EU AI Act Fines and Enforcement: Who Investigates, How Much, and When

The EU AI Act is law. Enforcement bodies exist, budgets are being allocated, and the first investigation procedures are already possible for GPAI model providers. If you build or deploy AI systems in the EU, understanding the fine structure and who has the power to investigate you is not a theoretical exercise — it is a core element of your risk management.

This article gives you a precise, legally accurate breakdown of the three-tier fine structure, the enforcement bodies at each level, what actually triggers an investigation, and a realistic assessment of when your organisation faces meaningful compliance risk.

The Three-Tier Fine Structure (Article 99)

The EU AI Act establishes three bands of administrative fines under Article 99. The applicable amount is the higher of the fixed ceiling or the percentage of global annual turnover for large companies, and the lower of the two for SMEs and mid-size organisations.

Violation category	Fixed ceiling	% of global turnover	SME rule
Prohibited AI practices (Article 5)	€35,000,000	7%	Lower of the two
Provider/deployer obligations for high-risk AI; GPAI violations	€15,000,000	3%	Lower of the two
Providing incorrect or misleading information to authorities	€7,500,000	1%	Lower of the two

The first band targets the most serious conduct: deploying AI systems that the Act explicitly bans. These include social scoring by public authorities, real-time remote biometric identification in public spaces without legal authorisation, and AI that exploits psychological vulnerabilities. If your system falls into these categories and you deploy it, you face the highest possible fine regardless of whether you caused demonstrable harm.

The second band covers the operational obligations that the majority of regulated companies will deal with: conformity assessments, technical documentation, post-market monitoring, human oversight mechanisms, and GPAI model transparency requirements. This is where most enforcement activity will concentrate.

The third band is specifically designed to capture companies that try to manage their way through an investigation by providing inaccurate data, incomplete documentation, or misleading responses to authority requests.

Periodic Penalty Payments (Article 100)

Beyond one-time fines, Article 100 gives enforcement authorities the power to impose ongoing periodic penalty payments of up to 5% of average daily global turnover. These payments continue until the company brings itself into compliance. For a company with €100M in annual revenue, that is approximately €13,700 per day. Periodic penalties are a tool to compel action, not just punish past conduct.

Criminal Sanctions

The AI Act itself does not create criminal offences — that remains a member state prerogative. Several EU member states are expected to legislate criminal liability for the most serious AI Act violations, particularly those involving prohibited practices that cause harm to individuals. Companies operating in Germany, France, or Italy in particular should monitor national implementing legislation.

Who Enforces What: The Enforcement Architecture

The EU AI Act deliberately splits enforcement across multiple bodies depending on the type of AI system involved.

The EU AI Office

The EU AI Office, established within the European Commission, holds direct enforcement power over providers of general-purpose AI (GPAI) models under Articles 88 to 94. This is the only enforcement body with EU-wide direct jurisdiction over a specific class of company.

If you provide a GPAI model — meaning a model trained on large amounts of data that can perform a wide range of tasks — the AI Office can initiate investigations, request documentation, conduct evaluations, and impose fines directly. GPAI obligations became applicable in August 2025. The AI Office's enforcement powers have been active since that date.

The GPAI Code of Practice, developed under AI Office oversight, gives model providers a structured path to demonstrate compliance. Adherence to the Code is treated as a mitigating factor in enforcement proceedings.

National Market Surveillance Authorities

For high-risk AI systems listed in Annex III — which covers areas such as employment screening, credit scoring, biometric identification, critical infrastructure, education, and law enforcement — national market surveillance authorities (MSAs) in each EU member state are the primary enforcement bodies.

These are typically the same bodies that enforce product safety regulations. In Germany, this function will sit with the BAuA and sector-specific regulators. In France, the DGCCRF and ANSSI have relevant roles. In Ireland, which hosts many large tech company EU headquarters, the enforcement framework is still being finalised.

The national enforcement frameworks must be fully operational by August 2026 (postponed to 2 December 2027 under the AI Omnibus agreement), when high-risk AI system obligations become fully applicable. Until then, national authorities are preparing, but systematic enforcement against high-risk AI providers is not yet expected at scale.

Data Protection Authorities

Where an AI Act violation also involves the processing of personal data, data protection authorities (DPAs) may take concurrent action under GDPR. Several member states have designated their DPA as the competent authority for AI Act enforcement in specific domains, particularly where the AI system processes personal data as its primary function. The French CNIL, for example, has indicated an active interest in AI system auditing.

DPAs do not enforce the AI Act independently — their role is coordinated with the national MSA — but a company that receives a GDPR investigation may simultaneously face AI Act scrutiny.

Sectoral Regulators

Certain sectors have their own enforcement overlay:

Financial services: The European Banking Authority (EBA), European Securities and Markets Authority (ESMA), and European Insurance and Occupational Pensions Authority (EIOPA) provide guidance and may coordinate with national MSAs for AI systems used in credit, investment, and insurance contexts.
Medical devices: Notified bodies under MDR and IVDR assess AI-embedded devices. Their findings can trigger AI Act compliance reviews by the relevant national authority.
Aviation and automotive: Safety authorities in these sectors may act as coordinating bodies for high-risk AI systems deployed in critical infrastructure.

The European AI Board

The European AI Board (Article 65) is a coordination body, not a direct enforcement body. It brings together representatives of national supervisory authorities and the AI Office to ensure consistent application of the Act across member states. The Board can issue opinions, coordinate cross-border cases, and recommend enforcement actions to national authorities — but it does not itself impose fines or conduct investigations.

What Triggers an Investigation

Understanding what causes an enforcement action to begin is at least as important as understanding the penalties.

Serious Incident Reporting

Under Article 73, providers of high-risk AI systems are required to report serious incidents to the relevant national market surveillance authority without undue delay. A serious incident is defined as any incident that results, or might result, in the death or serious harm to the health of persons, serious and irreversible disruption to the provision of essential services, or significant harm to fundamental rights.

Deployers of high-risk AI systems have a parallel obligation under Article 74 to notify the provider and relevant authority when they identify a serious incident or malfunction.

Incident reports create a direct trigger for regulatory scrutiny. A company that self-reports is in a materially better position than one where the incident is discovered independently.

Market Surveillance Investigations

National MSAs have the power to initiate investigations based on their own intelligence, sector-wide sweeps, and risk assessments. They do not need a specific complaint to open a file. Cross-border cases — where a system is provided from one member state and deployed in several others — are coordinated through the European AI Board.

Complaints from Individuals and Organisations

Any natural or legal person who believes they have been affected by a non-compliant AI system can submit a complaint to the relevant authority. Civil society organisations, trade unions, and consumer groups are already developing complaint mechanisms. The Act explicitly requires authorities to handle such complaints and inform complainants of outcomes.

AI Office Referrals and Own-Initiative Review

The AI Office can refer GPAI-related concerns to national authorities and can initiate its own reviews of GPAI models independently. As the AI Office builds its operational capacity through 2025 and 2026, the volume of own-initiative reviews is expected to increase.

Who Is Actually at Risk Right Now

Enforcement risk is not uniform. Here is a realistic assessment as of mid-2026:

Highest near-term risk: Providers of GPAI models with EU users. The AI Office has been active since August 2025, GPAI obligations are fully in force, and the AI Office has signalled its intent to prioritise systemic risk models. If you provide a foundation model or a large-scale general-purpose model, you are in scope now.

Medium near-term risk: Companies deploying high-risk AI systems in regulated sectors — particularly credit, employment screening, and health — who have not begun their conformity assessment process. While systematic national enforcement does not begin until August 2026 (postponed to 2 December 2027 under the AI Omnibus agreement), incident-triggered investigations can happen at any time.

Lower near-term risk (but increasing): Deployers of limited-risk AI systems and companies using commercially purchased AI tools. Deployer obligations are lighter, but they are not zero. Deployers who do not conduct a FRIA where required, or who fail to maintain the use logs required under Article 26, are accumulating compliance debt.

Mitigating Factors

Enforcement authorities are required to consider mitigating factors when calculating fines. These include:

Documented good-faith compliance efforts: having a technical file, even an incomplete one, demonstrates intent
Participation in an approved regulatory sandbox (Article 57)
Voluntary cooperation with the investigating authority
Adherence to the GPAI Code of Practice
Prompt remediation of identified issues
Self-reporting of serious incidents rather than waiting to be discovered

The practical implication is clear: beginning your compliance process now, and documenting that process, materially reduces your exposure even if your compliance is not yet complete.

Generating Your Compliance Documentation

The four documents that matter most in an enforcement context are the Technical Documentation (Annex IV), the EU Declaration of Conformity, the Fundamental Rights Impact Assessment (FRIA), and the Transparency Notice. Together, they demonstrate that you have assessed your system, understood its risks, and taken proportionate steps to manage them.

DilAIg generates all four documents from a structured 50-question audit — giving you the documented evidence trail that enforcement authorities look for and that mitigating factor assessments reward. Start your audit at dilaig.com.

FAQ: EU AI Act Fines and Enforcement

Q: Can I be fined before August 2026? Yes, if you are a GPAI model provider. GPAI obligations applied from August 2025 and the AI Office can enforce them now. For high-risk AI systems, the full national enforcement framework applies from August 2026 (postponed to 2 December 2027 under the AI Omnibus agreement), but incident-triggered investigations are possible at any time.

Q: Does the percentage or the fixed amount apply? For large companies, the higher of the two applies. For SMEs and micro-enterprises, the lower of the two applies. "SME" here follows the EU standard definition: fewer than 250 employees and either annual turnover under €50M or a balance sheet under €43M.

Q: What is the difference between a provider and a deployer for enforcement purposes? Providers (companies that develop and place AI systems on the market) carry the heaviest obligations and face the highest fines. Deployers (organisations that use an AI system in their own operations) have lighter obligations but are still subject to Article 99 fines for violations of their specific duties — including failure to conduct a FRIA where required or failure to maintain use logs.

Q: If I buy an AI system from a third-party vendor, am I still at risk? Yes, as a deployer. If the vendor's system is non-compliant and you deploy it, you share compliance responsibility. You should require your AI vendors to provide evidence of conformity assessment and technical documentation. Contractual allocation of AI Act responsibility is becoming a standard element of enterprise software procurement.

Q: Does cooperation with the AI Office help if you are under investigation? Yes, materially. Cooperation is explicitly listed as a mitigating factor in fine calculations. Providing complete documentation promptly, responding accurately to information requests, and self-reporting issues reduces both the likelihood of the maximum fine and the duration of the investigation.

Key Takeaways

The EU AI Act establishes three fine tiers: up to €35M/7% for prohibited practices, €15M/3% for provider and deployer obligation violations, and €7.5M/1% for providing incorrect information to authorities.
For large companies, the higher of the fixed amount and the percentage applies. For SMEs, it is the lower.
The EU AI Office enforces directly against GPAI model providers. National market surveillance authorities enforce against high-risk AI system providers and deployers.
GPAI enforcement is active now (since August 2025). Full national enforcement for high-risk systems begins August 2026 (postponed to 2 December 2027 under the AI Omnibus agreement).
Investigations can be triggered by serious incident reports, market surveillance sweeps, individual complaints, or AI Office referrals.
Documented compliance efforts, incident self-reporting, and cooperation with authorities are all recognised mitigating factors.
The four mandatory documents — Technical Documentation, Declaration of Conformity, FRIA, Transparency Notice — form the evidentiary backbone of any enforcement defence.