TL;DR: The European Union has taken a significant step in regulating artificial intelligence with the publication of the General-Purpose AI (GPAI) Code of Practice as part of the EU AI Act framework.
GPAI Code of Practice is a voluntary code that represents a crucial development in AI governance. It provides industry players with a structured approach to compliance while addressing key concerns around safety, transparency, and copyright protection.
European AI Act Compliance Course: From Basics to Full Mastery
The EU AI Act is here—and compliance is now a must. This course gives you the tools to turn complex AI regulation into action. Learn the Act’s core principles, risk categories, and obligations, then put them into practice with ready-to-use templates and checklists.
What Is GPAI Code of Practice and Why Is It Important?
On 10 July 2025, the European Commission published the General-Purpose AI (GPAI) Code of Practice, a voluntary framework designed to help AI model providers comply with the EU AI Act—specifically regarding safety, transparency, and copyright.
Developed by independent experts via a multi-stakeholder process, the Code serves as a streamlined alternative to other, more burdensome compliance mechanisms under the Act. By adhering to it, providers of GPAI models may gain legal certainty while reducing administrative costs.
The publication of the GPAI Code of Practice marks a key milestone in the rollout of the EU AI Act. While voluntary, its adoption signals alignment with EU values of trustworthy and safe AI—and offers practical benefits for providers preparing to navigate the Act’s complex requirements.
GPAI Code of Practice Publication and Development
The European Commission officially released the GPAI Code of Practice on July 10, 2025. The code was developed through a comprehensive multi-stakeholder process led by independent experts, ensuring that diverse perspectives and expertise were incorporated into its framework. This collaborative approach reflects the EU’s commitment to inclusive policymaking in the rapidly evolving AI landscape.
Are you ready for the EU AI Act’s deadline?
eyreACT’s AI Act compliance platform will help organisations like yours seamlessly navigate these complex requirements. Be among the first to access our comprehensive solution for AI system classification, risk assessment, and ongoing compliance management.
The Code of Practice: Structure and Scope
The Code of Practice is organised into three distinct chapters, each addressing specific aspects of AI governance:
Chapter 1: Transparency
This chapter applies to all general-purpose AI model providers and addresses the transparency obligations outlined in Article 53 of the AI Act. The specific requirements and implementation details for transparency measures are not detailed in the available information.
Chapter 2: Copyright
Also applicable to all GPAI model providers under Article 53, this chapter focuses on copyright-related obligations and compliance measures. The exact provisions regarding copyright protection and intellectual property rights are not specified in the current information.
Chapter 3: Safety and Security
This chapter specifically targets providers of advanced AI models that pose systemic risks, as defined under Article 55 of the AI Act. It addresses the enhanced safety and security obligations that apply to these high-risk systems.
Assessment and Endorsement Process
Following the code’s publication, Member States and the European Commission are currently conducting an assessment of its adequacy. This evaluation period is expected to conclude in the coming weeks, after which the code may receive official endorsement. The assessment process ensures that the code meets the necessary standards and effectively addresses the AI Act’s objectives.
Code of Practice Implementation Timeline
The timeline for the GPAI Code of Practice implementation is closely aligned with the AI Act’s enforcement schedule:
- July 10, 2025: Code of Practice published
- August 1, 2025: Public listing of signatories
- August 2, 2025: AI Act obligations for GPAI providers take effect
Code of Practice Signatory Process
The EU AI Office has initiated an invitation process for GPAI providers to sign the Code of Practice. This voluntary commitment process allows providers to signal their intent to adhere to the code’s provisions.
Signatories will be publicly listed on August 1, 2025, just one day before the AI Act’s obligations for GPAI providers become enforceable.
Code of Practice Enforcement Approach
The European Commission has indicated that its enforcement strategy will prioritize monitoring signatories’ adherence to the Code of Practice. This approach provides participating companies with greater predictability in regulatory oversight while maintaining accountability for compliance with the established standards.
Book a Demo and Simplify AI Act compliance
EU AI Act is more complex than GDPR but we help you nail it. From automated AI system classification to ongoing risk monitoring, we’re creating the platform of developer-friendly, business-friendly tools you need to confidently deploy AI within the regulatory European framework.
Signing the Code of Practice: What It Means
The EU AI Office has invited GPAI providers to sign the Code of Practice ahead of the AI Act’s enforcement date for GPAI obligations, which is 2 August 2025.
- Signatories will be publicly listed on 1 August 2025.
- Signing indicates a provider’s intent to comply with the Code’s principles.
- It provides streamlined compliance and shifts enforcement focus toward monitoring signatories rather than imposing broader administrative checks.
This voluntary participation also offers greater predictability for providers entering a newly regulated space.
Benefits for Industry Compliance
The GPAI Code of Practice offers several advantages for AI model providers who choose to adopt it voluntarily:
- Streamlined compliance: Providers can demonstrate compliance with AI Act obligations through a standardised framework
- Reduced administrative burden: The code offers a more efficient path to compliance compared to alternative methods
- Greater legal certainty: Adopting the code provides clearer guidance on regulatory expectations and requirements
- Predictable enforcement: The Commission has indicated it will focus enforcement efforts on monitoring adherence to the code among signatories.
Code of Practice Limitations and Information Gaps
It is important to note that our Code of Practice overview is based on limited available information about the GPAI Code of Practice. Several key aspects require further clarification, including:
- Specific technical requirements within each chapter
- Detailed compliance procedures and methodologies
- Enforcement mechanisms and penalties for non-compliance
- Criteria for determining systemic risk under Article 55
- Exact content of the questions and answers resource
- Assessment criteria being used by Member States and the Commission
Final Thoughts
The GPAI Code of Practice represents a significant milestone in AI regulation, offering a voluntary framework for industry compliance with the EU AI Act. By providing a structured approach to transparency, copyright protection, and safety measures, the code aims to balance innovation with responsible AI development.
As the assessment process continues and the implementation date approaches, the code’s effectiveness in achieving these objectives will become clearer.
The voluntary nature of the code, combined with the benefits it offers to signatories, suggests a pragmatic approach to AI governance that seeks to encourage industry participation while maintaining regulatory oversight.
The success of this framework will likely influence future AI regulation both within the EU and internationally.
Frequently Asked Questions (FAQ)
What is the GPAI Code of Practice?
A voluntary framework published by the European Commission to help GPAI model providers comply with specific EU AI Act obligations related to transparency, safety, and copyright.
Is the Code of Practice legally binding?
No. GPAI Code of Practice is voluntary, but adoption provides a recognized path to demonstrate compliance and reduce regulatory overhead.
Who can sign the Code?
Any provider of General-Purpose AI models within the scope of the AI Act. Signing is encouraged especially for those subject to Articles 53 and 55.
What happens after signing?
The provider’s name is published in a public list on 1 August 2025, and the Commission focuses enforcement on ensuring the signatory adheres to the Code’s commitments.
What are Articles 53 and 55 of the AI Act?
- Article 53 pertains to obligations for all GPAI model providers, particularly around transparency and copyright.
- Article 55 adds further requirements for advanced GPAI models with systemic risk, specifically around safety and security.
What are the benefits of signing the Code of Practice?
- Demonstrates AI Act compliance
- Reduces administrative burden
- Offers greater legal certainty
- Ensures enforcement predictability
- Enhances reputational trust
Key Definitions of the Code of Practice
| Term | Definition |
|---|---|
| GPAI (General-Purpose AI) | AI models designed to perform a wide range of tasks and adaptable across multiple domains without fine-tuning for a specific application. |
| Code of Practice | A voluntary set of principles and guidelines designed to help organizations meet regulatory requirements. |
| AI Act | The European Union’s comprehensive regulation on artificial intelligence, setting obligations for various categories of AI systems. |
| Systemic Risk | Refers to AI models with potential wide-scale impact, including risks to public safety or democratic processes, as outlined in Article 55. |
| Transparency | Requirements to disclose how AI models work, their capabilities, limitations, and training methods. |
| Copyright (in AI context) | Legal obligations related to using copyrighted content in AI training and ensuring the rights of content creators are respected. |
| Safety and Security | Measures ensuring AI systems operate reliably and do not pose harm to users, systems, or society at large. |
| Multi-Stakeholder Process | A collaborative development approach involving representatives from industry, academia, government, and civil society. |
| Signatory | An organization that formally agrees to adhere to the Code of Practice. |
| AI Office | The EU body responsible for implementing and monitoring compliance with the AI Act, including coordination of the Code of Practice. |
Important Disclaimer
We will update this article once further information or clarifications are released by the Commission or AI Office. Any new information should be reviewed directly—as of now, this is the latest verified information available.
