When the €35 million figure appears in EU AI Act coverage, it tends to stop conversations cold. That number is real, but it applies to a narrow category of violations. For most companies, and for deployers in particular, the actual exposure is considerably lower. This article sets out the actual fine structure, what deployers can and cannot be fined for, and what the enforcement picture looks like heading into 2026.
The full penalty tier structure
The AI Act sets fines in three tiers, each capped at either a fixed amount or a percentage of global annual turnover, whichever is higher.
Tier 1: Prohibited AI practices (Article 5 violations) Maximum: €35 million or 7% of global annual turnover.
Article 5 bans a specific set of AI practices outright. These include social scoring systems by public authorities, AI that exploits psychological vulnerabilities to manipulate behaviour, and real-time biometric surveillance in public spaces by law enforcement (with narrow exceptions). Companies operating these systems after the ban took effect in February 2025 face the highest fines the regulation provides for.
Tier 2: High-risk system non-compliance and other substantive violations Maximum: €15 million or 3% of global annual turnover.
This covers providers failing to meet conformity assessment requirements, post-market monitoring obligations, and technical documentation standards. Deployer violations also fall into this tier, but the scope of what deployers can actually be fined for under this tier is narrower.
Tier 3: Incorrect or misleading information to authorities Maximum: €7.5 million or 1% of global annual turnover.
This applies to companies that provide false information to national AI authorities during market surveillance investigations. It is a procedural penalty, not a penalty for non-compliance with the substantive rules.
What deployer fines actually look like in practice
For SMEs, the percentage caps mean that the absolute numbers are much smaller than the headlines suggest. A company with €3 million in annual revenue faces a maximum Tier 2 fine of €90,000, not €15 million. A company with €500,000 in revenue faces a maximum of €15,000.
That is still meaningful. It is not trivial. But it is calibrated to company size in a way that the headline figures do not communicate.
The violations that specifically apply to deployers under the Act include:
- Operating a high-risk AI system without the required usage policies, oversight procedures, or logging
- Using a high-risk AI system procured from a provider who lacks a CE mark, without having taken steps to verify compliance
- Failing to notify national authorities of serious incidents involving high-risk AI systems
- Not providing applicants or users with required notifications about AI use in high-risk contexts
- Operating a prohibited AI practice (the Tier 1 exposure)
What deployers will not be fined for, at least in the near term: minor procedural gaps in documentation format, imperfect literacy policy structure, or failing to use exactly the right terminology in a usage policy. The regulation gives enforcement authorities discretion, and enforcement in 2026 will be selective.
The enforcement reality in 2026
National AI authorities are responsible for enforcement. The Act required member states to designate their authorities, but the actual infrastructure for enforcement is still being assembled.
Germany designated the Federal Network Agency (Bundesnetzagentur) as its primary AI authority. France designated ARCOM (the Audiovisual and Digital Communication Regulatory Authority). Most other EU member states are further behind, with designation decisions and staffing still incomplete as of early 2026.
This means enforcement in 2026 will be selective, focused on high-profile cases, egregious prohibited practice violations, and sectors where national regulators already have experience (financial services, employment, public services). A mid-size company that is making genuine compliance efforts but has an imperfect literacy policy document is not the enforcement priority.
That said, two things can change your risk profile regardless of where regulators focus their attention.
The contractual risk is happening now
B2B companies face compliance pressure from enterprise clients before any regulator gets involved. Large organisations are already including AI Act compliance representations in procurement contracts and vendor questionnaires. If you cannot demonstrate that you have carried out the required risk classification and documentation, you may fail a supplier audit, lose a procurement tender, or face contract termination.
This is not theoretical. It is happening in regulated sectors (financial services, healthcare, legal) and spreading to enterprise procurement more broadly. The reputational and commercial cost of non-compliance from failed supplier audits may arrive sooner than regulatory enforcement.
Documenting retroactively does not help
There is a specific trap worth naming. Some compliance teams have reasoned that the deadline is August 2026, so any documentation created before August 2026 is fine. This is incorrect.
Documentation that is clearly prepared in the weeks or days before the deadline is evidence that the required processes were not in place during the preceding period. Enforcement authorities can examine when documents were created. A usage policy with a creation date of 25 July 2026 is not the same as a usage policy that has been in place, reviewed, and updated over the previous year.
Compliance documentation should be created, used, and updated as part of actual operations. The August 2026 deadline is the latest point by which everything must be in place. Building backward from that deadline is fine. Creating everything at the last moment is not.
What to focus on
For deployers, the practical priority order is:
- AI literacy policy (Article 4, already overdue since February 2025)
- Risk classification of AI systems in use
- Usage policies and oversight procedures for any Annex III systems
- Incident notification procedures
- Supplier compliance verification for high-risk systems
None of these require specialist technical knowledge to complete. They require clear thinking about which AI systems your organisation uses, how they are used, and who is accountable for oversight. The paperwork is the work.
Get your compliance documentation done before the deadline
Answer 20 questions about your AI systems. AIActComply generates your complete compliance documentation, prefilled for deployers, in 11 EU languages.
Check my compliance →