Your organisation’s obligations under the EU AI Act are not the same regardless of how you engage with an AI system. The actor role — determined from the system profile — dictates which obligations apply and who is responsible for each.
EAB derives the actor role from the system registration and technical profile. The obligation set activates automatically. Nothing is left to interpretation.
“An organisation that does not know its actor role does not know its obligations. The role is not a label — it is the source of the obligation set.”
The EU AI Act distinguishes between providers, deployers, importers, and distributors — and each role carries a different obligation profile. A deployer who modifies a high-risk AI system becomes a provider under Art. 25. An organisation that simultaneously develops and deploys a system carries obligations from both roles. EAB handles dual roles, role cascades, and role transitions — not just the simple case.
The actor role is determined from the information captured during system registration: who developed it, who controls it, how it was placed on the market, and whether modifications were made. EAB uses this profile to derive the role under Art. 2 and 3 — the supervisor reviews and confirms the determination before obligations are activated.
Once confirmed, the obligation set is derived automatically. A provider of a high-risk system carries Art. 9–17 obligations. A deployer carries Art. 26 obligations. A distributor carries Art. 24. Each obligation is assigned to the role responsible — and that assignment is explicit in the record, not left to internal coordination.
Role determination is not a label. It is the mechanism that drives the obligation set for every AI system in the registry.
The actor role is derived from the system profile using a structured assessment against Art. 2 and 3 criteria. The supervisor reviews and confirms the determination — it is not self-selected from a dropdown.
When a deployer modifies a high-risk AI system in a way that triggers provider obligations under Art. 25, EAB identifies the dual-role condition and activates both obligation sets. The condition is documented and attributed.
Once the actor role is confirmed, the obligation set activates automatically. Provider obligations, deployer obligations, importer obligations — each derived from the role, not entered by hand. The mapping is explicit and article-referenced in the record.
Each obligation in the active set is assigned to the role responsible for satisfying it. When multiple roles exist within the organisation, the assignment is explicit — there is no ambiguity about who owns which obligation.
When a system is modified, redeployed, or transferred, the actor role may change. EAB flags role-relevant system changes for re-assessment — the new role determination creates a new record without modifying the previous one.
The role determination record states which articles apply, which do not, and the basis for each determination. Non-applicability is explicitly documented — an auditor sees a stated position at every obligation area.
Actor role assessment is included in every EAB plan. The obligation set follows automatically — no manual mapping, no interpretation required.
EU-hosted · Anchored to CELEX 32024R1689
Tell us about your organization and what you’re looking to address. We’ll follow up with the relevant information.
