EU AI Act GPAI enforcement starts 2 August 2026: what can you be fined for, and how does sovereign deployment cut exposure?
From 2 August 2026 the EU AI Office can actively enforce against general-purpose AI providers, with fines up to 15 million euro or 3 percent of global turnover.
What actually happens on 2 August 2026?
From 2 August 2026 the EU AI Office gains active enforcement powers over providers of general-purpose AI (GPAI) models. It can send documentation requests, require model evaluations, investigate systemic-risk models and levy fines of up to 15 million euro or 3 percent of global annual turnover, whichever is higher. The obligations on GPAI providers existed on paper from 2 August 2025, but the enforcement teeth switch on a year later. If you build or place a general-purpose model on the EU market, this is the date the regulator can start asking hard questions and issuing penalties.
One thing to be precise about: this milestone is about GPAI, not the broader high-risk rules. The standalone high-risk obligations under Annex III have been deferred to 2 December 2027 under the Digital Omnibus. So 2 August 2026 is the GPAI enforcement switch, not the day every high-risk deployment becomes penalisable. Getting those two dates right matters, because a lot of compliance planning has quietly assumed the wrong one.
What can you actually be fined for?
The GPAI penalty exposure centres on provider duties. In plain terms, a GPAI provider can be fined for failing to maintain and supply technical documentation about the model, failing to give downstream deployers the information they need to comply, not putting a copyright policy in place, not publishing a sufficiently detailed summary of training content, and, for models designated as carrying systemic risk, not meeting the heightened evaluation, adversarial-testing, incident-reporting and cybersecurity duties. The 15 million euro or 3 percent figure is the ceiling for GPAI-specific breaches. Refusing or obstructing the AI Office, by ignoring a documentation request or supplying incorrect or misleading information, is separately punishable.
The honest reading for most buyers: you are probably not the GPAI provider. You are a deployer. Your exposure is inherited, not original. But inherited exposure is still exposure, and it is the part you can control.
If I only use AI, am I off the hook?
No, and this is the trap. Most regulated organisations, banks, hospitals, government departments and defence primes, are deployers, not model builders. You take a general-purpose model and put it to work. You still carry downstream duties: using the model within the terms and information the provider gives you, keeping your own records, and being able to show what the system did and why when a supervisor or auditor asks.
The problem with cloud GPAI is that your provenance trail runs through someone else's infrastructure. You depend on the provider's documentation, their training-data summary, their update cadence and their willingness to hand you evidence on your timeline rather than theirs. When the model silently changes under you, your audit story changes with it, and you may not even know. Your compliance file is only as complete as what a third party chooses to expose.
How does sovereign deployment reduce exposure?
Running a licensed model inside your own walls changes what you can prove. Under Mickai, a regulated deployer runs a sealed-corpus model on hardware they own, offline, with no dependency on an external provider staying online or staying cooperative. Every consequential action is written into a post-quantum signed audit ledger using ML-DSA-65 (FIPS 204). The practical effect is a clean, self-contained documentation and provenance trail that lives on the device, not in a vendor's cloud.
That helps a deployer answer the questions the Act actually asks. What model was in use on a given date? What was it trained and tuned on? What did it do, when, and who authorised it? Because the corpus is licensed and sealed and the model does not mutate underneath you, the answer is fixed and verifiable rather than reconstructed after the fact. When the regulator, or your own second line, wants evidence, it is already sealed and signed on-device. The architecture sits behind 104 filed UK patent applications and 2,340 formal claims, but the point for a buyer is simpler: the record is yours.
Here is the honest limit. Mickai does not exempt anyone from the EU AI Act. It does not turn a deployer into a non-deployer, and it does not remove a single legal duty. What it does is make the deployer's paperwork verifiable, tamper-evident and self-contained, so that meeting those duties is a matter of exporting sealed records rather than chasing a third party. We are an ally to the team doing the compliance work, not a magic bullet that makes the work disappear.
Does this only matter for models with systemic risk?
The heaviest GPAI duties, structured evaluations, adversarial testing and systemic-risk reporting, fall on the largest models designated as carrying systemic risk. Most deployers will never operate at that tier. But the baseline duties, documentation, transparency to downstream users, and copyright and training-content disclosure, apply across the board, and the fine ceiling is real. The value of a sealed on-device ledger is the same at any tier: it turns "we think we can show this" into "here is the signed record."
What should a regulated buyer do before August 2026?
Three practical steps. First, work out whether you are a provider or a deployer for each AI system you run, because your duties and your exposure differ sharply. Second, map where your provenance evidence actually lives today, and ask whether you could produce it on a regulator's timeline without a third party's help. Third, treat auditability as an architecture decision, not a policy document: the cleanest way to prove what a model did is to run it somewhere you control and seal the record as it happens.
That is the case for sovereign deployment. Not as a shortcut around the Act, but as the shortest honest path to being able to prove compliance when someone asks.
What Mickai does about it
Mickai gives regulated deployers a way to run licensed, sealed-corpus AI inside their own walls, offline, with every consequential action written to a post-quantum signed audit ledger. It does not exempt you from the EU AI Act. It makes your documentation and provenance verifiable on-device, so that when the AI Office, a supervisor or an internal auditor asks what your model did and why, the evidence is already sealed, signed and yours.
“From 2 August 2026 the EU AI Office can actively enforce against GPAI providers, with fines up to 15 million euro or 3 percent of global turnover.”
Frequently asked questions
What starts on 2 August 2026 under the EU AI Act?
The EU AI Office gains active enforcement powers over general-purpose AI (GPAI) providers. It can issue documentation requests, require model evaluations and levy fines up to 15 million euro or 3 percent of global annual turnover. The GPAI obligations existed on paper from 2 August 2025, but enforcement switches on a year later.
Do the high-risk (Annex III) obligations also apply from August 2026?
No. Under the Digital Omnibus, the standalone high-risk obligations under Annex III have been deferred to 2 December 2027. The 2 August 2026 date is specifically the GPAI enforcement milestone, not the point at which every high-risk duty becomes penalisable.
What can a GPAI provider actually be fined for?
Failing to maintain technical documentation, not giving downstream deployers the information they need, not having a copyright policy, not publishing a sufficient training-content summary, and, for systemic-risk models, failing heightened evaluation, testing, incident-reporting and cybersecurity duties. Obstructing the AI Office is separately punishable.
If my organisation only uses AI, am I exposed?
Yes, but differently. Most regulated organisations are deployers, not providers. You inherit downstream duties from the GPAI models you use: applying them within the provider's terms, keeping your own records, and being able to show what the system did and why. That inherited exposure is the part you can control.
Does Mickai exempt me from the EU AI Act?
No. Mickai does not remove a single legal duty or turn a deployer into a non-deployer. What it does is make your documentation and provenance verifiable and self-contained on-device, so meeting those duties becomes a matter of exporting sealed, signed records rather than chasing a third party.
How does running a model on our own hardware help with an audit?
A sealed-corpus model that runs offline and does not mutate underneath you produces a fixed answer to the questions auditors ask: which model, trained on what, doing what, authorised by whom. Under Mickai every consequential action is written to a post-quantum signed audit ledger (ML-DSA-65, FIPS 204), so the evidence is tamper-evident and already on the device.




