European Commission confirms that AI brokers are subject to RIA

Articles12 May 2026
Launch of the AI Act Service Desk by the European Commission as a repository of guidance and frequently asked questions to clarify the application of the AI Regulation and to support early compliance decisions by companies and legal advisors.

The European Commission has updated its official FAQs and expressly confirms that so-called "AI agents" are fully covered by the Regulation on AI ("RIA"), even though the term "AI agent" is not legally defined.


Key points:

  • AI agents can qualify as AI systems: they typically integrate at least one general-purpose AI model and present some form of interface, which triggers the RIA's definition of "AI system" and are subject to its regulatory framework.
  • Application of the RIA: although the term "IA agent" is not defined in the RIA, the existing definitions (IA system and general-purpose model) allow its inclusion within the scope of the standard. They must therefore comply with the prohibitions of Article 5 of the RIA, as well as the transparency obligations of Article 50 of the RIA when they meet the requirements to be classified as an "AI system".
  • Risk of engaging in prohibited practices: the need to avoid manipulative behaviour or exploitation of vulnerabilities is emphasised, requiring design measures aimed at security, control and user protection.
  • Strengthened requirements for high-risk uses from August 2026: if an AI actor fits a high-risk scenario, it will have to comply with strict obligations in terms of governance, oversight, technical assessment and documentation.
  • Transparency when interacting: when the AI actor interacts with individuals or generates content, RIA reporting and transparency obligations apply.
  • Underlying models with systemic risk: operational autonomy or the ability to use tools may lead to the underlying model being classified as a model with systemic risk, adding risk management and preventative security requirements.

From a compliance perspective, the Commission's position reinforces that the development and deployment of AI agents should be analysed within the RIA framework. This implies, among other issues, assessing their regulatory fit on a case-by-case basis, reviewing design processes, strengthening supervisory mechanisms and anticipating applicable obligations depending on the level of risk.


Find out more:

La imagen muestra una serie de paneles con luces rojas en un ambiente oscuro.

LATEST FROM #ECIJA