Reg (EU) 2024/1689Generate dossier — €249
LIVE — Fines tracker · Obligations calendar · Transposition status — Updated weekly from EUR-Lex, Safety Gate, OEIL and 12 official sourcesView regulatory intelligence →

AI Act compliance checklist for 2026: every document and obligation you need to have ready before 2 August 2026.

2 August 2026 is the general application date of Regulation (EU) 2024/1689 under Art. 113. Annex III high-risk systems must be fully compliant — technical documentation under Art. 11 + Annex IV, quality management system under Art. 17, conformity assessment under Art. 43, post-market monitoring plan under Art. 72, incident reporting procedure under Art. 73, and (for public bodies and private entities providing public services deploying Annex III 5(a)(b)(c) systems) a fundamental rights impact assessment under Art. 27. AI literacy under Art. 4 and Article 5 prohibitions have been in force since February 2025. AICheck generates the 12-document AI Act dossier in 45 minutes.

Generate AI Act dossier — €249Free: check your AI system risk

€249 one-time payment · 12 PDF documents in ZIP · 45 minutes · 100% in your browser

Regulation (EU) 2024/1689 · Article 11 + Annex IV · 12 documents · 100% browser-side — your data never leaves your machine

The numbers

12 documents
What an Annex IV dossier covers: classification, technical doc, DoC, QMS, deployer instructions, FRIA, post-market plan, incident template, AI literacy programme.
2 Aug 2026
Deadline. After this date, Annex III high-risk systems placed on the market must comply with Chapter III, Section 2.
8 areas
Annex III domains where high-risk obligations are triggered.

The 2026 checklist, in operational order

Roughly three months of work for an internal compliance team, or 45 minutes with AICheck if your information is already gathered. The order matters: classification first, then documentation, then operational systems.

1
Risk classification documented (Art. 6 + Annex III)
Whether you are inside or outside Annex III, the decision must be documented. For Annex III systems claiming Art. 6(3) derogation, documentation is mandatory before placing on the market under Art. 6(4), plus registration under Art. 49(2).
2
Technical documentation (Art. 11 + Annex IV)
The 9 blocks of Annex IV: (1) general description, (2) detailed description of elements and development process, (3) monitoring/functioning/control, (4) performance metrics, (5) risk management system, (6) lifecycle changes, (7) harmonised standards, (8) EU declaration of conformity, (9) post-market monitoring plan. SMEs and start-ups may use the simplified form referenced in Art. 11(1).
3
Quality management system (Art. 17)
A documented QMS covering 13 aspects (a–m): regulatory compliance strategy, design control, development quality, test/validation procedures, technical specs, data management, risk management (Art. 9), post-market monitoring (Art. 72), incident reporting (Art. 73), communication with authorities, record-keeping, resource management, accountability framework. Financial institutions can rely on equivalent internal-governance frameworks under Art. 17(4).
4
Conformity assessment (Art. 43)
For Annex III points 2 to 8: internal-control procedure under Annex VI (no notified body). For Annex III point 1 (biometrics): choice between Annex VI (internal control) and Annex VII (notified body), where harmonised standards have been applied; Annex VII otherwise. For Art. 6(1) systems: the conformity-assessment procedure under the relevant Annex I legal act.
5
EU Declaration of Conformity (Art. 47 + Annex V)
A signable document declaring conformity with the requirements. Must accompany the system at the moment of placing on the market and be made available to authorities on request. CE marking under Art. 48.
6
Registration in EU database (Art. 49)
Annex III high-risk systems must be registered before placing on market. Annex III point 2 (critical infrastructure) is registered at national level. Public-authority deployers also register under Art. 49(3).
7
Post-market monitoring plan (Art. 72)
Required from providers of high-risk AI. The plan is part of the Annex IV technical documentation. The Commission's template implementing act is due by 2 February 2026 under Art. 72(3).
8
Incident reporting procedure (Art. 73)
15 days general deadline, 10 days in case of death, 2 days for widespread infringement or Art. 3(49)(b) serious incident. Internal protocol, named responsible person, market surveillance authority contact.
9
Fundamental rights impact assessment (Art. 27)
Required for public bodies, private entities providing public services, and Annex III 5(b) and 5(c) deployers — before first deployment. Six elements (a–f). NOT required for Annex III point 2.
10
AI literacy programme (Art. 4)
Already in force since 2 February 2025. Providers and deployers must ensure sufficient AI literacy of staff and operators. A documented training plan is the standard evidence.

Three common mistakes

COMMON MISTAKE

"We still have time — the real deadline is 2027"

The general application date is 2 August 2026 under Art. 113. Only Art. 6(1) (AI as safety component of Annex I products) is deferred to 2 August 2027. The bulk of high-risk obligations, transparency under Art. 50, FRIA under Art. 27 and Art. 26 deployer obligations apply from 2 August 2026.

COMMON MISTAKE

"AI literacy is a nice-to-have for later"

Art. 4 (AI literacy) is in Chapter I and has been in force since 2 February 2025 under Art. 113(a). It applies to both providers and deployers, for staff and other persons dealing with the operation and use of AI systems on their behalf. Penalties under Chapter XII applied from 2 August 2025.

COMMON MISTAKE

"We will wait for the official Commission guidance"

Article 11 + Annex IV is exhaustive at the level of the 9 documentation blocks. Article 17 specifies 13 QMS aspects. The structure does not depend on additional Commission guidance — the regulation is directly applicable in all Member States from the dates in Art. 113. Waiting is not a compliance strategy.

Does the AI Act apply to your system?

Answer these four questions to determine your obligations.

Does your system use machine learning, logic-based, or statistical approaches?
Art. 3(1) — definition of "AI system"
Is the system placed on the EU market or does its output affect persons in the EU?
Art. 2(1) — territorial scope (extraterritorial via 2(1)(c))
Is your system used in any Annex III domain? (employment, credit, education, law enforcement, migration, justice, critical infrastructure, biometrics)
Art. 6(2) + Annex III — high-risk classification
Are you the provider (developer) or the deployer (user) of the system?
Art. 3(3) provider · Art. 3(4) deployer — different obligations

Take the full AI Act risk classification test →

What the ZIP contains

12 PDF documents generated from your inputs. Each cites the article of Regulation (EU) 2024/1689 it fulfils.

1

Risk Classification Report

Identifies whether your system is prohibited (Art. 5), high-risk (Art. 6 + Annex III) or subject to transparency obligations (Art. 50).

2

Technical Documentation

The 9 blocks of Annex IV in full: system description, training data, validation, performance metrics, risk management, human oversight. Art. 11 + Annex IV.

3

EU Declaration of Conformity

Signable document conforming to Art. 47 and Annex V.

4

Compliance Calendar

Key application dates: 2 Feb 2025, 2 Aug 2025, 2 Aug 2026, 2 Aug 2027. Art. 113.

5

Conformity Sheet

Executive summary of compliance status for authorities or commercial buyers. Art. 43 procedure.

6

Quality Management System (QMS)

QMS structure covering the 13 aspects required by Art. 17.

7

Deployer Instructions

Document for the entity deploying your system, conforming to Art. 13.

8

Evidence Checklist

Verifiable evidence list, cross-referenced to every Annex IV block.

9

Incident Report Template

Notification protocol conforming to Art. 73 (15 days general / 10 days death / 2 days widespread).

10

AI Literacy Programme

Training plan conforming to Art. 4, in force since 2 February 2025.

11

Post-Market Monitoring Plan

Plan structure required by Art. 72 and integrated into the technical documentation under Annex IV(9).

12

Fundamental Rights Impact Assessment (FRIA)

Template under Art. 27 for public bodies, private entities providing public services, and Annex III 5(b)(c) deployers.

See before you buy — Download a sample dossier (PDF, fictional company) — Real structure, real articles, real format. Fictional data.

Generated from your inputs, in your browser. No data leaves your machine.

What you pay

🧾 AI ACT COMPLIANCE CONSULTANCY
€5,000–€15,000
3–6 months. They explain the obligations to you.
✓ AICHECK
€249
12 documents. 45 minutes. Solves the documentation.

Technical documentation and conformity assessment: two layers

● LAYER 1

Technical documentation — Annex IV

12 documents. 45 minutes. €249. The documentation your system needs before being placed on the market.

∅ LAYER 2

Conformity assessment by notified body

If your system falls under Art. 43(1) (Annex III point 1 biometrics with notified-body route, or Annex I products), you will need third-party conformity assessment. That is a separate process. AICheck does not replace it.

We do not sell audits. We do not sell consultancy. We sell the tool that structures your documentation under Annex IV.

Penalty regime

Article 99 of Regulation (EU) 2024/1689. Chapter XII (Penalties) applies from 2 August 2025.

🇪🇺
Non-compliance with prohibited practices (Art. 5)
€35M / 7%

Art. 99(3). Up to €35 million or 7% of total worldwide annual turnover, whichever is higher. For SMEs and start-ups: whichever is lower (Art. 99(6)).

🇪🇺
Non-compliance with operator obligations (high-risk, transparency, deployer)
€15M / 3%

Art. 99(4). Includes failure to draw up technical documentation under Art. 11 + Annex IV. Covers obligations of providers (Art. 16), deployers (Art. 26), authorised representatives (Art. 22), importers (Art. 23), distributors (Art. 24), notified bodies (Art. 31, 33, 34) and transparency under Art. 50.

🇪🇺
Supply of incorrect, incomplete or misleading information
€7.5M / 1%

Art. 99(5). Applies when information provided to notified bodies or national competent authorities is wrong or misleading.

Documenting 5 or more AI systems?

If you operate multiple AI systems and need to document them all under Annex IV, contact us for volume pricing at hello@solidwaretools.com.

Request volume pricing
Reply within one business day

What AICheck guarantees, and what it does not

AICheck produces a document structured under Article 11 and Annex IV of Regulation (EU) 2024/1689 from the information you provide. The accuracy, truthfulness and completeness of that information is your responsibility as provider of the AI system.

We guarantee that the document structure follows Article 11 and Annex IV of Regulation (EU) 2024/1689 and that the legal references cited are correct as of the last verification date. We do not guarantee that a specific document will be accepted by a market surveillance authority in a given case, nor by a commercial buyer in a procurement process.

AICheck is not legal advice. For specific situations, consult a lawyer or specialised regulatory consultancy.

Frequently asked questions

What is mandatory before 2 August 2026?
For Annex III high-risk providers: risk classification documented (Art. 6 + Annex III), technical documentation under Art. 11 + Annex IV, quality management system under Art. 17, conformity assessment procedure completed under Art. 43, EU declaration of conformity under Art. 47, CE marking under Art. 48, registration in the EU database under Art. 49, post-market monitoring plan under Art. 72, incident-reporting procedure under Art. 73. For deployers in scope of Art. 27: a fundamental rights impact assessment before first deployment.
What documents does Article 11 require?
Article 11(1) refers to Annex IV, which lists 9 documentation blocks: (1) general description, (2) detailed description of elements and development process, (3) monitoring/functioning/control, (4) performance metrics, (5) risk management system per Art. 9, (6) lifecycle changes, (7) harmonised standards, (8) EU declaration of conformity per Art. 47, (9) post-market monitoring plan per Art. 72. SMEs and start-ups may submit Annex IV in a simplified form under Art. 11(1).
Do I need a notified body for Annex III high-risk?
For Annex III points 2 to 8: no. The conformity-assessment procedure is internal control under Annex VI (Art. 43(2)). For Annex III point 1 (biometrics): the provider chooses Annex VI (internal control) or Annex VII (with notified body) where harmonised standards apply; Annex VII otherwise. For Art. 6(1) systems (safety components of Annex I products): the procedure under the relevant Annex I legal act applies.
Is this a subscription?
No. One-time payment. The licence includes 30 days of editing and 10 regenerations. The PDF you download is yours to keep.
Can I request a refund?
Pursuant to Article 16(m) of Directive (EU) 2011/83 on consumer rights, by activating the licence you give express consent to the immediate generation of digital content, waiving the 14-day withdrawal right. Refunds are only accepted in the case of a reproducible technical failure.
What if the regulation changes?
If the regulation changes while your licence is active, you can regenerate the document with the updated version of the generator at no additional cost.

Official legal sources

⚠️ Important notice: AICheck is a documentary self-assessment tool, not legal advice nor a third-party audit. The document under Article 11 and Annex IV of Regulation (EU) 2024/1689 is generated from the data you input. The accuracy of that data is your responsibility. AICheck does not replace a qualified professional assessment.

Don't wait for the consultancy. Generate the Annex IV documentation for your AI system in your browser in 45 minutes.

Twelve documents. Annex IV fully structured. Regulation (EU) 2024/1689. Your data does not leave your machine. The ZIP you download is yours to keep.

€249 one-time payment
12 professional documents · 45 minutes · No subscription · 100% in your browser
Generate dossier — €249

Related landings

📋 Compliance

Compliance officer AI Act checklist — systems inventory
🏢 Multi-system

AI Act compliance with multiple AI systems
🇺🇸 US SaaS

US SaaS company — AI Act technical documentation
✓ Last regulatory verification: 11 May 2026 · No substantive changes detected · View history