AI Act Penalties and Fines: The Complete Article 99 Guide (2026)
The EU AI Act penalties and fines established in Article 99 of Regulation (EU) 2024/1689 are among the most severe in EU regulatory history — surpassing GDPR at the top tier, already in force, and carrying enforcement consequences that extend well beyond the fine itself. This guide covers every tier, the critical SME inversion rule that most explainers miss, the ten mitigating factors that determine your actual fine, how AI Act penalties interact with GDPR, and what you can do before 2 August 2026 to reduce your exposure.
AI Act penalties and fines: what Article 99 establishes
Article 99 does not set a single fine — it establishes a three-tier structure keyed to the severity of the infringement, with each tier defining a fixed maximum amount and a percentage of total worldwide annual turnover. For undertakings, the fine is whichever of the two is higher. For SMEs and start-ups, the rule inverts: it is whichever is lower — a critical distinction covered in full below.
The penalty framework became applicable on 2 August 2025, alongside the governance architecture and GPAI obligations. That means national market surveillance authorities have had legal authority to investigate and sanction infringements for nearly a year before most of the substantive high-risk obligations even apply. The Article 5 prohibited practices, which have been in force since 2 February 2025, are already actionable. And as of early 2026, the European Commission launched its first formal investigations into potential prohibited AI practices — enforcement is not waiting for August 2026.
The three fine tiers under Article 99
| Tier | Violation | Maximum fine | Legal basis |
|---|---|---|---|
| Tier 1 | Prohibited AI practices (Art. 5) | €35,000,000 or 7% of worldwide annual turnover (whichever higher) | Art. 99(3) |
| Tier 2 | Most operator obligations — high-risk requirements, Article 50 transparency, GPAI duties | €15,000,000 or 3% of worldwide annual turnover (whichever higher) | Art. 99(4) |
| Tier 3 | Supplying incorrect, incomplete or misleading information to authorities | €7,500,000 or 1% of worldwide annual turnover (whichever higher) | Art. 99(5) |
⚠️ Common error in secondary sources. Several widely-cited guides state the Tier 3 rate as 1.5% of worldwide turnover. The primary text of Article 99(5) as published in the Official Journal is unambiguous: it is 1%, not 1.5%. Always verify penalty claims against the primary regulation.
Tier 1 — Prohibited practices: up to €35M or 7%
This is the highest penalty tier, reserved for violations of Article 5 — practices the AI Act bans outright as incompatible with fundamental rights. The list includes: subliminal or manipulative techniques that cause significant harm; exploitation of vulnerabilities (age, disability, socio-economic status); social scoring by or on behalf of public authorities; most real-time remote biometric identification in publicly accessible spaces; untargeted facial-image scraping to build recognition databases; emotion recognition in workplaces and educational institutions; and — added by the Digital Omnibus, pending adoption — AI systems generating non-consensual intimate imagery and child sexual abuse material. These prohibitions have been enforceable since 2 February 2025, making them the longest-standing live obligations in the Act.
At 7% of worldwide turnover, Tier 1 surpasses GDPR’s 4% ceiling and is the second-highest percentage-based penalty in EU digital regulation — behind only the Digital Markets Act’s 10% cap. For a large technology company with €10 billion in annual revenue, a Tier 1 fine could reach €700 million.
Tier 2 — Operator obligations: up to €15M or 3%
This tier covers the broadest range of infringements: failure to comply with the high-risk system obligations (documentation, risk management, human oversight, conformity assessment), failure to comply with the Article 50 transparency duties (chatbot disclosure, content marking, deepfake labelling), failure to comply with GPAI model obligations, and a range of other provider and deployer duties. For most organisations, this is the tier that matters most. The Article 50 transparency obligations — the next live deadline on 2 August 2026 — sit squarely here, meaning a company that fails to disclose its chatbot as an AI or to implement machine-readable content marking after 2 August 2026 faces up to €15 million or 3% of worldwide turnover. See our complete guide to Article 50 transparency obligations for what you need to have in place.
Tier 3 — Incorrect information: up to €7.5M or 1%
The lowest tier applies to a specific, procedural infringement: providing incorrect, incomplete, or misleading information to national competent authorities or the AI Office in response to an information request or investigation. It is worth treating seriously. If your organisation is investigated and provides inaccurate documentation — even inadvertently — the fine for that act alone is up to €7.5 million. The practical lesson: in any enforcement interaction, completeness and accuracy of disclosure, including about compliance gaps, is a stronger strategy than providing incomplete responses.
The SME and start-up inversion: Article 99(6)
Article 99(6) is the most important provision in the penalty framework for small organisations, and the one most widely skipped in secondary commentary. For SMEs and start-ups, the fine for each tier is capped at the lower of the fixed amount or the percentage of turnover — inverting the calculation that applies to large undertakings.
| Company size | Rule | Tier 2 example: €2M turnover startup |
|---|---|---|
| Large undertaking | Higher of fixed amount or % of turnover | €15M (fixed amount is higher) |
| SME / start-up | Lower of fixed amount or % of turnover | €60,000 (3% of €2M — far lower) |
For a startup with €2 million in annual revenue, the difference between the standard and SME rule on a Tier 2 violation is the difference between €15 million and €60,000. The SME rule does not eliminate the fine — it proportions it. Compliance is still required, and the reputational consequences of enforcement action apply regardless of company size. But the provision means that a small operator that gets a detail wrong is not automatically facing existential exposure. If you are an SME, verify that national authorities are applying this inversion in their implementing rules — it is an obligation on Member States, not a discretion.
What determines the actual fine: the Article 99(7) factors
The tiers set ceilings, not floors. The actual fine in any case is determined by weighing a set of factors listed in Article 99(7). Understanding these is the difference between a theoretical maximum and a realistic worst case:
- The nature, gravity and duration of the infringement and its consequences, including the number of people affected and damage suffered
- Whether the same operator has already been fined by other market surveillance authorities for the same infringement
- Whether the operator has already been fined under other EU or national law for infringements arising from the same activity
- The size, turnover and market share of the operator
- The degree of responsibility — including technical and organisational measures taken
- The gravity of the infringement, particularly whether it was negligent or intentional
- Any action taken to mitigate harm or damage
- The degree of cooperation with the supervising authority
- Categories of personal data affected, where relevant
- Any relevant prior infringements by the same operator
The GDPR enforcement track record provides the clearest signal of how these factors play out in practice. The largest GDPR fines have been for systemic non-compliance — not isolated errors — and regulators have consistently treated cooperation, proactive disclosure, and documented remedial action as meaningful mitigating factors. AI Act enforcement is being built on the same institutional infrastructure. Documenting your compliance decisions now, even where they are provisional or incomplete, establishes a paper trail that directly engages the degree-of-responsibility and cooperation factors.
No double jeopardy: how AI Act fines interact with GDPR
Many AI applications also process personal data, which means potential exposure under both the AI Act and GDPR for overlapping conduct. Article 99(8) addresses this with a no-double-jeopardy rule: where the same factual violation constitutes an infringement under both the AI Act and another EU instrument, only the higher of the applicable penalties is imposed for that violation. You do not pay both. However, different violations arising from the same AI system can still be penalised separately — an AI system with both inadequate transparency and unlawful data processing could face distinct penalties for each distinct infringement, even if they arise from the same deployment. The practical implication is that AI Act and GDPR compliance reviews need to be conducted jointly, not in separate silos.
How AI Act fines compare with GDPR and other EU regulation
| Regulation | Maximum % fine | Fixed maximum |
|---|---|---|
| Digital Markets Act | 10% of worldwide turnover | — |
| EU AI Act (Tier 1) | 7% | €35,000,000 |
| GDPR (top tier) | 4% | €20,000,000 |
| EU AI Act (Tier 2) | 3% | €15,000,000 |
| NIS2 Directive | 2% | €10,000,000 |
| EU AI Act (Tier 3) | 1% | €7,500,000 |
Who enforces AI Act penalties
Enforcement is split across two levels. At national level, market surveillance authorities designated by each Member State investigate AI Act violations within their territory, impose penalties, and coordinate with other national authorities on cross-border cases. These are often the same bodies that enforce GDPR and product safety law — they do not start from zero. At EU level, the AI Office inside the European Commission has direct enforcement authority over GPAI model providers and coordinates consistent application across the Union. The AI Office can request information, demand model access, order mitigations, and in serious cases recall a model from the EU market entirely. For most businesses deploying AI in specific applications, the relevant enforcer is the national market surveillance authority, not the AI Office — though the AI Office sets interpretive direction that authorities follow.
Enforcement in 2026 is following a similar pattern to early GDPR: the first actions are being triggered by complaints from affected individuals and civil society organisations, not by proactive sweeps. Early AI Act enforcement signals are focused on prohibited practices (the highest-severity tier) and on AI-generated content transparency as the 2 August 2026 deadline approaches. For a full picture of who’s in scope and what each deadline means, see our EU AI Act overview and the complete compliance timeline.
The right to explanation under Article 86
Alongside the fine framework, the AI Act introduces an individual enforcement right that is often overlooked. Article 86 gives any person subject to a decision significantly affecting them that is taken by a deployer using a high-risk AI system the right to obtain a clear and meaningful explanation of the role the AI system played in the decision, the main parameters influencing the output, and the level of human oversight involved. This right creates a direct accountability mechanism for deployers of high-risk AI: affected individuals — candidates rejected by a hiring tool, applicants refused credit, patients triaged by a medical system — can request this explanation, and the deployer must be able to provide it. Inability to do so is itself an infringement engaging Tier 2.
What to do before 2 August 2026
- Check your Article 5 exposure first. Prohibited practices have been enforceable since February 2025. If your system uses emotion recognition in the workplace, real-time biometric identification in public spaces, or social scoring, that is live risk today.
- Classify every AI system you provide or deploy against the risk tiers. Classification determines which penalty tier applies and is the foundation of any compliance defence.
- Implement Article 50 transparency before 2 August 2026. The chatbot disclosure, content-marking and deepfake-labelling duties sit in Tier 2. See our guides to chatbot disclosure and the full Article 50 obligations for what is required.
- Document everything. The Article 99(7) mitigating factors heavily reward documented compliance decisions, proactive disclosure, and cooperation. A paper trail built now is your best defence in any future enforcement interaction.
- Map AI Act exposure alongside GDPR. Joint reviews avoid the blind spot where a single AI deployment creates simultaneous, separately-penalisable infringements under both frameworks.
- If you are an SME, verify the inversion rule applies. Your maximum fine is the lower of the fixed amount or the turnover percentage — but only if national implementing rules apply Art. 99(6) correctly. Know your exposure.
Frequently asked questions
Are AI Act fines already being issued?
The penalty framework has been applicable since 2 August 2025. In early 2026, the European Commission launched its first formal investigations into potential prohibited AI practices under Article 5. No published fines have been announced yet, but enforcement is active, particularly for the prohibited practices that have been in force since February 2025.
Does the Digital Omnibus change the AI Act penalties?
No. The Digital Omnibus defers high-risk obligation dates and adds new prohibited practices, but it does not change the fine tiers or amounts in Article 99. The penalty framework is unchanged by the Omnibus.
What is the difference between AI Act fines and GDPR fines?
The AI Act’s Tier 1 fine (7% / €35M) exceeds GDPR’s top tier (4% / €20M), making it the second-highest percentage-based penalty in EU digital regulation. Under Article 99(8), if the same act violates both frameworks, only the higher fine applies — but separate violations can still be penalised separately.
What is the Tier 3 fine percentage — is it 1% or 1.5%?
It is 1%. Article 99(5) of Regulation (EU) 2024/1689 as published in the Official Journal states “up to 1% of its total worldwide annual turnover.” Some secondary sources incorrectly cite 1.5% — always verify against the primary text.
Can the AI Office directly fine my company?
The AI Office has direct enforcement authority over providers of general-purpose AI models. For most companies deploying AI in specific applications, enforcement comes from the national market surveillance authority in the Member State where the AI system is used or placed on the market.
Key takeaways
- Article 99 establishes three fine tiers: €35M/7% for prohibited practices, €15M/3% for most operator obligations (including Article 50), and €7.5M/1% for supplying incorrect information — the Tier 3 rate is 1%, not 1.5% as some sources wrongly state.
- For SMEs and start-ups, the calculation inverts: the fine is the lower of the fixed amount or the turnover percentage, not the higher — a proportionality protection that can reduce exposure from millions to thousands.
- The penalty framework has been in force since 2 August 2025; the prohibited practices tier has been enforceable since February 2025; enforcement is already under way.
- Article 99(8) prevents double punishment for the same violation under both the AI Act and GDPR — but different violations arising from the same AI system can still be penalised separately.
- The ten Article 99(7) factors mean documented compliance, cooperation and proactive disclosure significantly reduce actual fine exposure even where an infringement has occurred.
