EU AI Act August 2026: the deployer's GPAI dossier

August 2, 2026 is not a provider deadline you can wait out. It is the date EU regulated enterprises become contractually and operationally liable for GPAI obligations they never signed — and the only defensible posture is a deployer-side verification dossier built before procurement closes, not after a regulator letter arrives.

Every law-firm memo frames the date from the model provider's seat: what OpenAI, Anthropic, Mistral, and Meta must publish. The real risk sits one layer down, with banks, insurers, hospitals, and TSOs who inherit asymmetric liability with no published playbook for auditing what those vendors actually disclose. This post is that playbook.

What activates on August 2, 2026 — and what already activated in 2025

August 2026 is enforcement powers, not new obligations. GPAI duties under Chapter V have been live since 2 August 2025 for any model placed on the market after that date; pre-existing GPAI models have until 2 August 2027 ^[1]^[3]. Every frontier model your team procured in the last twelve months is already in scope. If you have no evidence file on it, you are already behind.

What changes on 2 August 2026 is the Commission's teeth. The European AI Office can request information from GPAI providers, conduct model evaluations, require corrective measures, restrict models from the EU market, and levy fines of up to the higher of 3% of global annual turnover or €15 million ^[1]. The same date makes high-risk AI system obligations under Annex III practically consequential ^[2]. Two regimes activating on one day, both touching the same enterprise workflows.

If your compliance plan treats August 2026 as the starting gun, you have misread the calendar. The starting gun fired a year ago. August 2026 is when the referee walks onto the field.

The deployer trap: your bank inherits GPAI liability you did not sign

Calling an API into a frontier model makes you a downstream provider, not a GPAI provider ^[4]. That sounds reassuring until the next sentence: if the application you build on top is a high-risk AI system — credit scoring, claims triage, clinical decision support, employee screening, critical-infrastructure control — you carry full high-risk obligations on top of whatever the upstream GPAI provider is supposed to discharge ^[4]^[2].

Your vendor handles Article 53 transparency, training-data summaries, and copyright policy. You handle risk management, data governance, human oversight, post-market monitoring, and conformity assessment for the high-risk system you built. The two stacks are joined by one fragile assumption: that the GPAI vendor's documentation is good enough to support your downstream conformity assessment. If it is not — if the training-data summary is three pages of marketing language — the regulator's first call is to you, because you are the entity placing the high-risk system on the EU market.

Vendor selection is no longer about model quality and price per token. It is about whether the vendor's Article 53 file will hold up underneath your Annex III conformity file. Most procurement teams have not yet asked that question.

Score the training-data summaries: OpenAI, Anthropic, Meta, Mistral on one rubric

Article 53 says GPAI providers must publish a 'sufficiently detailed' training-data summary covering sources, collection methodology, data categories, and filtering ^[4]. It does not define sufficiently detailed, and the frontier labs have read that gap aggressively. Published summaries vary by an order of magnitude in actual content.

Benchmark the disclosures against each other before they land in the data room. Seven dimensions, 0–3 each: named data sources versus generic categories, language and geographic coverage, content-type breakdown, date ranges of collection, quantitative breakdown by source, filtering and deduplication methodology, and TDM opt-out handling ^[5]^[1]. Anything below 14/21 is a documentation gap you will have to plug yourself.

The European AI Office published a voluntary GPAI Code of Practice in July 2025, and adherence creates a presumption of compliance with corresponding obligations ^[4]. First procurement question: has the vendor signed the Code? If not, the second question is why — and the answer goes in your audit file.

9 artifacts your deployer dossier needs before procurement signs

Compliance teams keep asking what to document. The answer is a fixed dossier assembled before contract signature: (1) a model inventory tying every GPAI integration to a business workflow and risk classification; (2) the vendor's published training-data summary, scored against the rubric above; (3) the vendor's EU copyright compliance policy and TDM opt-out attestation ^[4]; (4) a systemic-risk classification confirming whether the model crossed the 10²⁵ FLOPs training-compute threshold that triggers Article 55 obligations ^[4]; (5) the downstream-information pack the vendor provides under Article 53(1)(b); (6) evaluation evidence, including disclosed adversarial testing; (7) the vendor's serious-incident reporting SLA, which for systemic-risk models must support 15-working-day reporting ^[4]; (8) contractual indemnities for Article 53 breaches; (9) a mapping of the deployed system against Annex III high-risk categories.

Each artifact is defensive. The training-data summary alone takes 3–6 weeks of cross-functional work across legal, data engineering, model training, and policy ^[5] — that is for the provider producing it. The deployer review is shorter but cannot be skipped, because the moment a regulator asks why you trusted the vendor's disclosure, the dossier is your only answer.

Assemble it before procurement closes. After signature, your negotiating leverage is gone and the artifacts you did not demand are artifacts you will not get.

Contract language vendors will resist (demand it anyway)

Standard frontier-model contracts push GPAI liability downstream through limitation-of-liability clauses, broad output disclaimers, and silence on regulatory-breach indemnification. For a sole-proprietor building a chatbot, that is a commercial inconvenience. For a regulated deployer placing a high-risk system on the EU market, it is an unacceptable risk allocation.

Three hooks are non-negotiable. First, explicit indemnification for Article 53 breaches attributable to the vendor — including failed technical documentation, failed downstream-provider information, and a non-compliant training-data summary ^[4]. Second, audit rights against the vendor's technical documentation, exercised through an independent third party under NDA if the vendor refuses direct access. Third, a contractual hook to the GPAI Code of Practice: vendor adheres, and withdrawal of adherence is a material breach. Vendors will resist all three. Walk, or document the residual risk in your audit file and price it.

For systemic-risk models, add a fourth clause: serious-incident notification to you well inside the 15-working-day window the vendor owes the AI Office ^[4], so you can meet your own downstream reporting duties.

On-premise inference is a compliance lever, not just sovereignty

Running an open-weight model inside your perimeter does not eliminate GPAI rules. It does something more useful: it collapses the upstream-vendor verification problem into your own controlled environment. The training-data summary you cannot extract from a frontier vendor is one you produce yourself for an open-weight model whose weights, datasheets, and model card you control. The 10²⁵ FLOPs systemic-risk threshold ^[4] sits well above the Llama, Mistral, Gemma, and Qwen families — meaning the heavy Article 55 obligations on adversarial testing, systemic-risk assessment, and cybersecurity reporting do not attach.

A WaveNode appliance running Gemma or Llama inside your perimeter shifts the regulator's first call. You are still a deployer with high-risk obligations if the workflow is high-risk — but the upstream GPAI verification problem becomes an internal documentation exercise instead of an adversarial negotiation with a US vendor's legal team. For credit-scoring, claims-triage, and clinical-decision workflows already classified high-risk under Annex III, that is the difference between a defensible audit file and a permanent contingent liability.

WaveNode is built for exactly this posture: local GPU inference on customer infrastructure, open-weight models with documented provenance, RAG with citation tracking, and an audit trail that maps every answer back to a source document, page, and revision. See [/enterprise-ai-on-premise](/enterprise-ai-on-premise) for the deployment model and [/customers/eles](/customers/eles) for the production reference at Slovenia's national TSO running NEXUS. For the procurement-side framing, [/blog/on-premise-ai-vs-cloud-ai-don-t-choose-a-platform-classify-](/blog/on-premise-ai-vs-cloud-ai-don-t-choose-a-platform-classify-) handles the workload-classification step.

A 90-day readiness sprint versus 3% of global turnover

A single training-data-summary review runs 3–6 weeks of cross-functional work ^[5]. For a mid-size regulated deployer with five to fifteen GPAI integrations, that scopes a 90-day readiness sprint across three workstreams: model inventory and classification (weeks 1–3), vendor dossier collection and scoring (weeks 4–9), contractual remediation and high-risk mapping (weeks 10–13). Headcount: one compliance lead, one AI architect, one procurement counsel, fractional DPO. Budget: low six figures, end-to-end.

Penalty exposure: Article 101 fines for GPAI breaches reach the higher of 3% of global annual turnover or €15 million ^[1]. Prohibited-AI breaches under Article 5 reach 7% or €35 million. For a regulated group at €5B revenue, the 3% ceiling is €150 million. The sprint pays for itself if it averts a single enforcement action with even a fractional fine.

Build the dossier now, while you still control the procurement leverage and the documentation timeline. On August 3, 2026 the regulators will not ask your vendor for the dossier. They will ask you. The deployers who built the verification file in advance will be the ones still in production.

See how WaveNode builds the deployer dossier into on-premise inference — https://wavenetic.com/#platform