIST revises the Playbook roughly twice yearly, and because the EU AI Act’s GPAI obligations are still being phased in through 2025–2026, offices that adopt this checklist approach should treat it as a living document, re-checked at each Playbook release rather than filed away after a single review cycle.

  • GPAI Code of Practice Signatories: Who Signed and What It Means for Research Tool Vendors

    As of mid-2026, Amazon, Anthropic, Google, IBM, Microsoft, OpenAI, Mistral AI and Aleph Alpha have signed the EU’s General-Purpose AI Code of Practice in full, xAI has signed only its Safety and Security chapter, and Meta has declined to sign at all. For research offices and publishers procuring AI-enabled tools, a vendor’s foundation-model supplier and that supplier’s gpai code of practice signatories status is now a material, checkable compliance signal.

    The General-Purpose AI Code of Practice (GPAI CoP) is a voluntary compliance framework, published by the European Commission on 10 July 2025, that lets providers of general-purpose AI models demonstrate adherence to the transparency, copyright and safety obligations of the EU AI Act’s Articles 53 and 55.

    Which AI labs have signed the Code of Practice?

    The European Commission maintains and continuously updates a public list of signatories on its digital-strategy portal. Signatories were first published on 1 August 2025, one day before the AI Act’s GPAI obligations took effect on 2 August 2025. The largest foundation-model providers active in academic and publishing tooling have signed all three chapters.

    Provider Signature status Chapters covered
    OpenAI Full signatory Transparency, Copyright, Safety and Security
    Microsoft Full signatory Transparency, Copyright, Safety and Security
    Google Full signatory Transparency, Copyright, Safety and Security
    Amazon Full signatory Transparency, Copyright, Safety and Security
    Anthropic Full signatory Transparency, Copyright, Safety and Security
    IBM Full signatory Transparency, Copyright, Safety and Security
    Mistral AI Full signatory Transparency, Copyright, Safety and Security
    Aleph Alpha Full signatory Transparency, Copyright, Safety and Security
    xAI Partial signatory Safety and Security only
    Meta Non-signatory None

    A Signatory Taskforce, chaired by the EU AI Office, was established to help signing providers implement the Code consistently and to keep the commitments current as models are updated. Institutions should check the Commission’s live list before relying on any third-party summary, including this one, since new signatories are added on a rolling basis.

    Which major providers have not signed, and why?

    Meta is the most significant non-signatory. In July 2025, Meta’s Chief Global Affairs Officer Joel Kaplan stated that the Code introduces legal uncertainties and obligations that “go far beyond the scope of the AI Act,” and confirmed Meta would not sign. xAI took a narrower position, signing only the Safety and Security chapter while rejecting the Transparency and Copyright chapters as, in the company’s view, potentially harmful to innovation.

    • Meta — declined to sign any chapter
    • xAI — signed Safety and Security only; declined Transparency and Copyright
    • Alibaba, Baidu and DeepSeek — no public commitment to sign as of early 2026

    Declining to sign does not exempt a provider from the AI Act itself. The Code is a voluntary route to demonstrating compliance; the underlying legal obligations in Articles 53 and 55 remain binding on any GPAI provider placing a model on the EU market, signatory or not.

    What does signing actually commit a provider to?

    The Code is organised into three chapters, each addressing a distinct obligation under the AI Act. Signing the full Code commits a provider to detailed documentation, copyright policy and, for the largest models, systemic-risk management.

    • Transparency — model documentation covering capabilities, limitations and training-data summaries, shared with downstream providers on request within 14 calendar days.
    • Copyright — a policy aligned with EU copyright law, including respecting rights-holder opt-outs and mitigating infringing outputs.
    • Safety and Security — applies only to models classified as carrying systemic risk (broadly, those trained above 1025 floating-point operations, per Article 55); requires independent external evaluation, incident reporting and a documented risk-management framework.

    Non-signatories that provide GPAI models must still satisfy Articles 53 and 55 through other means and face closer supervisory scrutiny from the AI Office. Under Article 101 of the AI Act, the Commission can fine GPAI providers up to €15 million or 3% of total worldwide annual turnover, whichever is higher, for breaches of these obligations — the same penalty tier applies regardless of Code signature status.

    What this means for research-tool vendor risk assessments

    Research offices, publishers and institutional procurement teams rarely contract directly with foundation-model developers. They contract with the AI-enabled research tools — plagiarism and integrity checkers, peer-review triage systems, writing and translation assistants, literature-discovery platforms — built on top of those models. The signatory status of the underlying model provider is a proxy for how much documentation, incident transparency and risk evidence a research-tool vendor can realistically pass through to an institutional buyer.

    A vendor built on a full Code signatory’s model can typically point to a standardised Model Documentation Form, published training-data summaries, and (for systemic-risk models) an externally evaluated Safety and Security Model Report. A vendor built on a non-signatory model has none of this by default; it must obtain equivalent assurances directly from its model supplier or demonstrate compliance through bespoke documentation, which is harder for a research office to verify at procurement stage.

    • Ask vendors which foundation model(s) power their product and whether that provider is a full, partial or non-signatory.
    • For partial signatories such as xAI, confirm whether the tool relies on capabilities covered only by the unsigned Transparency or Copyright chapters.
    • Where a vendor relies on a non-signatory model, request the provider’s own AI Act compliance documentation directly, rather than accepting the vendor’s assurance alone.
    • Track the Commission’s signatory list periodically — a vendor’s compliance posture can change as its underlying model supplier’s status changes.

    This procurement lens is distinct from the legal-compliance framing most coverage of the Code takes: research administration offices are not GPAI providers themselves, but they inherit downstream documentation risk every time they adopt an AI-enabled tool, a consideration that belongs alongside existing due-diligence practice for research administration vendor reviews.

    Common questions on GPAI Code of Practice signatories

    What is a GPAI system?

    A general-purpose AI (GPAI) model is a foundation model, such as those underpinning ChatGPT, Gemini or Claude, capable of performing a wide range of tasks without being built for one specific use. Under the AI Act, providers of GPAI models placed on the EU market carry distinct transparency and, above certain compute thresholds, systemic-risk obligations.

    What happens if a provider does not sign the Code of Practice?

    A non-signatory is not exempt from the AI Act. It must demonstrate compliance with Articles 53 and 55 through alternative means, and the EU AI Office has indicated it will apply closer regulatory scrutiny to non-signatories, increasing enforcement uncertainty relative to signatories.

    What are the penalties for GPAI Act non-compliance?

    Under Article 101 of the AI Act, the Commission can fine a GPAI provider up to €15 million or 3% of total worldwide annual turnover, whichever is higher, for breaches of the transparency, copyright or systemic-risk obligations, independent of whether the provider signed the Code.

    Can a provider sign only part of the Code of Practice?

    Yes. xAI signed only the Safety and Security chapter of the Code, declining the Transparency and Copyright chapters. Partial signature means a provider gains reduced administrative burden for the chapters it signed, while still needing to demonstrate compliance with the others through other evidence.

    Outlook for research administration

    The signatory list will keep shifting as new models cross the compute thresholds in Articles 53 and 55, and as the Signatory Taskforce publishes further implementation guidance. Research offices building AI-tool procurement checklists should treat Code of Practice status as one input alongside existing vendor due-diligence questions on data provenance, licensing terms and institutional data protection — not as a substitute for direct verification against the Commission’s live signatory list.

  • EU AI Act GPAI Code of Practice for Procurement

    The EU AI Act GPAI Code of Practice is a voluntary framework, published 10 July 2025 under Article 56, that lets general-purpose AI model providers demonstrate compliance with the Act’s transparency, copyright and safety obligations. Most major providers have signed; Meta and leading Chinese developers have not — a distinction procurement teams should weigh directly.

    The EU AI Act GPAI Code of Practice is the European Commission’s stopgap compliance tool for general-purpose AI (GPAI) model providers: a set of voluntary commitments, confirmed adequate by the Commission and the EU AI Board, that bridges the gap between the AI Act’s legal obligations and the harmonised European standards still years from adoption. For research institutions now procuring AI writing assistants, literature-review tools, and data-analysis copilots — most of which are built on a small number of underlying GPAI models — signatory status has become a practical, checkable proxy for regulatory risk.

    What is the EU AI Act GPAI Code of Practice?

    Article 56 of the EU AI Act establishes the Code of Practice as a voluntary mechanism GPAI model providers can use to demonstrate compliance with the obligations set out in Articles 53 and 55, until dedicated harmonised European standards are drafted by CEN-CENELEC — a process expected to take until 2027 or later. The final Code was published on 10 July 2025, following a multi-stakeholder drafting process the AI Office launched in October 2024.

    The Code has three chapters. The Transparency and Copyright chapters apply to every GPAI model provider placing a model on the EU market. The Safety and Security chapter applies only to providers of GPAI models with systemic risk — models presumed to meet that threshold once cumulative training compute exceeds 10^25 floating-point operations (FLOP). Epoch AI’s tracking of large-scale models puts the number of providers currently above that threshold at roughly 11 to 15 worldwide, meaning the systemic-risk chapter is a small-club obligation while transparency and copyright commitments apply far more broadly.

    GPAI obligations have applied since 2 August 2025. Enforcement — requests for information, model access, or recalls — begins 2 August 2026; providers of models already on the market before August 2025 have until 2 August 2027 to reach full compliance. Signatories get that runway with reduced scrutiny; non-signatories must prove compliance by other, more burdensome, means from day one.

    One point of confusion worth clearing up: the GPAI Code of Practice (Article 56) is not the separate Code of Practice on marking and labelling AI-generated content that the Commission published in June 2026 under Article 50. The two cover different obligations — model-level transparency and safety versus output-labelling — and procurement teams should confirm which one is relevant to the tool in question.

    Who has signed the GPAI Code of Practice — and who hasn’t?

    The Commission publishes and maintains the official signatory list. Signatories include OpenAI, Anthropic, Google, Microsoft, Amazon, IBM, France’s Mistral AI, and Germany’s Aleph Alpha — the providers behind most GPAI models embedded in commercially available research and productivity tools.

    Two gaps matter for procurement due diligence:

    • Meta has publicly declined to sign the Code, citing legal uncertainty over some of its transparency and copyright commitments.
    • Major Chinese developers — including Alibaba, Baidu, and DeepSeek — have not signed, leaving their models entirely outside the Code’s voluntary compliance pathway for EU deployments.
    • xAI has signed only the Safety and Security chapter, not the Transparency or Copyright chapters — a partial-adherence position that is easy to miss if a procurement team checks “has this vendor signed the Code?” as a single yes/no question rather than chapter by chapter.

    That last nuance is the one most procurement checklists get wrong. Chapter-level adherence, not blanket signatory status, is the correct unit of due diligence.

    A procurement checklist: evaluating AI vendors under the Code

    Most AI tools institutions buy — literature-review assistants, grant-drafting copilots, coding and data-analysis tools — wrap a small number of underlying GPAI models. Procurement teams rarely negotiate directly with OpenAI or Google; they negotiate with a SaaS vendor built on top of one. Tracing the underlying model, and its provider’s Code chapter adherence, is a genuine due-diligence step, not a formality.

    Evaluation question If the underlying GPAI provider is a signatory If not, or only partially
    Model documentation Standardised Model Documentation Form available on request, covering training data summary, compute, and energy use No standard form; institution must request bespoke documentation or accept a documentation gap
    Copyright policy Documented policy on lawful data collection and machine-readable rights signals, plus a complaints contact point Institution bears greater burden to assess copyright exposure independently
    Systemic-risk safeguards (where applicable) Safety and Security Framework, incident reporting, and evaluation regime in place No equivalent framework confirmed; higher-risk models warrant closer technical review
    Regulatory exposure Commission enforcement focuses on monitoring; Code commitments can mitigate fines Vendor faces fuller compliance burden by alternative means; more regulatory requests likely

    Practical steps for a research-institution procurement or IT-governance office:

    • Ask every AI vendor which underlying GPAI model(s) power their product, not just the vendor’s own brand name.
    • Check chapter-level adherence against the Commission’s published signatory list — Transparency, Copyright, and Safety and Security are separate commitments.
    • Request the Model Documentation Form (or equivalent) as a contractual deliverable, not an optional extra, where the underlying provider is a signatory.
    • For non-signatory or partial-signatory models, budget additional time for independent technical and legal review before approving procurement.
    • Record Code of Practice status in the institution’s AI-tool risk register alongside existing data-protection and accessibility checks.

    What this means for research institutions

    Universities and funders are not the direct addressees of Article 56 — GPAI model providers are. But procurement decisions inherit the compliance posture of whichever models sit underneath the tools researchers use. A literature-synthesis tool built on a Code-compliant model comes with documented training-data provenance and a defined incident-reporting channel; one built on a non-signatory model does not, and the institution absorbs that gap as its own due-diligence burden.

    Research administration offices already run vendor risk assessments for data protection and accessibility; Code of Practice adherence is a natural addition to that workflow. As enforcement ramps toward the 2 August 2026 date and the 2027 deadline for legacy models, institutions that have already mapped their AI-tool stack to underlying GPAI providers will face far less disruption than those discovering the dependency mid-audit.

    The Code remains voluntary and harmonised standards are still years away. Until CEN-CENELEC finalises them, signatory status is the clearest available signal of a provider’s regulatory posture — and the most defensible basis on which an institution can currently justify an AI procurement decision to its own governance body.

    Common questions about the GPAI Code of Practice

    Is the GPAI Code of Practice legally binding?

    No. The Code of Practice is voluntary, established under Article 56 of the EU AI Act as an interim compliance route. Providers who sign it can use adherence to demonstrate compliance with Articles 53 and 55; non-signatories must prove compliance through other, generally more burdensome, means.

    Has Meta signed the EU AI Act GPAI Code of Practice?

    No. Meta has publicly declined to sign the Code of Practice, citing concerns about legal uncertainty in some of its Transparency and Copyright commitments. This places Meta’s GPAI models outside the Code’s voluntary compliance pathway for EU deployments.

    What happens if an AI vendor does not sign the Code of Practice?

    A non-signatory provider must demonstrate AI Act compliance through alternative means, which the Commission has indicated will typically involve more requests for information and closer scrutiny. Institutions procuring tools built on non-signatory models should expect a heavier independent due-diligence burden.

    When does enforcement of the GPAI Code of Practice begin?

    AI Office enforcement action begins 2 August 2026 for models placed on the market after August 2025. Providers of models already on the market before that date have until 2 August 2027 to bring them into full compliance.

    The bottom line for research institutions: signatory status under the GPAI Code of Practice is not a legal requirement, but it is fast becoming the practical baseline against which every AI procurement decision — from a departmental writing assistant to an institution-wide research-administration platform — should be measured.

  • AI Act Penalties for Public Sector Research

    Universities and public research bodies are covered by the EU AI Act’s penalty framework, but they are not fined like companies. Article 99(8) of Regulation (EU) 2024/1689 leaves it to each Member State to decide how far, and whether, administrative fines apply to public authorities and bodies established on its territory — a carve-out that no generic “AI Act penalties” explainer written for commercial vendors mentions. This article sets out what research institutions actually risk, and when.

    The EU AI Act is Regulation (EU) 2024/1689, the world’s first comprehensive cross-sectoral law regulating artificial intelligence, which entered into force on 1 August 2024 and applies a risk-tiered set of obligations and fines to providers and deployers of AI systems, including public-sector research organisations.

    How does the AI Act’s tiered fine structure work?

    Article 99 of the AI Act sets three tiers of administrative fine, scaled to the seriousness of the breach. The ceilings are deliberately set above the GDPR’s €20 million/4% cap to signal that AI enforcement is meant to have real teeth from the outset.

    • Tier 1 — prohibited practices (Article 5): up to €35 million or 7% of worldwide annual turnover, whichever is higher, for banned uses such as social scoring, subliminal manipulation, or untargeted facial-recognition scraping.
    • Tier 2 — high-risk system non-compliance: up to €15 million or 3% of turnover for failing to meet risk-management, data-governance, documentation, or human-oversight duties for high-risk AI systems.
    • Tier 3 — misleading information: up to €7.5 million or 1% of turnover for supplying incorrect, incomplete, or misleading information to a market surveillance authority or notified body.

    Recital 81 requires that whatever figure a Member State ultimately sets, penalties must be “effective, proportionate and dissuasive” — the same three-part test used elsewhere in EU law, including data protection enforcement.

    Are universities and public bodies fined the same as companies?

    Not automatically. Article 99(8) states that each Member State shall lay down rules on the extent to which administrative fines may be imposed on public authorities and bodies established in that Member State. This single clause is the crux of institutional liability for universities, national research councils, and other publicly funded research organisations — and it is the fact almost entirely absent from commercial-vendor-focused coverage of “AI Act penalties”.

    In practice, this means the €35m/7% ceiling is not a fixed number for a university — it is a national policy choice. Member States are free to:

    • Apply the full commercial fine scale to public bodies, to preserve a level playing field;
    • Set a lower cap or a fixed-fee schedule that reflects public funding constraints; or
    • Substitute non-monetary corrective measures (compliance orders, publication of findings) in place of fines for state-funded bodies.

    Because transposition is still working through national legislatures as of mid-2026, a university’s actual exposure depends on where it is established, not on the AI Act’s headline figures alone. Research administrators should check their national AI Act implementing law — not the regulation’s text alone — to find their institution’s real ceiling.

    How are EU institutions and agencies treated differently?

    The Act does draw one explicit, EU-wide distinction between public and commercial actors. Article 100 subjects the EU’s own institutions, bodies, offices and agencies to a separate, lower fine scale, enforced by the European Data Protection Supervisor (EDPS) rather than a national market surveillance authority. For prohibited practices, the EU-institution ceiling is €1.5 million; for other infringements, €750,000 — roughly 4–5% of the commercial ceilings.

    This confirms, in the Act’s own text, that the legislature considered public-sector and non-profit bodies a distinct risk-and-resource category rather than an oversight gap. It also gives national legislators a concrete precedent to draw on when they set their own Article 99(8) rules for universities and public research bodies within their jurisdiction.

    AI Act fine ceilings by actor type
    Actor type Prohibited practices High-risk non-compliance Misleading information Who enforces
    Commercial company €35m or 7% turnover €15m or 3% turnover €7.5m or 1% turnover National market surveillance authority
    University / public research body Set by national law (Art. 99(8)) Set by national law (Art. 99(8)) Set by national law (Art. 99(8)) National market surveillance authority
    EU institution, body or agency €1.5m (Art. 100) €750,000 (Art. 100) €750,000 (Art. 100) European Data Protection Supervisor

    Who actually enforces the AI Act against a university?

    Enforcement is decentralised. Each Member State designates one or more national market surveillance authorities under Article 70 to police AI Act compliance within its territory, including by public bodies. At EU level, the European AI Office, established within the European Commission in February 2024, holds exclusive competence over general-purpose AI model providers and coordinates cross-border enforcement — but it does not directly fine individual universities for high-risk system misuse; that remains a national market-surveillance-authority function.

    For a research institution, this means the practical first point of regulatory contact is a domestic body — often the same authority, or one working alongside the authority, that already handles product-safety or data-protection oversight — not Brussels.

    Where is research-sector exposure highest?

    AI systems used in education and vocational training — including tools that determine admission, assess students, or monitor exam conduct — are classified as high-risk under Annex III(3) of the AI Act. High-risk obligations (risk management, technical documentation, human oversight, data governance) become directly applicable from 2 August 2026, per the Act’s phased implementation timetable, alongside the general application date set for most remaining provisions.

    Universities and research funders deploying AI for admissions scoring, plagiarism or research-integrity screening, automated grant-assessment triage, or proctoring therefore carry the same substantive compliance duties as a commercial high-risk provider — only the fine ceiling, under Article 99(8), may differ nationally. Institutions using such tools should not assume “non-profit” status reduces their compliance workload; it may only affect the penalty if that workload is neglected.

    Answer-first Q&A

    What is the penalty for violating the AI Act?

    Penalties follow a three-tier structure under Article 99: up to €35 million or 7% of global turnover for prohibited practices, up to €15 million or 3% for high-risk non-compliance, and up to €7.5 million or 1% for misleading regulators. Public bodies fall under a separate national rule set by Article 99(8) rather than these fixed ceilings.

    What is the penalty for prohibited AI use cases under the EU AI Act?

    Prohibited practices — such as social scoring, subliminal manipulation, and untargeted biometric scraping — carry the Act’s highest tier: up to €35 million or 7% of worldwide annual turnover, whichever is higher. This is the ceiling that also anchors the national rules Member States must write for public authorities under Article 99(8).

    Is the AI Act legally binding?

    Yes. As an EU Regulation (2024/1689), the AI Act is directly applicable and legally binding in every Member State without national transposition legislation, unlike a Directive. Member States must still legislate separately on penalty specifics for public bodies under Article 99(8) and designate enforcement authorities under Article 70.

    What this means for research administrators

    Three actions follow directly from the text. First, confirm whether your national government has finalised its Article 99(8) rules for public-sector fines — many are still in transposition as of mid-2026, so the applicable ceiling for your institution may not yet be settled. Second, audit any admissions, assessment, or proctoring AI against the Annex III(3) high-risk classification ahead of the 2 August 2026 application date. Third, treat the Article 100 EDPS regime for EU bodies as the closest available precedent for how a “public-interest, non-commercial” fine schedule is likely to be structured nationally — proportionate, but not zero.

    The direction of travel is clear: research institutions are inside the AI Act’s enforcement perimeter, not outside it. The open question, left deliberately to national law, is how hard that enforcement bites.

  • EU AI Office: Enforcement for Research Bodies

    The EU AI Office does not enforce most of the AI Act. It is a European Commission unit, inside the Directorate-General for Communications Networks, Content and Technology (DG CNECT), with exclusive competence over general-purpose AI (GPAI) models. Day-to-day enforcement against high-risk AI systems — the category covering most tools used in universities, funders and public research bodies — falls to each Member State’s national market surveillance authority, not the AI Office.

    The EU AI Office is the Commission’s central coordinating body for Regulation (EU) 2024/1689 (the AI Act), responsible for supervising GPAI models, chairing the technical governance structure and preparing Commission guidance — while national authorities retain enforcement power over almost everything else.

    What is the EU AI Office?

    The AI Office was established by a European Commission decision in January 2024, alongside political agreement on the AI Act. It sits within DG CNECT rather than as a stand-alone agency, and functions legally as part of the Commission — so references to “the AI Office” in the Act’s text are references to the Commission acting through that unit.

    Its headquarters are in Brussels. Wikipedia’s infobox for the European Artificial Intelligence Office records around 60 staff at 2024 launch, projected above 140, under Director Lucilla Sioli. The Office also acts as Secretariat to the European AI Board, the forum of one representative per Member State coordinating national implementation.

    • Supervises GPAI model providers under AI Act Chapter V
    • Drafts codes of practice, guidelines and implementing acts for the Commission
    • Coordinates joint investigations across Member States on cross-border AI risk
    • Runs the AI Act Service Desk and single information platform
    • Chairs the scientific panel of independent experts monitoring systemic-risk models

    Who actually enforces the AI Act — the AI Office or national authorities?

    Enforcement is split by system type, not centralised in one body. The AI Office’s remit is narrow but powerful: only GPAI models and systems — the foundation models underpinning many downstream research tools. Everything else, including the high-risk systems a university, funder or public research agency is far more likely to deploy directly, is enforced nationally.

    Each Member State designates one or more market surveillance authorities (MSAs) under Article 74, alongside a “notifying authority” overseeing conformity-assessment bodies. Because States may designate sector-specific bodies rather than one regulator, the map is fragmented: CMS Law’s 2025 enforcement analysis notes that, once sectoral designations are counted, several thousand bodies across the EU can hold market-surveillance-authority status, with AI systems now added to their remit.

    A separate rule applies to the EU’s own institutions. Under Article 74(9), the European Data Protection Supervisor (EDPS) is the market surveillance authority for AI systems used by EU institutions, bodies, offices and agencies — relevant to EU-funded research infrastructures and executive agencies, as distinct from national universities and funders.

    Body Enforces Covers Key power
    EU AI Office GPAI model obligations (Chapter V) Foundation-model providers, EU-wide Model evaluations, mitigation orders, market withdrawal
    National market surveillance authority High-risk and other AI system obligations Deployers/providers within one Member State, incl. universities and public bodies Inspections, corrective orders, fines
    European Data Protection Supervisor All AI Act obligations EU institutions, bodies, offices and agencies Fines against EU public administration
    European AI Board Coordination, not direct enforcement All 27 Member States (via national reps) Consistency, joint-investigation coordination

    Does the research exemption apply to universities and public bodies?

    Partly, and the boundary matters more than most explainers acknowledge. Article 2(8) states that obligations do not apply to research, testing or development activity on an AI system before it is placed on the market or put into service. Article 2(6) separately exempts systems developed and used for the sole purpose of scientific research and development.

    Neither carve-out protects a university once it moves from research into operational use. Annex III(3) classifies AI systems used to evaluate exam answers, determine admission or assess applicants as high-risk. A plagiarism-detection or admissions-scoring tool a university actually deploys against students is therefore fully in scope — and, because most universities and funders are “bodies governed by public law”, Article 27 requires a fundamental rights impact assessment (FRIA) before deployment.

    How can research institutions and public bodies seek guidance?

    Three channels exist, and institutions frequently default to the wrong one. The AI Act Service Desk (ai-act-service-desk.ec.europa.eu) is the Commission’s central portal where any stakeholder, including a university legal office or funder’s compliance team, can submit a question and get an answer from a Commission-coordinated expert team; it is the right first stop for interpretive questions on scope, classification or the research exemptions above.

    For enforcement-specific queries — “is our deployed system high-risk, and what must we file?” — the correct contact is the national market surveillance authority in the institution’s own Member State, not the AI Office, which has no jurisdiction over nationally-deployed high-risk systems. EU-affiliated bodies should instead approach the EDPS. National governments must separately establish AI regulatory sandboxes, giving public research bodies a supervised route to trial new systems before full-scale deployment.

    What are the penalties for AI Act non-compliance?

    Article 99 sets three fine tiers, using the higher figure for large organisations and the lower for SMEs and start-ups:

    • Up to €35 million or 7% of global annual turnover for breaching prohibited AI practices (Article 5)
    • Up to €15 million or 3% of global annual turnover for breaching most other provider or deployer obligations
    • Up to €7.5 million or 1% of global annual turnover for supplying incorrect, incomplete or misleading information to authorities or notified bodies

    Article 101 gives the Commission a separate fining power against GPAI model providers, up to 3% of worldwide annual turnover or €15 million, whichever is higher, for infringements the AI Office identifies through model evaluation. Public-sector bodies are not exempt from Article 99 fines, though Member States retain some discretion over how penalties apply to public administration.

    Providers can reduce GPAI exposure by signing the General-Purpose AI Code of Practice, published by the AI Office in 2025 with independent experts across transparency, copyright and safety/security chapters. Adherence is voluntary but, pending harmonised standards, creates a presumption of conformity — worth knowing for institutions procuring GPAI tools from signatory vendors.

    Answer-first questions on the EU AI Office

    Where is the EU AI Office?

    The EU AI Office is headquartered in Brussels, inside the European Commission’s Directorate-General for Communications Networks, Content and Technology (DG CNECT). It is not a separate legal agency; it operates as a Commission unit with its own director, staff and published mandate under the AI Act’s governance provisions.

    Who is the head of the EU AI Office?

    The EU AI Office is led by Director Lucilla Sioli, who reports within DG CNECT’s management structure. The director’s mandate covers GPAI supervision, Secretariat duties for the European AI Board, and coordination of the scientific panel of independent experts that monitors systemic-risk models.

    What is a market surveillance authority?

    A market surveillance authority is the national body a Member State designates to monitor, inspect and take corrective or punitive action against non-compliant products — including, under the AI Act, high-risk AI systems deployed within that country’s territory, such as university admissions or assessment tools.

    What is post-market monitoring under the AI Act?

    Post-market monitoring is the ongoing obligation on providers and deployers of high-risk AI to actively collect and analyse performance data after deployment. It feeds directly into market surveillance authority oversight, giving regulators evidence to investigate serious incidents or systemic risk once a system is in real-world use.

    Implications for research administrators

    The practical takeaway is that “who do we ask” and “who can fine us” are different questions with different answers. The AI Office is the right destination for interpretive guidance on GPAI; the national market surveillance authority holds actual enforcement jurisdiction over a deployed high-risk system inside a research institution.

    As GPAI-based tools proliferate across grant review, plagiarism screening and admissions, institutions that conflate the AI Office’s central mandate with national enforcement risk misdirecting queries and missing the FRIA obligations Article 27 attaches to public bodies. Building this literacy now, ahead of the Act’s staged 2025–2027 application timeline, is cheaper than resolving a misdirected enforcement dispute later. For related governance context, see CASRAI’s research administration resources.

  • AI-Generated Content Code of Practice: What It Means for Journals and Preprint Servers

    The AI-Generated Content Code of Practice is the European Commission’s voluntary framework, published 10 June 2026, that helps providers and deployers of generative AI systems meet the labelling and disclosure duties in Article 50 of the EU AI Act. For journals and preprint servers, the Code’s “editorial responsibility” carve-out is the single most consequential clause: it determines whether peer-reviewed articles, preprints, and AI-assisted manuscript text trigger a public AI-disclosure requirement.

    The Code of Practice on Transparency of AI-Generated Content is a non-binding compliance instrument: it is a voluntary set of practical measures that signatories can use as evidence of compliance with the legally binding transparency obligations set out in Article 50 of Regulation (EU) 2024/1689, the EU AI Act.

    What is the AI-Generated Content Code of Practice?

    The Code of Practice on Transparency of AI-Generated Content was closed out at a plenary session on 10 June 2026, following a drafting process that ran from November 2025 through three drafting rounds, the last concluding on 8 May 2026. It was produced by the European Commission’s AI Office through two working groups: one covering obligations for providers of generative AI systems, the other covering obligations for deployers — the organisations that actually publish AI-generated or AI-assisted output.

    Providers must ensure that generated audio, image, video, and text outputs are marked in a machine-readable format detectable as artificial, using layered technical measures such as metadata and watermarking. Deployers must clearly label deepfakes and must disclose AI-generated text on matters of public interest unless that text has undergone human review and is subject to editorial responsibility. That single exemption clause is what makes the Code directly relevant to scholarly publishing.

    Article 50 vs Article 56: two different codes, not one

    Publishers should not confuse this Code with the earlier General-Purpose AI Code of Practice, finalised on 10 July 2025 under Article 56 of the AI Act. That code addresses safety, security, and copyright compliance for developers of foundation models such as GPT- and Gemini-class systems — it is not about labelling published content.

    The June 2026 Code sits under Article 50 instead, and governs transparency obligations that apply from 2 August 2026, when the wider AI Act’s transparency provisions take effect. Confusing the two codes is the most common error in early legal commentary on this development, and it matters for publishers: it is Article 50 — not Article 56 — that determines whether an AI-assisted peer-review report, cover letter, or manuscript summary requires a visible “AI” label.

    What this means for journal editorial workflows

    Peer-reviewed journal articles are the clearest case for the editorial-responsibility exemption. A manuscript that has passed through peer review, editorial decision-making, and copyediting has, by definition, undergone the “human review… subject to editorial responsibility” that Article 50(4) requires to avoid the public-disclosure trigger for AI-generated text.

    This does not remove the underlying disclosure obligation that scholarly publishing already imposes through its own ethics infrastructure. ICMJE’s Recommendations state that AI tools cannot be credited as authors because they cannot take responsibility for the submitted work, and that any generative AI use in manuscript preparation must be disclosed to editors and readers. COPE’s position statement on AI tools reaches the same conclusion: AI cannot be an author, and authors remain fully accountable for content it helped produce. The EU Code’s editorial-responsibility test and the ICMJE/COPE disclosure rule are therefore complementary, not duplicative — a journal that already enforces ICMJE-COPE disclosure norms is well placed to document compliance with the EU Code if it chooses to sign.

    • Editorial policy: confirm the AI-use disclosure clause in author guidelines references generative AI text, not only images or data.
    • Peer review reports: reviewers using AI drafting tools should disclose this to editors, mirroring the deployer disclosure logic in the Code.
    • Editorial metadata: retain records evidencing human review, since this is the documentation that supports the Article 50(4) exemption claim.

    Preprint servers: a narrower exemption path

    Preprints are structurally different. A preprint is, by design, posted before formal peer review and before an editorial board takes responsibility for its content. That means the “editorial responsibility” exemption that shelters a published journal article is much harder for a preprint server to claim at the point of posting.

    Preprint servers such as arXiv, bioRxiv, and medRxiv already run moderation screening, but screening for scope and plagiarism is not the same as the substantive editorial review Article 50(4) contemplates. Where a preprint contains AI-generated text on a matter of public interest — a policy-relevant synthesis, a public-health claim — a strict reading of the Code suggests deployer-side disclosure obligations may apply at the preprint stage, even though the same text would likely be exempt once it clears peer review and is published in a journal. Preprint operators serving EU users should treat this as a genuine compliance gap to close, not an afterthought.

    Content type Human review / editorial responsibility present? Likely Article 50 disclosure trigger
    Peer-reviewed journal article Yes — editorial board, peer review, copyediting Exempt (if AI use is disclosed per ICMJE/COPE norms)
    Preprint (pre-review) Limited — screening only, no substantive editorial review Disclosure obligation more likely to apply
    AI-generated figure or image (deepfake-style) Not applicable — separate deployer rule Labelling required regardless of review stage
    AI-assisted literature-review drafting Depends on subsequent editorial handling Case-by-case; disclose per journal policy

    Answer-first Q&A

    Is the AI-Generated Content Code of Practice mandatory?

    No. The Code of Practice is voluntary; signing it is optional. What is legally binding is Article 50 of the EU AI Act itself, which applies from 2 August 2026. Signing the Code simply gives providers and deployers, including publishers, a recognised route to demonstrate compliance with those binding obligations.

    Does the Code of Practice apply to preprints?

    The Code applies to any deployer publishing AI-generated text on matters of public interest to EU audiences, which can include preprint servers. Because preprints have not undergone substantive editorial review at posting, the editorial-responsibility exemption is harder to claim than for peer-reviewed journal articles, making preprint-stage disclosure more likely to be required.

    Can AI-generated text be listed as an author contribution?

    No. ICMJE and COPE both hold that generative AI tools cannot qualify as authors because they cannot be held accountable for the work or approve the final version. Human authors must disclose AI use and retain full responsibility for accuracy, originality, and integrity of the resulting manuscript text.

    How does this Code differ from the GPAI Code of Practice?

    The GPAI Code of Practice (Article 56, July 2025) governs foundation-model developers’ safety, security, and copyright duties. The AI-Generated Content Code of Practice (Article 50, June 2026) instead governs labelling and disclosure of AI-generated outputs by the organisations that publish them — the code directly relevant to journals and preprint servers.

    Implications and a compliance checklist

    For the publisher segment of CASRAI’s audience, the practical task is narrow but time-sensitive: journals should audit whether their existing ICMJE/COPE-aligned AI-disclosure clauses reference the Code’s editorial-responsibility test, and preprint operators serving EU readers should assess whether pre-review screening is sufficient to avoid a deployer-side disclosure obligation once Article 50 takes effect on 2 August 2026.

    • Map current author-guideline AI-disclosure language against Article 50(4)’s “human review and editorial responsibility” wording.
    • Confirm peer review and editorial sign-off records are retained as exemption evidence.
    • Assess whether preprint-stage moderation constitutes “editorial responsibility” under a plain reading of the Code, or whether additional review is needed.
    • Track AI Office guidance and signatory lists, since the Code’s practical measures may evolve as more publishers sign.

    Institutions coordinating research-integrity policy across editorial offices and research administration functions should treat this as a live compliance item for the second half of 2026, and align it with existing authorship disclosure norms rather than treating it as a separate, parallel rulebook.

  • AI Act Article 50 Transparency in Research Tools

    The EU AI Act’s Article 50 transparency obligations apply from 2 August 2026 and require any research chatbot, literature-review assistant or generative lab tool that interacts with people or produces synthetic content to disclose that it is AI. This duty is separate from the machine-readable watermarking requirement in Article 50(2), which the AI Omnibus provisional agreement has pushed back to 2 December 2026 for generative systems already on the market — so procurement teams cannot treat the whole article as delayed.

    Article 50 of Regulation (EU) 2024/1689 is the EU AI Act provision that sets disclosure duties for AI systems that interact directly with people, generate synthetic content, perform emotion recognition or biometric categorisation, or produce deepfakes and AI-written public-interest text. For research offices, this covers a growing shelf of everyday tools: AI-assisted literature-review platforms, participant-facing chatbots, lab-based generative-image tools and AI drafting assistants used in public engagement.

    What does Article 50 actually require?

    Article 50 sets out four distinct disclosure duties, and a research tool can trigger more than one at once. Under Article 50(1), providers of systems intended to interact directly with people — chatbots, virtual assistants, conversational research interfaces — must design them so users are told they are dealing with AI, at the latest by the first interaction. Draft Commission Guidelines published on 8 May 2026 confirm that AI agents fall within this duty, and that disclosure must be repeated where a single notice at the outset would not be obvious later in the exchange.

    Article 50(2) requires providers of generative AI to mark synthetic audio, image, video or text outputs in a machine-readable, detectable format. Article 50(3) requires deployers of emotion-recognition or biometric-categorisation systems to inform exposed individuals, alongside GDPR Articles 12–14. Article 50(4) requires deployers to label deepfakes and disclose AI-generated public-interest text, unless a named person holds editorial responsibility after substantive human review.

    What applies from August 2026, regardless of the watermarking delay?

    The full transparency regime enters into force on 2 August 2026. Only one obligation has been pushed back: the AI Omnibus provisional agreement of May 2026 gives generative AI systems already placed on the market before that date until 2 December 2026 to meet the machine-readable marking requirement in Article 50(2). Nothing else in Article 50 moves.

    That means the disclosure duties most relevant to research offices are unaffected by the delay:

    • Article 50(1) chatbot and virtual-assistant disclosure applies from 2 August 2026 in full.
    • Article 50(3) emotion-recognition and biometric-categorisation disclosure applies from 2 August 2026 in full.
    • Article 50(4) deepfake and public-interest text labelling applies from 2 August 2026 in full.
    • Only the technical marking format under Article 50(2) has a grace period, and only for pre-existing systems.

    A research office that assumes “the watermarking clause is delayed, so we have more time” is conflating one narrow technical carve-out with the whole article. The European Commission’s own Compliance Checker data indicates transparency obligations are the second most common compliance trigger after AI literacy, affecting around 33% of organisations that have assessed themselves against the Act.

    Which research AI tools are caught by Article 50?

    Most research-facing AI tools map cleanly onto one or more Article 50 provisions. The table below sets out the mapping research offices should use when auditing procured and internally built tools.

    Research AI tool type Article 50 provision Who must act Deadline
    Literature-review or systematic-review chatbot assistant 50(1) — AI interaction disclosure Deployer (institution), if using a third-party tool; provider, if built in-house 2 August 2026
    Participant recruitment or survey chatbot 50(1) — AI interaction disclosure Deployer 2 August 2026
    Lab tool generating synthetic images, audio or text (e.g. synthetic dataset generation) 50(2) — machine-readable marking Provider 2 August 2026; pre-existing systems to 2 December 2026 for marking only
    Emotion-recognition or biometric-categorisation research instrument 50(3) — disclosure to exposed individuals Deployer 2 August 2026
    AI-drafted public engagement or press content 50(4) — public-interest text labelling Deployer, unless human-reviewed with editorial responsibility 2 August 2026

    Note that the same tool often needs two audits: a chatbot that also produces AI-written summary text for publication can trigger both 50(1) and 50(4).

    Does the research exemption cover the tools you actually use?

    Recital 25 of the AI Act exempts AI systems and models developed and put into service for the sole purpose of scientific research and development. This exemption is narrower than it sounds. It covers AI built as the object of research — a novel model a lab is developing and testing — not commercial or off-the-shelf tools that a research team merely uses to do research.

    A university deploying a commercially available literature-review assistant, a general-purpose chatbot, or a vendor’s lab-imaging tool does not benefit from the Recital 25 carve-out for that deployment. The institution acts as a deployer under Article 50 the moment that tool interacts with people or generates in-scope content, regardless of the research being scientific in nature. Procurement teams should not assume “we’re a research organisation” is itself an exemption — the exemption attaches to the AI system’s development purpose, not the purpose of the team using it.

    Common questions on Article 50 and research AI

    What are the transparency obligations under Article 50 of the AI Act?

    Article 50 sets four disclosure duties: providers of interactive AI (chatbots, assistants) must flag their AI nature at first contact; providers of generative AI must mark synthetic outputs; deployers using emotion-recognition or biometric tools must inform exposed individuals; and deployers publishing deepfakes or AI-written public-interest text must label it as such, unless human-reviewed.

    What is the EU Code of Practice on AI-generated content?

    It is a voluntary Commission-coordinated framework covering Article 50(2) and 50(4), setting a standardised EU visual label for AI content, a taxonomy separating fully AI-generated from AI-assisted material, and modality-specific labelling guidance. A second draft was published in March 2026, with a final version expected by June 2026.

    Why has Article 50’s transparency obligation been criticised as insufficient?

    Academic analysis, including work published via the University of Glasgow’s repository, argues that a simple AI-interaction notice does not stop users from over-trusting confidently worded but unverified chatbot output — disclosure alone does not compel verification behaviour, which matters directly for research assistants summarising literature.

    Are AI systems built only for research exempt from Article 50?

    Only narrowly. Recital 25 exempts AI developed solely for scientific research and development as the object of study. It does not exempt a research office’s use of commercial, off-the-shelf AI tools — those deployments remain subject to Article 50 in the same way as any other organisation’s use.

    What this means for research offices

    Research administration teams procuring or building AI tools should treat 2 August 2026 as the operative date for every disclosure duty except machine-readable marking of pre-existing generative systems. Practical steps:

    • Inventory every AI tool used in research workflows — literature review, participant engagement, lab generation, public communications — and tag each against Articles 50(1)–50(4).
    • Confirm vendor contracts assign responsibility: does the vendor act as provider, leaving the institution as deployer with its own disclosure duties?
    • Check chatbot and assistant interfaces disclose AI involvement clearly at first use, not buried in terms and conditions.
    • Do not treat the December 2026 marking grace period as covering anything beyond Article 50(2) technical marking of pre-existing systems.
    • Review public-facing AI-drafted content (news releases, dissemination summaries) for the human-review and editorial-responsibility carve-out under Article 50(4).

    Institutions with dedicated research administration functions are well placed to run this audit alongside existing research-integrity and data-governance processes, since the same tool inventory typically maps onto GDPR and funder AI-use disclosure requirements already in place.

    What happens next

    The Commission’s final Guidelines and the finalised Code of Practice are both due before 2 August 2026, and both will refine — not delay — the duties above. Offices waiting for the Code before acting on Article 50(1), (3) and (4) will miss the window, since the Code covers marking and labelling detail only, not the underlying legal duty to disclose. Institutions best placed by August will have already mapped their AI tool inventory against Article 50, rather than treating the whole article as paused.

  • AI Act Watermarking Obligations Delay: December 2026

    The AI Act watermarking obligations delay pushes Article 50(2) of the EU AI Act — the machine-readable marking duty for synthetic content — from 2 August 2026 to 2 December 2026 for AI systems already on the market before that date. This is a narrow, four-month transitional concession agreed in the EU’s Digital Omnibus trilogue on 7 May 2026. It does not touch Article 50(1), the separate duty to disclose that a person is interacting with an AI system, which still applies from 2 August 2026 as originally scheduled.

    Article 50 of Regulation (EU) 2024/1689 (the AI Act) is the transparency article governing four distinct duties: disclosure of AI interaction, machine-readable marking of synthetic content, deployer labelling of deepfakes, and labelling of AI-generated text on matters of public interest. Confusing these four sub-obligations — or confusing this watermarking delay with the separate, much longer postponement of high-risk AI system rules — is the most common compliance-timeline error research offices, publishers and institutional AI-governance teams are currently making.

    What actually changed in the Digital Omnibus trilogue

    The Council of the European Union and the European Parliament reached a provisional political agreement on the AI-related Digital Omnibus on 7 May 2026, after a nine-hour trilogue session held under the Cypriot Council Presidency. The text still requires formal endorsement by both institutions and legal-linguistic revision before it is published in the Official Journal, but its substance on watermarking is settled.

    The European Commission’s original November 2025 Digital Omnibus proposal sought a six-month postponement of the Article 50(2) marking obligation. The European Parliament’s negotiating mandate, adopted on 26 March 2026, pushed back for a shorter, three-month postponement. The trilogue compromise landed on four months, moving the application date for existing systems from 2 August 2026 to 2 December 2026.

    This is a narrow, technical fix, not a policy reversal. The stated rationale is operational: the AI Office’s Code of Practice defining how to meet the marking duty is still being finalised, and providers argued they could not build machine-readable marking, metadata and detector tooling against guidance that had not yet stabilised.

    Article 50(2) watermarking vs Article 50(1) disclosure: the nuance

    This is the distinction research administrators need to track separately, because press coverage frequently blurs it. Article 50(1) and Article 50(2) are different obligations with different deadlines, and only one of them moved.

    Provision What it requires Who it binds Application date Delayed?
    Article 50(1) Inform natural persons they are interacting with an AI system (e.g. chatbots) Providers 2 August 2026 No — unchanged
    Article 50(2) Machine-readable marking of synthetic audio, image, video or text output, detectable as artificially generated Providers 2 December 2026 (existing systems) Yes — 4-month delay
    Article 50(3) Label deepfake image, audio or video content shown to the public Deployers 2 August 2026 No — unchanged
    Article 50(4) Label AI-generated text published to inform the public on matters of public interest Deployers 2 August 2026 No — unchanged

    In other words, the disclosure and labelling duties that sit closest to end-user and reader-facing transparency — telling a person they are talking to a bot, or flagging that an image is a deepfake — proceed on the original 2 August 2026 timetable. Only the upstream, provider-side technical marking duty in Article 50(2) has moved.

    Who is affected, and from what date

    The four-month extension operates as a transitional grace period, not a blanket new deadline. It applies specifically to generative AI systems already placed on the EU market before 2 August 2026. Providers bringing a new generative AI system to the EU market on or after 2 August 2026 must comply with Article 50(2) marking from the point of placement, with no transitional window.

    • Existing systems (on the EU market before 2 August 2026): Article 50(2) marking applies from 2 December 2026.
    • New systems (placed on the market from 2 August 2026 onward): Article 50(2) marking applies immediately from placement.
    • Article 50(1), 50(3) and 50(4) duties: unaffected, all apply from 2 August 2026 for every system in scope.

    The same Digital Omnibus package also postpones application of the AI Act’s high-risk system requirements — Annex III stand-alone systems now apply from 2 December 2027, and Annex I product-embedded systems from 2 August 2028. These are separate rules on an entirely separate track from Article 50 transparency, and conflating the two — as some commentary has done — materially understates how soon the watermarking duty actually bites.

    The Code of Practice on Transparency of AI-Generated Content

    Article 50(2) compliance is operationalised through the AI Office’s Code of Practice on Transparency of AI-Generated Content. A first draft was published in December 2025, with a further draft circulated in May 2026 as the trilogue concluded. The European Commission’s Digital Strategy portal lists the Code among its active transparency-obligation guidance as of June 2026.

    The technical benchmark most frequently cited in industry guidance for machine-readable marking is C2PA Content Credentials, a provenance specification backed by major generative-AI and platform providers. Whichever technical route a provider chooses, the compressed runway between a finalised Code of Practice and the 2 December 2026 application date means marking, metadata-embedding and detector-tooling work needs to start now rather than after final guidance lands.

    Answer-first questions

    Has the AI Act watermarking deadline been delayed?

    Yes. Article 50(2) of the EU AI Act, which requires machine-readable marking of AI-generated synthetic content, moves from 2 August 2026 to 2 December 2026 for systems already on the market, under the Digital Omnibus trilogue agreement reached 7 May 2026.

    What is Article 50 of the AI Act?

    Article 50 is the AI Act’s transparency article. It sets four separate obligations: disclosing AI interaction, marking synthetic content, labelling deepfakes, and labelling AI-generated public-interest text — each with its own scope and, now, its own timetable.

    Does the delay affect the AI chatbot disclosure rule?

    No. Article 50(1), which requires providers to inform users they are interacting with an AI system such as a chatbot, is not delayed and continues to apply from 2 August 2026, unchanged by the Digital Omnibus.

    What is the Code of Practice on Transparency of AI-Generated Content?

    It is the AI Office’s guidance document operationalising Article 50 compliance, first drafted in December 2025 with further drafts through mid-2026. It is the practical reference providers use to meet the machine-readable marking requirement ahead of the 2 December 2026 deadline.

    Implications for research offices and publishers

    Institutions running AI-governance or research-integrity functions should treat this as a compliance-tracking, not a compliance-relief, event. Two separate dates now sit on the same calendar entry that many trackers previously listed as a single 2 August 2026 milestone. Research administration teams responsible for institutional AI-use policies, and publishers building AI-content-disclosure workflows alongside existing authorship-disclosure practices, need to record both dates and both scopes distinctly rather than treating “the AI Act deadline” as one event.

    • Update institutional compliance calendars to show 2 August 2026 (disclosure/labelling duties) and 2 December 2026 (marking duty for existing systems) as separate entries.
    • Distinguish the Article 50(2) watermarking delay from the much longer high-risk system postponement (2027/2028) when briefing leadership — the two are unrelated in scope and timing.
    • Track the AI Office’s Code of Practice finalisation, since the technical detail of “machine-readable” marking is defined there, not in the Regulation’s text.

    For institutions already documenting AI-content-disclosure alongside research-administration compliance tracking, the practical task is unchanged in substance and compressed in time: providers and deployers still need working marking and labelling capability, just against a marginally later date for one specific obligation.

    What happens next

    The Digital Omnibus text still requires formal endorsement and legal-linguistic revision before Official Journal publication, expected ahead of the original 2 August 2026 application date for the AI Act’s high-risk obligations. Once published, the 2 December 2026 date for Article 50(2) becomes fixed law rather than a trilogue compromise. Research offices, publishers and AI providers should treat the current text as the operative planning baseline, while watching for the AI Office’s final Code of Practice, which will determine exactly what “machine-readable” marking must look like in practice.

  • Digital Omnibus AI Act Delay 2026: What Research Institutions Must Know

    The digital omnibus AI Act delay 2026 is now confirmed: the European Parliament formally endorsed the deal on 16 June 2026 and the Council of the EU gave its final green light on 29 June 2026, pushing the AI Act’s high-risk obligations for stand-alone Annex III systems from 2 August 2026 to 2 December 2027. For research institutions running admissions, assessment, or exam-proctoring AI classified under Annex III’s education category, this removes an imminent compliance cliff but does not remove the obligation itself.

    The Digital Omnibus on AI is the European Commission’s targeted amendment package to Regulation (EU) 2024/1689 (the AI Act), tabled on 19 November 2025 to defer the applicability of high-risk obligations while harmonised technical standards catch up with the legislative timetable. It is distinct from the broader “Digital Omnibus” simplification package covering GDPR and the ePrivacy Directive, which is proceeding on a separate track.

    What is the Digital Omnibus on AI?

    The Digital Omnibus on AI is a package of targeted amendments to the EU AI Act, proposed by the European Commission to defer the applicability of high-risk AI obligations and to soften or clarify a handful of adjacent provisions. It does not alter the AI Act’s underlying risk-based architecture: the definitions of high-risk AI, the prohibited-practice list, and the general-purpose AI (GPAI) model rules all remain unchanged.

    Two changes matter most for institutional AI governance. First, the compliance timeline for high-risk AI systems is pushed back by more than a year. Second, a new prohibition targeting AI-generated non-consensual intimate imagery (“nudifiers”) and child sexual abuse material (CSAM) is inserted into Article 5, with a transitional period running to 2 December 2026.

    Timeline: how the delay was finalised

    The delay moved through five distinct stages before becoming binding. Each stage narrowed the uncertainty that had left institutions unable to plan with confidence through the first half of 2026.

    • 19 November 2025 — the European Commission tabled the Digital Omnibus on AI, proposing a conditional delay mechanism for Annex III high-risk obligations.
    • 18 March 2026 — the European Parliament’s lead committee signalled support for postponement, initially floating a shorter extension to 2 November 2026 rather than the Commission’s later date.
    • 6–13 May 2026 — trilogue negotiators reached a provisional political agreement, subsequently confirmed by Member State representatives in the Council (Coreper).
    • 16 June 2026 — the European Parliament formally endorsed the agreed text in plenary.
    • 29 June 2026 — the Council of the EU gave its final approval, completing the co-legislative procedure.

    Formal publication in the Official Journal of the European Union is expected before 2 August 2026, the date on which the amended provisions are designed to take legal effect. Until publication, the original 2 August 2026 deadline technically remains in force — a distinction several early client alerts flagged as a live risk for institutions that stopped preparing prematurely.

    New compliance dates for high-risk AI systems

    The Omnibus replaces the Commission’s original conditional trigger with fixed calendar dates. Annex III stand-alone high-risk systems — including those used for recruitment, credit scoring, law enforcement, border control, and education — now have until 2 December 2027 to comply, instead of 2 August 2026. Annex I systems embedded in already-regulated products, such as medical devices and machinery, move to 2 August 2028.

    Obligation Original date New date Status
    Unacceptable-risk prohibitions (Article 5); AI literacy (Article 4) 2 Feb 2025 Unchanged (literacy duty softened) In force
    GPAI model obligations; AI Office operational 2 Aug 2025 Unchanged In force
    Article 50 transparency (AI-generated content disclosure) 2 Aug 2026 2 Aug 2026 (largely unchanged) Proceeding as scheduled
    Article 50(2) watermarking grace period for existing systems 2 Aug 2026 2 Dec 2026 Deferred (grace period)
    New Article 5 ban on non-consensual intimate imagery/CSAM AI 2 Dec 2026 (transitional period ends) New provision
    Annex III high-risk obligations (incl. education/admissions AI) 2 Aug 2026 2 Dec 2027 Deferred
    Member state AI regulatory sandboxes (Article 57) 2 Aug 2027 2 Aug 2027 (sandbox timeline unaffected for Annex III) Unchanged
    Annex I high-risk obligations (embedded, e.g. medical devices) 2 Aug 2027 2 Aug 2028 Deferred

    Two provisions are not deferred. The Article 50 transparency duty — telling users they are interacting with an AI system, and labelling AI-generated content — largely proceeds on the original 2 August 2026 schedule, with only the narrower watermarking sub-obligation under Article 50(2) receiving a four-month grace period for systems already on the market.

    What changes for research institutions under Annex III

    Annex III, paragraph 3 of the AI Act designates AI systems used in the education and vocational training domain as high-risk where they determine access or admission to an institution, evaluate learning outcomes, assess the appropriate level of education for an individual, or monitor and detect prohibited behaviour by students during tests. This is the category most directly relevant to research institutions and universities.

    Concretely, the delay reaches:

    • Admissions and PhD-selection algorithms that rank or filter applicants;
    • Automated assessment and grading tools used to evaluate learning outcomes;
    • Exam-proctoring and academic-integrity-monitoring systems deployed during tests;
    • Tools that assign students to a particular level or track of study.

    Research-integrity screening tools (plagiarism and image-manipulation detection) and grant- or funding-evaluation algorithms sit in a greyer area: they may qualify as high-risk under other Annex III categories — such as access to essential public services — depending on how decisively the AI output determines an outcome for the individual concerned. Institutions should not assume a blanket exemption; classification still depends on the specific use case, not the sector label.

    The practical effect of the delay is headroom, not relief. Conformity assessments, technical documentation, human-oversight design, and post-market monitoring for Annex III education systems must still be built — the deadline for having them in place has simply moved from 2 August 2026 to 2 December 2027. Institutions that paused compliance work in anticipation of the delay now have a defined, and shorter than expected, runway of roughly seventeen months from the June 2026 vote.

    Answer-first Q&A

    What is the EU AI Act Digital Omnibus?

    The Digital Omnibus on AI is a European Commission proposal, tabled 19 November 2025 and finalised through Parliament and Council votes in June 2026, that amends the AI Act to defer high-risk compliance deadlines and adjust several related provisions without changing the Act’s core risk-based structure.

    When do high-risk AI obligations now apply under the AI Act?

    Stand-alone Annex III high-risk systems, including education and admissions AI, must comply by 2 December 2027. AI embedded in already-regulated products under Annex I, such as medical devices, must comply by 2 August 2028, both later than the original 2026/2027 dates.

    Does the delay apply to AI used in education and research admissions?

    Yes. Annex III explicitly classifies AI systems governing admission decisions, learning-outcome evaluation, and exam proctoring as high-risk. These systems’ compliance deadline moves with the rest of Annex III, from 2 August 2026 to 2 December 2027, once the Omnibus is published.

    What still happens on 2 August 2026 despite the delay?

    The Article 50 transparency obligations — disclosing AI interactions and labelling AI-generated content — remain on schedule for 2 August 2026. Only the narrower watermarking duty under Article 50(2) gets a four-month grace period, to 2 December 2026, for systems already on the market.

    Implications and what happens next

    For research administrators, the confirmed timeline changes planning horizons more than it changes obligations. Governance work — data-quality checks, human-oversight protocols, and documentation for admissions and assessment AI — can now be sequenced over roughly seventeen months rather than weeks.

    The Omnibus must still be published in the Official Journal before the new dates bind; until then, 2 August 2026 remains the legal default. Institutions should treat formal publication, expected in the weeks following the 29 June 2026 Council approval, as the trigger to lock in updated compliance calendars, not the political agreement alone.

    Institutions building governance around admissions, assessment, and research-integrity AI should track both the AI Act’s Annex III scope and adjacent standards work as they mature.

    For related institutional definitions and terminology, see the CASRAI Open Research Glossary and the research administration resource hub.

  • NIH Grants Policy Statement 2026: 5 Key Changes for Award Administration

    NIH reissued its Grants Policy Statement in March 2026, superseding the April 2024 edition via Guide Notice NOT-OD-26-057. The revision consolidates every NIH Guide Notice in effect as of 17 March 2026, adds a new prior-approval requirement for domestic subawards, harmonises NIH’s definition of “intervention” with the Common Rule, and folds in the zero-embargo public access requirement that took effect on 1 July 2025. For institutions managing NIH awards, the practical effect is a single, current reference document — but several of its changes carry hard compliance deadlines that pre- and post-award offices need to act on now.

    The NIH Grants Policy Statement (NIHGPS) is NIH’s primary vehicle for setting standard terms and conditions on grants and cooperative agreements, applied by incorporation into every Notice of Award. The March 2026 revision (rev. 03/2026) applies to all NIH grants and cooperative agreements with budget periods beginning on or after 1 October 2025, and formally supersedes the April 2024 version.

    Contents

    What changed in the March 2026 NIHGPS revision

    NIH announced the revised NIHGPS through Guide Notice NOT-OD-26-057, published 25 March 2026. The notice states the update “incorporates new and modified requirements, clarifies certain policies, and implements changes in statutes, regulations, and policies” made since April 2024. Institutional summaries from Northeastern University and Washington University in St. Louis flag further administrative shifts folded into this edition: expanded research-security disclosure across the award lifecycle, new guidance restricting generative AI use in applications and peer review, tighter limits on concurrent applications per principal investigator, and confirmation that childcare costs are allowable for full-time NRSA trainees and that dependent-care resources are allowable for conference-grant participants.

    The table below summarises the notices anchoring the update, each with its own effective date — a distinction institutions often miss when treating the NIHGPS as a single-date change.

    Guide Notice Change Effective date
    NOT-OD-26-057 Publishes revised NIHGPS (rev. March 2026), supersedes the April 2024 edition Awards with budget periods starting on/after 1 October 2025
    NOT-OD-26-062 New prior-approval requirement for post-award domestic subawards 1 June 2026
    NOT-OD-26-063 Harmonises the NIH definition of “intervention” with the Common Rule (45 CFR 46, Subpart A) 27 March 2026
    NIH foreign-subaward policy NIH no longer recognises foreign subawards; new PF5/UF5 application structure required for international collaborations 1 May 2025
    2024 NIH Public Access Policy (accelerated by NOT-OD-25-101) Zero-embargo deposit of peer-reviewed manuscripts in PubMed Central 1 July 2025

    New prior-approval requirement for domestic subawards

    Effective 1 June 2026 under NOT-OD-26-062, prime recipients must obtain NIH prior approval before adding a new domestic subaward to a project post-award, whenever that subaward arrangement was not part of the originally peer-reviewed and approved application. NIH states the requirement exists so it “is aware of all subaward activities for each NIH project,” supporting monitoring and reporting compliance further down the award chain.

    Requests must be submitted through the eRA Commons Prior Approval Module, using the “Other Request” type. For Small Business Innovation Research and Small Business Technology Transfer awards, the March 2026 NIHGPS goes further: recipients must seek prior approval for any new subaward and include a foreign risk assessment of the proposed subrecipient.

    This sits alongside a harder line already in force: since 1 May 2025, NIH has not recognised foreign subawards. International collaborations must instead use NIH’s PF5/UF5 application format.

    Terminology shifts and Common Rule alignment

    Two changes in the March 2026 NIHGPS are easy to miss because they read as drafting cleanup rather than policy change, but both affect how compliance offices should tag and search award documents.

    • “Facilities and Administration (F&A) Costs” is now “Indirect Costs” throughout the NIHGPS, aligning NIH’s terminology with 2 CFR 200 (the Uniform Guidance).
    • “Non-Federal entity” has been replaced with “recipients and subrecipients” — a distinction that matters for institutions cross-referencing older award language against the current document.

    Separately, under NOT-OD-26-063, effective 27 March 2026, NIH adopted the Common Rule’s definition of “intervention” — “both physical procedures by which information or biospecimens are gathered (e.g., venipuncture) and manipulations of the subject or the subject’s environment that are performed for research purposes” (45 CFR 46, Subpart A) — replacing its own prior operational definition. NIH frames this as harmonising human-subjects implementation “across federal agencies,” reducing ambiguity when institutions classify a study as a clinical trial, a basic experimental study involving humans, or an observational study.

    Where the update meets the zero-embargo public access rule

    The March 2026 NIHGPS does not introduce a new public access policy — it consolidates the one that already reshaped NIH-funded publishing. The 2024 NIH Public Access Policy took effect on 1 July 2025, after NIH accelerated its original 31 December 2025 target date. Under the policy, any peer-reviewed manuscript arising from NIH funding and accepted for publication on or after 1 July 2025 must be deposited in PubMed Central for immediate public availability, with no embargo period permitted.

    For award administrators, the intersection matters because the same Notice of Award terms and conditions that reference the NIHGPS now also carry the zero-embargo requirement as a standing condition of every applicable award — not a separate library-services matter. Institutions that track compliance by Notice of Award language, rather than by publication date alone, should confirm their research-output tracking systems flag manuscripts by acceptance date against the 1 July 2025 threshold, since the obligation attaches at acceptance, not at final publication.

    What institutions should do now

    Sponsored-programs offices should treat the March 2026 NIHGPS as a trigger for three concrete actions. First, update subaward-change checklists to route any new domestic subaward through the eRA Commons Prior Approval Module before 1 June 2026. Second, audit standard operating procedures for the terminology shift from “F&A Costs” to “Indirect Costs” and from “non-Federal entity” to “recipients and subrecipients,” since document searches keyed to the old terms will miss current guidance. Third, confirm research-output compliance tracking distinguishes manuscripts accepted before and after 1 July 2025, given the zero-embargo requirement now sits inside the same consolidated policy document as the award terms.

    The stakes are not abstract. NIH’s total FY2026 budget for extramural grants and contracts is approximately $38 billion, yet the overall number of grants awarded is running roughly 25% below levels typical for a comparable date in 2021–2024, according to reporting in Science. Against that backdrop, missteps on prior approval or subaward compliance carry a higher relative cost: fewer awards means less institutional tolerance for a stalled or non-compliant action.

    Answer-first Q&A

    What is the NIH Grants Policy Statement?

    The NIH Grants Policy Statement is NIH’s standard terms-and-conditions document for grants and cooperative agreements, incorporated by reference into every Notice of Award. NIH reissues it periodically — most recently in March 2026, superseding the April 2024 version — to consolidate Guide Notices and reflect statutory, regulatory, and policy changes.

    What is the NIH salary cap for 2026?

    Effective 1 January 2026, the NIH salary cap increased to $228,000, up from $225,700 in 2025. This is a 12-month cap; institutions with 9-month faculty appointments must prorate the figure accordingly for budgeting and rebudgeting purposes on active awards.

    When does the March 2026 NIHGPS take effect?

    The revised NIHGPS applies to all NIH grants and cooperative agreements with budget periods beginning on or after 1 October 2025. It consolidates NIH Guide Notices in effect as of 17 March 2026 and supersedes the prior, April 2024 edition of the document.

    Does the NIH Grants Policy Statement cover public access requirements?

    Yes. The NIHGPS incorporates the 2024 NIH Public Access Policy, which took effect 1 July 2025 and requires zero-embargo deposit of peer-reviewed manuscripts in PubMed Central for any paper accepted for publication on or after that date.

    The bottom line for award administration

    The March 2026 NIHGPS is best read as a consolidation exercise with two genuinely new compliance obligations — the domestic subaward prior-approval rule taking effect 1 June 2026, and the Common Rule-aligned “intervention” definition already in force since 27 March 2026 — layered onto a document that now also carries the zero-embargo public access requirement as standing award language. Institutions that update subaward workflows, terminology-dependent search tools, and publication-tracking systems ahead of the June deadline will avoid the compliance gaps that a document reissue of this scope typically exposes.

    For related context on how research-administration offices track compliance obligations across funders, see CASRAI’s research administration resources.