What do you need to know about the roles?
The AI Act assigns obligations based on your role in the AI supply chain. One company can hold multiple roles for different systems or at different stages.
Providers (Developers)
You are a Provider if: you develop or place an AI system on the EU market under your name/brand; you substantially modify an AI system; or you integrate a general-purpose model into a high-risk application and take responsibility for it.
Key responsibilities:
- Risk management across the lifecycle
- Data governance (quality, representativeness, bias controls)
- Technical documentation and record-keeping
- Logging and traceability by design
- Human oversight enablement (meaningful intervention possible)
- Accuracy, robustness, and cybersecurity controls
- Quality management system
- Conformity assessment and CE marking (where applicable)
- EU database registration for high-risk AI
- Post-market monitoring and serious-incident reporting
Importers
You are an Importer if you place AI systems from non-EU countries on the EU market.
Key responsibilities:
- Place only compliant AI systems on the market
- Verify CE marking, EU declaration of conformity provider identity, and that instructions are available in required EU languages
- Ensure technical documentation can be furnished to authorities on request
- Ensure storage and transport conditions preserve compliance
- If non-compliance or risk is suspected: do not place on the market; inform the provider and authorities; take corrective actions
Distributors
You are a Distributor if: you make AI systems available within the EU supply chain without being the provider or importer.
Key responsibilities:
- Before making it available: check CE marking, labeling, and that required instructions accompany the product
- Ensure storage/transport do not compromise compliance, cooperate with market surveillance authorities
- Keep records of complaints and non-conformities; take corrective actions and notify when issues arise
Get ready for the EU AI Act
The EU AI Act is redefining how organizations utilize artificial intelligence by providing a clear framework that aligns innovation with ethical and regulatory standards. By understanding these guidelines, businesses can maximize the potential of AI while ensuring compliance with evolving rules.
How We Empower Your AI Journey
At Eraneos, we combine in-depth expertise with proven methodology. Our pragmatic approach delivers risk-oriented, audit-proof solutions that really work in practice. We provide support in the following areas and many more:
- Support in classifying your AI systems
- Estimation of follow-up efforts depending on the classification of the AI systems and creation of decision options
- Consideration of the requirements for the development and use of AI systems already when designing the use cases
- Ensuring AI competence in accordance with Article 4 (initial training)
- Regulatory-compliant documentation and ensuring auditability
- Codes of conduct and governance mechanisms (voluntary for non-high-risk AI systems) in line with the EIOPA AI governance principles
- Ensuring an approval process for AI solutions before they are used in production