Source: OJ L, 2024/1689, 12.7.2024

Current language: EN

Article 95 Codes of conduct for voluntary application of specific requirements


Summary What does Article 95 of the AI act regulation say?

This article establishes a voluntary codes of conduct mechanism, sitting outside the mandatory requirements that apply to high-risk AI systems.

It tasks the AI Office and Member States with encouraging and facilitating the creation of these codes, which are designed to extend good practice — such as the high-risk requirements found in Chapter III, Section 2 — on a voluntary basis to AI systems that fall below the high-risk threshold.

The article also sets out a broad range of themes these codes may address, from environmental sustainability to AI literacy and the protection of vulnerable persons, and makes clear that the codes can be drawn up by providers, deployers, industry bodies, civil society, and academia.

Important points:

  • The AI Office and Member States are required to encourage and facilitate the drawing up of voluntary codes of conduct, particularly for non-high-risk AI systems.
  • Codes of conduct can be created by providers, deployers, or organisations representing them, and may cover one or more AI systems with a similar intended purpose.
  • The AI Office and Member States must take into account the specific interests and needs of SMEs, including start-ups, when facilitating this process.

Springlex's summary of the article, a reading aid, not a substitute for the legal text.

    1. The AI Office and the Member States shall encourage and facilitate the drawing up of codes of conduct, including related governance mechanisms, intended to foster the voluntary application to AI systems, other than high-risk AI systems, of some or all of the requirements set out in Chapter III, Section 2 taking into account the available technical solutions and industry best practices allowing for the application of such requirements.

    1. The AI Office and the Member States shall facilitate the drawing up of codes of conduct concerning the voluntary application, including by deployers, of specific requirements to all AI systems, on the basis of clear objectives and key performance indicators to measure the achievement of those objectives, including elements such as, but not limited to:

      1. applicable elements provided for in Union ethical guidelines for trustworthy AI;

      2. assessing and minimising the impact of AI systems on environmental sustainability, including as regards energy-efficient programming and techniques for the efficient design, training and use of AI;

      3. promoting AI literacy, in particular that of persons dealing with the development, operation and use of AI;

      4. facilitating an inclusive and diverse design of AI systems, including through the establishment of inclusive and diverse development teams and the promotion of stakeholders’ participation in that process;

      5. assessing and preventing the negative impact of AI systems on vulnerable persons or groups of vulnerable persons, including as regards accessibility for persons with a disability, as well as on gender equality.

    1. Codes of conduct may be drawn up by individual providers or deployers of AI systems or by organisations representing them or by both, including with the involvement of any interested stakeholders and their representative organisations, including civil society organisations and academia. Codes of conduct may cover one or more AI systems taking into account the similarity of the intended purpose of the relevant systems.

    1. The AI Office and the Member States shall take into account the specific interests and needs of SMEs, including start-ups, when encouraging and facilitating the drawing up of codes of conduct.

We're continuously improving our platform to serve you better.

Your feedback matters! Let us know how we can improve.

Found a bug?

Springflod is a Swedish boutique consultancy firm specialising in cyber security within the financial services sector.

We offer professional services concerning information security governance, risk and compliance.

Crafted with ❤️ by Springflod