Tag: eu ai office

  • GPAI Code of Practice Signatories: Who Signed and What It Means for Research Tool Vendors

    As of mid-2026, Amazon, Anthropic, Google, IBM, Microsoft, OpenAI, Mistral AI and Aleph Alpha have signed the EU’s General-Purpose AI Code of Practice in full, xAI has signed only its Safety and Security chapter, and Meta has declined to sign at all. For research offices and publishers procuring AI-enabled tools, a vendor’s foundation-model supplier and that supplier’s gpai code of practice signatories status is now a material, checkable compliance signal.

    The General-Purpose AI Code of Practice (GPAI CoP) is a voluntary compliance framework, published by the European Commission on 10 July 2025, that lets providers of general-purpose AI models demonstrate adherence to the transparency, copyright and safety obligations of the EU AI Act’s Articles 53 and 55.

    Which AI labs have signed the Code of Practice?

    The European Commission maintains and continuously updates a public list of signatories on its digital-strategy portal. Signatories were first published on 1 August 2025, one day before the AI Act’s GPAI obligations took effect on 2 August 2025. The largest foundation-model providers active in academic and publishing tooling have signed all three chapters.

    Provider Signature status Chapters covered
    OpenAI Full signatory Transparency, Copyright, Safety and Security
    Microsoft Full signatory Transparency, Copyright, Safety and Security
    Google Full signatory Transparency, Copyright, Safety and Security
    Amazon Full signatory Transparency, Copyright, Safety and Security
    Anthropic Full signatory Transparency, Copyright, Safety and Security
    IBM Full signatory Transparency, Copyright, Safety and Security
    Mistral AI Full signatory Transparency, Copyright, Safety and Security
    Aleph Alpha Full signatory Transparency, Copyright, Safety and Security
    xAI Partial signatory Safety and Security only
    Meta Non-signatory None

    A Signatory Taskforce, chaired by the EU AI Office, was established to help signing providers implement the Code consistently and to keep the commitments current as models are updated. Institutions should check the Commission’s live list before relying on any third-party summary, including this one, since new signatories are added on a rolling basis.

    Which major providers have not signed, and why?

    Meta is the most significant non-signatory. In July 2025, Meta’s Chief Global Affairs Officer Joel Kaplan stated that the Code introduces legal uncertainties and obligations that “go far beyond the scope of the AI Act,” and confirmed Meta would not sign. xAI took a narrower position, signing only the Safety and Security chapter while rejecting the Transparency and Copyright chapters as, in the company’s view, potentially harmful to innovation.

    • Meta — declined to sign any chapter
    • xAI — signed Safety and Security only; declined Transparency and Copyright
    • Alibaba, Baidu and DeepSeek — no public commitment to sign as of early 2026

    Declining to sign does not exempt a provider from the AI Act itself. The Code is a voluntary route to demonstrating compliance; the underlying legal obligations in Articles 53 and 55 remain binding on any GPAI provider placing a model on the EU market, signatory or not.

    What does signing actually commit a provider to?

    The Code is organised into three chapters, each addressing a distinct obligation under the AI Act. Signing the full Code commits a provider to detailed documentation, copyright policy and, for the largest models, systemic-risk management.

    • Transparency — model documentation covering capabilities, limitations and training-data summaries, shared with downstream providers on request within 14 calendar days.
    • Copyright — a policy aligned with EU copyright law, including respecting rights-holder opt-outs and mitigating infringing outputs.
    • Safety and Security — applies only to models classified as carrying systemic risk (broadly, those trained above 1025 floating-point operations, per Article 55); requires independent external evaluation, incident reporting and a documented risk-management framework.

    Non-signatories that provide GPAI models must still satisfy Articles 53 and 55 through other means and face closer supervisory scrutiny from the AI Office. Under Article 101 of the AI Act, the Commission can fine GPAI providers up to €15 million or 3% of total worldwide annual turnover, whichever is higher, for breaches of these obligations — the same penalty tier applies regardless of Code signature status.

    What this means for research-tool vendor risk assessments

    Research offices, publishers and institutional procurement teams rarely contract directly with foundation-model developers. They contract with the AI-enabled research tools — plagiarism and integrity checkers, peer-review triage systems, writing and translation assistants, literature-discovery platforms — built on top of those models. The signatory status of the underlying model provider is a proxy for how much documentation, incident transparency and risk evidence a research-tool vendor can realistically pass through to an institutional buyer.

    A vendor built on a full Code signatory’s model can typically point to a standardised Model Documentation Form, published training-data summaries, and (for systemic-risk models) an externally evaluated Safety and Security Model Report. A vendor built on a non-signatory model has none of this by default; it must obtain equivalent assurances directly from its model supplier or demonstrate compliance through bespoke documentation, which is harder for a research office to verify at procurement stage.

    • Ask vendors which foundation model(s) power their product and whether that provider is a full, partial or non-signatory.
    • For partial signatories such as xAI, confirm whether the tool relies on capabilities covered only by the unsigned Transparency or Copyright chapters.
    • Where a vendor relies on a non-signatory model, request the provider’s own AI Act compliance documentation directly, rather than accepting the vendor’s assurance alone.
    • Track the Commission’s signatory list periodically — a vendor’s compliance posture can change as its underlying model supplier’s status changes.

    This procurement lens is distinct from the legal-compliance framing most coverage of the Code takes: research administration offices are not GPAI providers themselves, but they inherit downstream documentation risk every time they adopt an AI-enabled tool, a consideration that belongs alongside existing due-diligence practice for research administration vendor reviews.

    Common questions on GPAI Code of Practice signatories

    What is a GPAI system?

    A general-purpose AI (GPAI) model is a foundation model, such as those underpinning ChatGPT, Gemini or Claude, capable of performing a wide range of tasks without being built for one specific use. Under the AI Act, providers of GPAI models placed on the EU market carry distinct transparency and, above certain compute thresholds, systemic-risk obligations.

    What happens if a provider does not sign the Code of Practice?

    A non-signatory is not exempt from the AI Act. It must demonstrate compliance with Articles 53 and 55 through alternative means, and the EU AI Office has indicated it will apply closer regulatory scrutiny to non-signatories, increasing enforcement uncertainty relative to signatories.

    What are the penalties for GPAI Act non-compliance?

    Under Article 101 of the AI Act, the Commission can fine a GPAI provider up to €15 million or 3% of total worldwide annual turnover, whichever is higher, for breaches of the transparency, copyright or systemic-risk obligations, independent of whether the provider signed the Code.

    Can a provider sign only part of the Code of Practice?

    Yes. xAI signed only the Safety and Security chapter of the Code, declining the Transparency and Copyright chapters. Partial signature means a provider gains reduced administrative burden for the chapters it signed, while still needing to demonstrate compliance with the others through other evidence.

    Outlook for research administration

    The signatory list will keep shifting as new models cross the compute thresholds in Articles 53 and 55, and as the Signatory Taskforce publishes further implementation guidance. Research offices building AI-tool procurement checklists should treat Code of Practice status as one input alongside existing vendor due-diligence questions on data provenance, licensing terms and institutional data protection — not as a substitute for direct verification against the Commission’s live signatory list.

  • EU AI Act GPAI Code of Practice for Procurement

    The EU AI Act GPAI Code of Practice is a voluntary framework, published 10 July 2025 under Article 56, that lets general-purpose AI model providers demonstrate compliance with the Act’s transparency, copyright and safety obligations. Most major providers have signed; Meta and leading Chinese developers have not — a distinction procurement teams should weigh directly.

    The EU AI Act GPAI Code of Practice is the European Commission’s stopgap compliance tool for general-purpose AI (GPAI) model providers: a set of voluntary commitments, confirmed adequate by the Commission and the EU AI Board, that bridges the gap between the AI Act’s legal obligations and the harmonised European standards still years from adoption. For research institutions now procuring AI writing assistants, literature-review tools, and data-analysis copilots — most of which are built on a small number of underlying GPAI models — signatory status has become a practical, checkable proxy for regulatory risk.

    What is the EU AI Act GPAI Code of Practice?

    Article 56 of the EU AI Act establishes the Code of Practice as a voluntary mechanism GPAI model providers can use to demonstrate compliance with the obligations set out in Articles 53 and 55, until dedicated harmonised European standards are drafted by CEN-CENELEC — a process expected to take until 2027 or later. The final Code was published on 10 July 2025, following a multi-stakeholder drafting process the AI Office launched in October 2024.

    The Code has three chapters. The Transparency and Copyright chapters apply to every GPAI model provider placing a model on the EU market. The Safety and Security chapter applies only to providers of GPAI models with systemic risk — models presumed to meet that threshold once cumulative training compute exceeds 10^25 floating-point operations (FLOP). Epoch AI’s tracking of large-scale models puts the number of providers currently above that threshold at roughly 11 to 15 worldwide, meaning the systemic-risk chapter is a small-club obligation while transparency and copyright commitments apply far more broadly.

    GPAI obligations have applied since 2 August 2025. Enforcement — requests for information, model access, or recalls — begins 2 August 2026; providers of models already on the market before August 2025 have until 2 August 2027 to reach full compliance. Signatories get that runway with reduced scrutiny; non-signatories must prove compliance by other, more burdensome, means from day one.

    One point of confusion worth clearing up: the GPAI Code of Practice (Article 56) is not the separate Code of Practice on marking and labelling AI-generated content that the Commission published in June 2026 under Article 50. The two cover different obligations — model-level transparency and safety versus output-labelling — and procurement teams should confirm which one is relevant to the tool in question.

    Who has signed the GPAI Code of Practice — and who hasn’t?

    The Commission publishes and maintains the official signatory list. Signatories include OpenAI, Anthropic, Google, Microsoft, Amazon, IBM, France’s Mistral AI, and Germany’s Aleph Alpha — the providers behind most GPAI models embedded in commercially available research and productivity tools.

    Two gaps matter for procurement due diligence:

    • Meta has publicly declined to sign the Code, citing legal uncertainty over some of its transparency and copyright commitments.
    • Major Chinese developers — including Alibaba, Baidu, and DeepSeek — have not signed, leaving their models entirely outside the Code’s voluntary compliance pathway for EU deployments.
    • xAI has signed only the Safety and Security chapter, not the Transparency or Copyright chapters — a partial-adherence position that is easy to miss if a procurement team checks “has this vendor signed the Code?” as a single yes/no question rather than chapter by chapter.

    That last nuance is the one most procurement checklists get wrong. Chapter-level adherence, not blanket signatory status, is the correct unit of due diligence.

    A procurement checklist: evaluating AI vendors under the Code

    Most AI tools institutions buy — literature-review assistants, grant-drafting copilots, coding and data-analysis tools — wrap a small number of underlying GPAI models. Procurement teams rarely negotiate directly with OpenAI or Google; they negotiate with a SaaS vendor built on top of one. Tracing the underlying model, and its provider’s Code chapter adherence, is a genuine due-diligence step, not a formality.

    Evaluation question If the underlying GPAI provider is a signatory If not, or only partially
    Model documentation Standardised Model Documentation Form available on request, covering training data summary, compute, and energy use No standard form; institution must request bespoke documentation or accept a documentation gap
    Copyright policy Documented policy on lawful data collection and machine-readable rights signals, plus a complaints contact point Institution bears greater burden to assess copyright exposure independently
    Systemic-risk safeguards (where applicable) Safety and Security Framework, incident reporting, and evaluation regime in place No equivalent framework confirmed; higher-risk models warrant closer technical review
    Regulatory exposure Commission enforcement focuses on monitoring; Code commitments can mitigate fines Vendor faces fuller compliance burden by alternative means; more regulatory requests likely

    Practical steps for a research-institution procurement or IT-governance office:

    • Ask every AI vendor which underlying GPAI model(s) power their product, not just the vendor’s own brand name.
    • Check chapter-level adherence against the Commission’s published signatory list — Transparency, Copyright, and Safety and Security are separate commitments.
    • Request the Model Documentation Form (or equivalent) as a contractual deliverable, not an optional extra, where the underlying provider is a signatory.
    • For non-signatory or partial-signatory models, budget additional time for independent technical and legal review before approving procurement.
    • Record Code of Practice status in the institution’s AI-tool risk register alongside existing data-protection and accessibility checks.

    What this means for research institutions

    Universities and funders are not the direct addressees of Article 56 — GPAI model providers are. But procurement decisions inherit the compliance posture of whichever models sit underneath the tools researchers use. A literature-synthesis tool built on a Code-compliant model comes with documented training-data provenance and a defined incident-reporting channel; one built on a non-signatory model does not, and the institution absorbs that gap as its own due-diligence burden.

    Research administration offices already run vendor risk assessments for data protection and accessibility; Code of Practice adherence is a natural addition to that workflow. As enforcement ramps toward the 2 August 2026 date and the 2027 deadline for legacy models, institutions that have already mapped their AI-tool stack to underlying GPAI providers will face far less disruption than those discovering the dependency mid-audit.

    The Code remains voluntary and harmonised standards are still years away. Until CEN-CENELEC finalises them, signatory status is the clearest available signal of a provider’s regulatory posture — and the most defensible basis on which an institution can currently justify an AI procurement decision to its own governance body.

    Common questions about the GPAI Code of Practice

    Is the GPAI Code of Practice legally binding?

    No. The Code of Practice is voluntary, established under Article 56 of the EU AI Act as an interim compliance route. Providers who sign it can use adherence to demonstrate compliance with Articles 53 and 55; non-signatories must prove compliance through other, generally more burdensome, means.

    Has Meta signed the EU AI Act GPAI Code of Practice?

    No. Meta has publicly declined to sign the Code of Practice, citing concerns about legal uncertainty in some of its Transparency and Copyright commitments. This places Meta’s GPAI models outside the Code’s voluntary compliance pathway for EU deployments.

    What happens if an AI vendor does not sign the Code of Practice?

    A non-signatory provider must demonstrate AI Act compliance through alternative means, which the Commission has indicated will typically involve more requests for information and closer scrutiny. Institutions procuring tools built on non-signatory models should expect a heavier independent due-diligence burden.

    When does enforcement of the GPAI Code of Practice begin?

    AI Office enforcement action begins 2 August 2026 for models placed on the market after August 2025. Providers of models already on the market before that date have until 2 August 2027 to bring them into full compliance.

    The bottom line for research institutions: signatory status under the GPAI Code of Practice is not a legal requirement, but it is fast becoming the practical baseline against which every AI procurement decision — from a departmental writing assistant to an institution-wide research-administration platform — should be measured.

  • AI Act Penalties for Public Sector Research

    Universities and public research bodies are covered by the EU AI Act’s penalty framework, but they are not fined like companies. Article 99(8) of Regulation (EU) 2024/1689 leaves it to each Member State to decide how far, and whether, administrative fines apply to public authorities and bodies established on its territory — a carve-out that no generic “AI Act penalties” explainer written for commercial vendors mentions. This article sets out what research institutions actually risk, and when.

    The EU AI Act is Regulation (EU) 2024/1689, the world’s first comprehensive cross-sectoral law regulating artificial intelligence, which entered into force on 1 August 2024 and applies a risk-tiered set of obligations and fines to providers and deployers of AI systems, including public-sector research organisations.

    How does the AI Act’s tiered fine structure work?

    Article 99 of the AI Act sets three tiers of administrative fine, scaled to the seriousness of the breach. The ceilings are deliberately set above the GDPR’s €20 million/4% cap to signal that AI enforcement is meant to have real teeth from the outset.

    • Tier 1 — prohibited practices (Article 5): up to €35 million or 7% of worldwide annual turnover, whichever is higher, for banned uses such as social scoring, subliminal manipulation, or untargeted facial-recognition scraping.
    • Tier 2 — high-risk system non-compliance: up to €15 million or 3% of turnover for failing to meet risk-management, data-governance, documentation, or human-oversight duties for high-risk AI systems.
    • Tier 3 — misleading information: up to €7.5 million or 1% of turnover for supplying incorrect, incomplete, or misleading information to a market surveillance authority or notified body.

    Recital 81 requires that whatever figure a Member State ultimately sets, penalties must be “effective, proportionate and dissuasive” — the same three-part test used elsewhere in EU law, including data protection enforcement.

    Are universities and public bodies fined the same as companies?

    Not automatically. Article 99(8) states that each Member State shall lay down rules on the extent to which administrative fines may be imposed on public authorities and bodies established in that Member State. This single clause is the crux of institutional liability for universities, national research councils, and other publicly funded research organisations — and it is the fact almost entirely absent from commercial-vendor-focused coverage of “AI Act penalties”.

    In practice, this means the €35m/7% ceiling is not a fixed number for a university — it is a national policy choice. Member States are free to:

    • Apply the full commercial fine scale to public bodies, to preserve a level playing field;
    • Set a lower cap or a fixed-fee schedule that reflects public funding constraints; or
    • Substitute non-monetary corrective measures (compliance orders, publication of findings) in place of fines for state-funded bodies.

    Because transposition is still working through national legislatures as of mid-2026, a university’s actual exposure depends on where it is established, not on the AI Act’s headline figures alone. Research administrators should check their national AI Act implementing law — not the regulation’s text alone — to find their institution’s real ceiling.

    How are EU institutions and agencies treated differently?

    The Act does draw one explicit, EU-wide distinction between public and commercial actors. Article 100 subjects the EU’s own institutions, bodies, offices and agencies to a separate, lower fine scale, enforced by the European Data Protection Supervisor (EDPS) rather than a national market surveillance authority. For prohibited practices, the EU-institution ceiling is €1.5 million; for other infringements, €750,000 — roughly 4–5% of the commercial ceilings.

    This confirms, in the Act’s own text, that the legislature considered public-sector and non-profit bodies a distinct risk-and-resource category rather than an oversight gap. It also gives national legislators a concrete precedent to draw on when they set their own Article 99(8) rules for universities and public research bodies within their jurisdiction.

    AI Act fine ceilings by actor type
    Actor type Prohibited practices High-risk non-compliance Misleading information Who enforces
    Commercial company €35m or 7% turnover €15m or 3% turnover €7.5m or 1% turnover National market surveillance authority
    University / public research body Set by national law (Art. 99(8)) Set by national law (Art. 99(8)) Set by national law (Art. 99(8)) National market surveillance authority
    EU institution, body or agency €1.5m (Art. 100) €750,000 (Art. 100) €750,000 (Art. 100) European Data Protection Supervisor

    Who actually enforces the AI Act against a university?

    Enforcement is decentralised. Each Member State designates one or more national market surveillance authorities under Article 70 to police AI Act compliance within its territory, including by public bodies. At EU level, the European AI Office, established within the European Commission in February 2024, holds exclusive competence over general-purpose AI model providers and coordinates cross-border enforcement — but it does not directly fine individual universities for high-risk system misuse; that remains a national market-surveillance-authority function.

    For a research institution, this means the practical first point of regulatory contact is a domestic body — often the same authority, or one working alongside the authority, that already handles product-safety or data-protection oversight — not Brussels.

    Where is research-sector exposure highest?

    AI systems used in education and vocational training — including tools that determine admission, assess students, or monitor exam conduct — are classified as high-risk under Annex III(3) of the AI Act. High-risk obligations (risk management, technical documentation, human oversight, data governance) become directly applicable from 2 August 2026, per the Act’s phased implementation timetable, alongside the general application date set for most remaining provisions.

    Universities and research funders deploying AI for admissions scoring, plagiarism or research-integrity screening, automated grant-assessment triage, or proctoring therefore carry the same substantive compliance duties as a commercial high-risk provider — only the fine ceiling, under Article 99(8), may differ nationally. Institutions using such tools should not assume “non-profit” status reduces their compliance workload; it may only affect the penalty if that workload is neglected.

    Answer-first Q&A

    What is the penalty for violating the AI Act?

    Penalties follow a three-tier structure under Article 99: up to €35 million or 7% of global turnover for prohibited practices, up to €15 million or 3% for high-risk non-compliance, and up to €7.5 million or 1% for misleading regulators. Public bodies fall under a separate national rule set by Article 99(8) rather than these fixed ceilings.

    What is the penalty for prohibited AI use cases under the EU AI Act?

    Prohibited practices — such as social scoring, subliminal manipulation, and untargeted biometric scraping — carry the Act’s highest tier: up to €35 million or 7% of worldwide annual turnover, whichever is higher. This is the ceiling that also anchors the national rules Member States must write for public authorities under Article 99(8).

    Is the AI Act legally binding?

    Yes. As an EU Regulation (2024/1689), the AI Act is directly applicable and legally binding in every Member State without national transposition legislation, unlike a Directive. Member States must still legislate separately on penalty specifics for public bodies under Article 99(8) and designate enforcement authorities under Article 70.

    What this means for research administrators

    Three actions follow directly from the text. First, confirm whether your national government has finalised its Article 99(8) rules for public-sector fines — many are still in transposition as of mid-2026, so the applicable ceiling for your institution may not yet be settled. Second, audit any admissions, assessment, or proctoring AI against the Annex III(3) high-risk classification ahead of the 2 August 2026 application date. Third, treat the Article 100 EDPS regime for EU bodies as the closest available precedent for how a “public-interest, non-commercial” fine schedule is likely to be structured nationally — proportionate, but not zero.

    The direction of travel is clear: research institutions are inside the AI Act’s enforcement perimeter, not outside it. The open question, left deliberately to national law, is how hard that enforcement bites.

  • EU AI Office: Enforcement for Research Bodies

    The EU AI Office does not enforce most of the AI Act. It is a European Commission unit, inside the Directorate-General for Communications Networks, Content and Technology (DG CNECT), with exclusive competence over general-purpose AI (GPAI) models. Day-to-day enforcement against high-risk AI systems — the category covering most tools used in universities, funders and public research bodies — falls to each Member State’s national market surveillance authority, not the AI Office.

    The EU AI Office is the Commission’s central coordinating body for Regulation (EU) 2024/1689 (the AI Act), responsible for supervising GPAI models, chairing the technical governance structure and preparing Commission guidance — while national authorities retain enforcement power over almost everything else.

    What is the EU AI Office?

    The AI Office was established by a European Commission decision in January 2024, alongside political agreement on the AI Act. It sits within DG CNECT rather than as a stand-alone agency, and functions legally as part of the Commission — so references to “the AI Office” in the Act’s text are references to the Commission acting through that unit.

    Its headquarters are in Brussels. Wikipedia’s infobox for the European Artificial Intelligence Office records around 60 staff at 2024 launch, projected above 140, under Director Lucilla Sioli. The Office also acts as Secretariat to the European AI Board, the forum of one representative per Member State coordinating national implementation.

    • Supervises GPAI model providers under AI Act Chapter V
    • Drafts codes of practice, guidelines and implementing acts for the Commission
    • Coordinates joint investigations across Member States on cross-border AI risk
    • Runs the AI Act Service Desk and single information platform
    • Chairs the scientific panel of independent experts monitoring systemic-risk models

    Who actually enforces the AI Act — the AI Office or national authorities?

    Enforcement is split by system type, not centralised in one body. The AI Office’s remit is narrow but powerful: only GPAI models and systems — the foundation models underpinning many downstream research tools. Everything else, including the high-risk systems a university, funder or public research agency is far more likely to deploy directly, is enforced nationally.

    Each Member State designates one or more market surveillance authorities (MSAs) under Article 74, alongside a “notifying authority” overseeing conformity-assessment bodies. Because States may designate sector-specific bodies rather than one regulator, the map is fragmented: CMS Law’s 2025 enforcement analysis notes that, once sectoral designations are counted, several thousand bodies across the EU can hold market-surveillance-authority status, with AI systems now added to their remit.

    A separate rule applies to the EU’s own institutions. Under Article 74(9), the European Data Protection Supervisor (EDPS) is the market surveillance authority for AI systems used by EU institutions, bodies, offices and agencies — relevant to EU-funded research infrastructures and executive agencies, as distinct from national universities and funders.

    Body Enforces Covers Key power
    EU AI Office GPAI model obligations (Chapter V) Foundation-model providers, EU-wide Model evaluations, mitigation orders, market withdrawal
    National market surveillance authority High-risk and other AI system obligations Deployers/providers within one Member State, incl. universities and public bodies Inspections, corrective orders, fines
    European Data Protection Supervisor All AI Act obligations EU institutions, bodies, offices and agencies Fines against EU public administration
    European AI Board Coordination, not direct enforcement All 27 Member States (via national reps) Consistency, joint-investigation coordination

    Does the research exemption apply to universities and public bodies?

    Partly, and the boundary matters more than most explainers acknowledge. Article 2(8) states that obligations do not apply to research, testing or development activity on an AI system before it is placed on the market or put into service. Article 2(6) separately exempts systems developed and used for the sole purpose of scientific research and development.

    Neither carve-out protects a university once it moves from research into operational use. Annex III(3) classifies AI systems used to evaluate exam answers, determine admission or assess applicants as high-risk. A plagiarism-detection or admissions-scoring tool a university actually deploys against students is therefore fully in scope — and, because most universities and funders are “bodies governed by public law”, Article 27 requires a fundamental rights impact assessment (FRIA) before deployment.

    How can research institutions and public bodies seek guidance?

    Three channels exist, and institutions frequently default to the wrong one. The AI Act Service Desk (ai-act-service-desk.ec.europa.eu) is the Commission’s central portal where any stakeholder, including a university legal office or funder’s compliance team, can submit a question and get an answer from a Commission-coordinated expert team; it is the right first stop for interpretive questions on scope, classification or the research exemptions above.

    For enforcement-specific queries — “is our deployed system high-risk, and what must we file?” — the correct contact is the national market surveillance authority in the institution’s own Member State, not the AI Office, which has no jurisdiction over nationally-deployed high-risk systems. EU-affiliated bodies should instead approach the EDPS. National governments must separately establish AI regulatory sandboxes, giving public research bodies a supervised route to trial new systems before full-scale deployment.

    What are the penalties for AI Act non-compliance?

    Article 99 sets three fine tiers, using the higher figure for large organisations and the lower for SMEs and start-ups:

    • Up to €35 million or 7% of global annual turnover for breaching prohibited AI practices (Article 5)
    • Up to €15 million or 3% of global annual turnover for breaching most other provider or deployer obligations
    • Up to €7.5 million or 1% of global annual turnover for supplying incorrect, incomplete or misleading information to authorities or notified bodies

    Article 101 gives the Commission a separate fining power against GPAI model providers, up to 3% of worldwide annual turnover or €15 million, whichever is higher, for infringements the AI Office identifies through model evaluation. Public-sector bodies are not exempt from Article 99 fines, though Member States retain some discretion over how penalties apply to public administration.

    Providers can reduce GPAI exposure by signing the General-Purpose AI Code of Practice, published by the AI Office in 2025 with independent experts across transparency, copyright and safety/security chapters. Adherence is voluntary but, pending harmonised standards, creates a presumption of conformity — worth knowing for institutions procuring GPAI tools from signatory vendors.

    Answer-first questions on the EU AI Office

    Where is the EU AI Office?

    The EU AI Office is headquartered in Brussels, inside the European Commission’s Directorate-General for Communications Networks, Content and Technology (DG CNECT). It is not a separate legal agency; it operates as a Commission unit with its own director, staff and published mandate under the AI Act’s governance provisions.

    Who is the head of the EU AI Office?

    The EU AI Office is led by Director Lucilla Sioli, who reports within DG CNECT’s management structure. The director’s mandate covers GPAI supervision, Secretariat duties for the European AI Board, and coordination of the scientific panel of independent experts that monitors systemic-risk models.

    What is a market surveillance authority?

    A market surveillance authority is the national body a Member State designates to monitor, inspect and take corrective or punitive action against non-compliant products — including, under the AI Act, high-risk AI systems deployed within that country’s territory, such as university admissions or assessment tools.

    What is post-market monitoring under the AI Act?

    Post-market monitoring is the ongoing obligation on providers and deployers of high-risk AI to actively collect and analyse performance data after deployment. It feeds directly into market surveillance authority oversight, giving regulators evidence to investigate serious incidents or systemic risk once a system is in real-world use.

    Implications for research administrators

    The practical takeaway is that “who do we ask” and “who can fine us” are different questions with different answers. The AI Office is the right destination for interpretive guidance on GPAI; the national market surveillance authority holds actual enforcement jurisdiction over a deployed high-risk system inside a research institution.

    As GPAI-based tools proliferate across grant review, plagiarism screening and admissions, institutions that conflate the AI Office’s central mandate with national enforcement risk misdirecting queries and missing the FRIA obligations Article 27 attaches to public bodies. Building this literacy now, ahead of the Act’s staged 2025–2027 application timeline, is cheaper than resolving a misdirected enforcement dispute later. For related governance context, see CASRAI’s research administration resources.

  • UK AI Safety Institute vs 4 Global Peers

    The UK AI Safety Institute — renamed the AI Security Institute (AISI) in 2025 — is a research directorate of the Department for Science, Innovation and Technology that evaluates frontier AI systems and funds external safety research, distinguishing it from the US CAISI’s standards focus, Japan’s non-R&D coordination role, Canada’s CIFAR-administered grants, and the EU AI Office’s regulatory enforcement mandate. For institutions weighing where to seek collaboration or funding for AI safety evaluation work, these differences in remit, funding scale, and academic-access routes are decisive.

    The UK AI Safety Institute is one node in a wider “International Network of AI Safety Institutes,” launched at the AI Seoul Summit in May 2024, bringing together technical bodies from the UK, US, Japan, Canada, the EU and other jurisdictions to coordinate — but not centralise — frontier AI risk assessment.

    What is the UK AI Safety Institute (AISI) today?

    The AI Security Institute is a directorate of the UK’s Department for Science, Innovation and Technology (DSIT), established in November 2023 following the Bletchley Park AI Safety Summit. Its mission, per GOV.UK, is “to minimise surprise to the UK and humanity from rapid and unexpected advances in AI.”

    A UK Parliament written statement of February 2025 confirmed the rebrand from “AI Safety Institute” to “AI Security Institute,” sharpening its focus on national-security-relevant risks such as cyber, chemical and biological misuse, alongside broader model evaluation work. The rename matters for researchers: many external directories still index the institute under its original name, which can misdirect funding enquiries.

    AISI holds pre-release testing access agreements with Anthropic, Google and OpenAI, and maintains Inspect, an open-source evaluation platform that lets companies, governments and academic teams run standardised AI safety tests without a bespoke agreement with AISI itself.

    How do the five institutes’ remits compare?

    All five bodies share a broad goal of understanding advanced-AI risk, but their statutory and operational remits diverge sharply — from hands-on evaluation to pure regulation.

    • UK AI Security Institute (AISI): evaluates frontier models, runs foundational safety research and grant programmes, and facilitates international information exchange.
    • US Center for AI Standards and Innovation (CAISI): sits inside NIST; focuses on testing, standards and national-security assessment. Renamed from “US AI Safety Institute” in 2025, mirroring the UK’s shift.
    • Japan AI Safety Institute (J-AISI): explicitly states it is not an R&D organisation; it consolidates evaluation methods and standards from industry and academia as a coordination hub.
    • Canada AI Safety Institute (CAISI): advances AI safety science with international partners, focused on synthetic-content risk and systems that could undermine human oversight.
    • EU AI Office: sits within the European Commission with an enforcement mandate — it supervises general-purpose AI models under the EU AI Act, the world’s first comprehensive statutory AI framework.

    Only the EU AI Office carries binding regulatory enforcement powers; the other four are advisory, evaluative and research-funding bodies without statutory power to compel compliance.

    Institute Parent body Core remit Direct academic funding
    UK AI Security Institute DSIT Evaluation, foundational safety research Yes — grants £50,000–£500,000
    US CAISI NIST / Dept. of Commerce Standards, national-security testing Limited — collaborative, not grant-led
    Japan J-AISI Government-affiliated hub Coordination, standards consolidation No — information-sharing role only
    Canada CAISI Innovation, Science and Economic Development Canada Safety science, synthetic-content risk Yes — via CIFAR-administered CAISI Research Program
    EU AI Office European Commission AI Act enforcement, GPAI supervision Indirect — via Horizon Europe / Digital Europe

    How is each institute funded?

    Funding scale is the clearest differentiator for institutions assessing where a grant application or evaluation partnership is likeliest to land.

    The UK AISI traces its funding to a £100 million initial investment behind the Frontier AI Taskforce, its 2023 predecessor body, and now runs the Alignment Project, a global research fund backed by more than £15 million. Grants under its Challenge Fund and Systemic AI Safety Grants typically range from £50,000 to £500,000 per award, open to UK and international applicants.

    The US CAISI operates on a comparatively modest footing: an initial budget of roughly $10 million for the 2024/25 fiscal year, with legislative proposals since floated to raise annual funding into the $67–155 million range — proposals, not yet appropriated funding.

    Canada’s AI Safety Institute is funded at CA$50 million over five years, of which CA$27 million has been channelled to the Canadian Institute for Advanced Research (CIFAR) to run the CAISI Research Program. Canada has also committed CA$1 million to the UK’s Alignment Project through CIFAR — a direct funding link institutions can leverage for joint bids.

    Japan’s J-AISI has not published a standalone budget, consistent with its coordination-only remit rather than direct grant-making. The EU AI Office likewise discloses no ring-fenced budget of its own; EU AI research funding flows through Horizon Europe and the Digital Europe Programme, together worth well over €1 billion annually, of which only a fraction is Office-directed academic work.

    How does each body engage external academic researchers?

    Engagement models range from direct grant-making to purely consultative input, which changes what “collaboration” actually means for a university research office.

    • UK AISI: direct grants to academic institutions and non-profits in the UK and internationally through the Challenge Fund, Systemic AI Safety Grants and the Alignment Project.
    • US CAISI: collaborative research relationships with universities to develop guidelines and voluntary standards, rather than large competitive grant rounds.
    • Japan J-AISI: partnership and information-sharing with academia and industry, consolidating findings rather than commissioning new funded research.
    • Canada CAISI: funding via CIFAR’s Catalyst Projects and Solution Networks, with awards up to CA$70,000 per year for up to two years, plus ties to Canada’s three national AI institutes — Amii, Mila and the Vector Institute.
    • EU AI Office: consultative input via the AI Board and a scientific panel of independent experts shaping codes of practice for general-purpose AI models, rather than a competitive grants pipeline.

    For a research administration office, this means the UK and Canadian institutes are the two realistic direct-funding routes today; the US, Japanese and EU bodies are better approached as standards-setting or advisory partners than as grant sources.

    Common questions

    Is the UK AI Safety Institute still called that?

    No. The UK AI Safety Institute was renamed the AI Security Institute in 2025, confirmed in a UK Parliament written statement, and the US counterpart was simultaneously renamed the Center for AI Standards and Innovation (CAISI). Both retain their original evaluation and research functions under the new names.

    What is the International Network of AI Safety Institutes?

    It is a coordination body launched at the AI Seoul Summit in May 2024, joining institutes from the UK, US, Japan, Canada, the EU and other governments. Its first formal meeting took place in November 2024, and it exists to align evaluation methods, not to centralise funding or enforcement power.

    How can an academic team apply for UK AISI funding?

    UK-based and international researchers can apply through AISI’s Challenge Fund or Systemic AI Safety Grants, with typical awards between £50,000 and £500,000, or through the cross-national Alignment Project, which pools UK and partner-government contributions, including Canada’s CA$1 million pledge via CIFAR.

    Does the EU AI Office fund academic AI safety research directly?

    Not directly. The EU AI Office is primarily a regulatory and enforcement body for the EU AI Act; academic AI research funding in the EU runs through Horizon Europe and the Digital Europe Programme, with the Office instead offering academics a consultative seat via its scientific panel and the AI Board.

    What this means for institutions seeking partnerships

    Research administration offices scoping AI safety evaluation collaborations should match their proposal to the right model rather than assuming one “AI Safety Institute” template applies globally. A UK or Canadian bid should target a named grant scheme with a defined award range; a US, Japanese or EU approach should be framed as standards-development or advisory input instead.

    Because only the UK and Canadian institutes run competitive, named academic grant programmes — and already share a funding link through CIFAR and the Alignment Project — joint UK–Canada bids are, as of mid-2026, the most concrete route into public frontier-AI-safety funding for external academic groups. The EU AI Office’s enforcement powers will likely reshape this landscape as AI Act obligations mature, but its funding role stays structurally indirect for now. Institutions should track each institute’s funding cycle separately rather than treat the international network as one funding body.