Skip to main content

EU AI Act Article 50 is in force — what AI deployers must disclose and prove.

Last updated: 2026-06-22 · 7 min read

Last reviewed: 2026-06-22

Four EU regulatory obligations now apply: NL Telecomwet (since 1 July 2026), Article 50 (since 2 August 2026), DORA (in force since January 2025), DSA (in force since February 2024). Audact handles all four with one evidence chain.

Audit your voice AI in 60 seconds — free

How Audact handles Article 50 automatically

Three capabilities that turn Article 50 from a legal project into a platform default — live now.

EU AI Act Article 50 applies from 2 August 2026

There isno grace period. Every AI system deployer must comply from the day it applies.

What Article 50 requires

AI systems must disclose when a person is interacting with AI. Natural persons must be informed that they are interacting with an AI system — clearly, before or at the start of the interaction.

Who must comply with EU AI Act Article 50

Article 50 binds bothprovidersof generative AI systems (those who build and market them) anddeployers(any organisation that puts an AI system into use under its own authority in the EU). The obligation is extraterritorial: a US-headquartered SaaS company whose chatbot speaks with customers in Dublin is just as liable as a Dutch enterprise running the same system. The only carve-outs are law-enforcement use authorised by law and clearly artistic, satirical or analogous expression — neither of which covers commercial customer-facing AI.

In practice this means every outbound voice agent, inbound IVR, website chatbot, email autoresponder and messaging bot that interacts with a natural person in the EU must surface a disclosure before the first exchange of meaningful content. Internal AI tooling used only by employees is out of scope for Article 50, but the same system becomes in-scope the moment it touches a customer, prospect or member of the public.

Who it applies to

  • Voice agents— AI-powered outbound and inbound phone calls
  • Chatbots— Customer service, sales, and support bots
  • Email AI— AI-generated or AI-assisted email communications
  • Messaging AI— WhatsApp, SMS, and messaging platform agents
  • Any AI-generated communication where a person could reasonably believe they are interacting with a human

How Audact helps

  • Real-time disclosure enforcement— Audact’s inline proxy ensures every AI interaction includes the required disclosure, before the conversation begins.
  • Evidence logging— Cryptographic evidence chain records that disclosure was made, when it was made, and that it was presented before the interaction.
  • Policy engine— Configurable rules per jurisdiction, per modality, per use case, enforcing Article 50 disclosure obligations.

Penalties for non-compliance with the EU AI Act

The EU AI Act uses a tiered fine structure. Prohibited-practice breaches (Article 5) carry the headline ceiling of€35 million or 7% of global annual turnover, whichever is higher. Transparency breaches under Article 50 — including failure to disclose AI interaction or to mark synthetic content — sit in the middle tier at up to€15 million or 3% of turnover(Art 99(4), stackable on GDPR 4%). Supplying incorrect, incomplete or misleading information to competent authorities is itself punishable at up to €7.5M or 1% (Art 99(5)).

National market surveillance authorities enforce the Act, coordinated by the new EU AI Office. Penalties apply per violation, and regulators have signalled that each undisclosed interaction can be treated as a separate infringement — turning a single misconfigured chatbot into a compounding exposure. SMEs and start-ups receive proportionality considerations, but the Act does not exempt them.

Penalty amounts

Up to €15M or 3% of annual worldwide revenue (Art 99(4))

Whichever is higher. Each undisclosed AI interaction constitutes a separate violation.

See how Audact enforces Article 50 disclosure across every modality.

Frequently asked questions

What is EU AI Act Article 50?

Article 50 sets transparency obligations requiring deployers to disclose when a natural person is interacting with an AI system, clearly and before the interaction begins.

When does Article 50 apply?

From 2 August 2026, with no grace period — every AI system deployer must comply from day one.

Who must comply with Article 50?

Any organisation deploying AI systems that interact with people in the EU — voice agents, chatbots, email AI, and messaging AI — regardless of where the provider is based.

What are the penalties for non-compliance?

Fines can reach up to €15M or 3% of annual worldwide turnover (Art 99(4), stackable on GDPR 4%), whichever is higher. Each undisclosed AI interaction counts as a separate violation.

Compare EU AI compliance laws

LawDeadlineWhoPenalty
EU AI Act Art. 50In force (Aug 2026)All AI deployers in EU€15M / 3% turnover (Art 99(4))
NL TelecomwetIn force (Jul 2026)Outbound marketing to NL consumers€900k per violation
GDPRIn forceAny processor of EU personal data€20M / 4% turnover
DSAIn force (Feb 2024)Intermediaries & VLOPs6% global turnover
ePrivacyIn forceSenders of electronic communicationsVaries by Member State

Related compliance resources

Disclaimer:This page is for informational purposes only and does not constitute legal advice. Consult qualified legal counsel for your specific compliance obligations.

← Back to compliance overview