The European Commission has published its final voluntary Code of Practice for general‑purpose AI on July 10, 2025, alongside binding guidelines clarifying obligations for models deemed to pose systemic risk. These releases precede the August 2 enforcement deadline under the EU’s AI Act.

The Code of Practice aims to help providers meet transparency, copyright, and safety obligations under Regulation (EU) 2024/1689, while the guidelines lay out requirements for high-capability AI systems facing systemic risks. Together, they seek to support firms in preparing for the phased rollout of compliance. (Reuters)

Compliance obligations begin on August 2, 2025 for general‑purpose AI models, with enforcement kicking in in August 2026 for new models. Providers face penalties up to €35 million or 7% of global turnover for violations. (Reuters)

Voluntary Code of Practice Offers Legal Certainty

The Code, developed by 13 independent experts over months of stakeholder engagement, provides structured guidance on transparency, copyright safeguards, and system security. Signatory companies gain a rebuttable presumption of compliance with certain AI Act provisions. (EU Digital Strategy)

Although signing the Code is voluntary, the Commission states that non‑signatories may face greater regulatory scrutiny and lack the administrative relief enjoyed by signatories. (Reuters)

Guidelines Clarify Systemic‑Risk Thresholds

On July 18, new guidelines defined “systemic‑risk” general‑purpose AI models as those with advanced capabilities—typically exceeding 10²⁵ FLOPS. These models must conduct risk evaluations, adversarial testing, incident reporting, and cybersecurity assessments. (Reuters)

Providers launching high‑capability models before the August 2 deadline have until August 2, 2027 to fully align with all requirements. Enforcement begins in 2026 for new systems. (Reuters)

Tech Companies Split on Joining the Code

Meta has declined to sign the Code, arguing it exceeds the legal scope of the AI Act and introduces regulatory risks. Joel Kaplan, Meta’s global affairs chief, warned it could stifle AI innovation. (The Verge)

Microsoft, in contrast, signaled its intention to become a signatory. OpenAI and French startup Mistral have already committed. An open letter from over 45 European companies—including Airbus, Philips and Mercedes-Benz—urged a two-year delay to give the industry room to adapt. (Reuters, AP News)

Enforcement Timeline Unchanged Despite Calls for Delay

The Commission reaffirmed there will be no delay in the AI Act’s implementation schedule. It emphasized that obligations tied to GPAI models will apply as planned in August 2025. (Reuters)

A European AI Board representative clarified there will be no “pause” in enforcement, although consideration of delayed application of the voluntary Code itself is under review. (IAPP)

What Comes Next

As the August 2 compliance deadline approaches, AI providers operating in the EU must assess readiness, prioritize transparency measures, and decide whether to sign the Code for legal support and smoother regulatory engagement.

The Code and guidelines mark the first concrete framework for GPAI compliance. They set a precedent for global regulatory approaches to advanced AI deployment grounded in safety, accountability, and transparency.

Sources: Reuters, AP News, The Verge, EU Digital Strategy