2026-04-14·14 min read·sota.io team

EU AI Act Art.105: Committee Procedure — Comitology and Implementing Acts Developer Guide (2026)

The EU AI Act does not just establish obligations for AI developers — it also creates a governance machinery for the Commission to adopt more detailed rules after the main Regulation entered into force. That machinery operates on two tracks: delegated acts (Art.104) and implementing acts (Art.105). This guide covers the second track.

Article 105 establishes a standing comitology committee that assists the Commission in adopting implementing acts under the AI Act. Where delegated acts under Art.104 are quasi-legislative and subject to European Parliament and Council scrutiny, implementing acts under Art.105 are executive measures adopted through a Member State committee procedure. The practical difference matters for developers: delegated acts can change what counts as high-risk or how much compute triggers GPAI obligations; implementing acts determine the specific forms, procedures, and technical specifications you must use when complying.

The key distinction in one sentence: Art.104 delegated acts change the rules; Art.105 implementing acts specify how to follow the rules.

What Article 105 Actually Establishes

Article 105 contains three operative elements:

1. The committee. The Commission is assisted by a committee. That committee is a committee within the meaning of Regulation (EU) No 182/2011 — the EU's standing comitology regulation. The committee consists of representatives of the Member States, with the Commission chairing but not voting. The composition is determined by the subject matter of the relevant implementing act.

2. The procedure. Where an AI Act article references Art.105(2), Article 5 of Regulation (EU) No 182/2011 applies. Article 5 is the examination procedure — the standard procedure for implementing acts in areas with significant impact. Under the examination procedure, the committee must deliver an opinion by qualified majority. A positive opinion allows the Commission to adopt the implementing act. A negative opinion (qualified majority against) blocks adoption. No opinion falls under the specific rule in Art.105(3).

3. The no-opinion deadlock rule. This is where Art.105 diverges from the standard comitology rules. Under the default examination procedure in Art.5(4) of Regulation 182/2011, if the committee delivers no opinion, the Commission may generally adopt the implementing act (with some exceptions for sensitive areas). Article 105(3) overrides this: where the committee delivers no opinion, the Commission shall not adopt the draft implementing act. The third subparagraph of Art.5(4) of Regulation 182/2011 applies — which means the implementing act is referred back, and the Commission may submit an amended version or refer it to an appeal committee.

Why this matters: The no-opinion deadlock rule makes EU AI Act implementing acts harder to adopt than most other implementing acts. The Commission cannot push through an implementing act on which Member States are divided. This creates a structural check on the Commission's ability to unilaterally set technical standards for AI compliance.

Examination Procedure Mechanics

The examination procedure under Art.5 of Regulation 182/2011 works as follows:

1. Commission submits draft to committee. The Commission presents a draft implementing act to the committee. The committee has a defined period to examine the proposal and vote.

2. Qualified majority vote. Member States vote. A qualified majority requires 55% of Member States representing at least 65% of the EU population (the same double-majority rule as Council votes). The Commission chairs the meeting but does not vote.

3. Outcomes:

Positive opinion (QM in favour): Commission adopts the implementing act.
Negative opinion (QM against): Commission cannot adopt. It may submit an amended version or abandon the proposal.
No opinion (no qualified majority for or against): Under standard rules, Commission may adopt with exceptions. Under Art.105(3), Commission cannot adopt and refers to appeal committee.

4. Appeal committee. If the committee delivers no opinion, the Commission may submit the draft to the appeal committee under Art.6 of Regulation 182/2011. The appeal committee applies the same voting rules. If the appeal committee also delivers no opinion, the Commission may adopt if it determines that non-adoption would create significant disruption in markets or be detrimental to the financial interests of the Union. The AI Act does not create a specific exception — so the Art.105(3) deadlock is stricter even before any appeal committee action.

Examination Procedure vs Delegated Acts: Side-by-Side

Dimension	Implementing Acts (Art.105)	Delegated Acts (Art.104)
Adopted by	Commission + Member State committee	Commission alone
Check mechanism	Member State committee vote (QM)	EP and Council scrutiny (3–6 months)
Deadlock rule	No opinion → cannot adopt (Art.105(3))	No objection within scrutiny → in force
Subject matter	Procedural, technical, forms, designations	Quasi-legislative: list expansions, threshold changes
Typical output	Standard forms, templates, procedures, designations	Annex III expansion, GPAI threshold changes
Revocation	Cannot be revoked; Commission can amend	EP or Council can revoke delegation
Speed	Weeks to months (committee scheduling)	3–6 months minimum from notification

Which AI Act Articles Use the Committee Procedure

The AI Act distributes implementing act powers across multiple articles. Understanding which actions go through Art.105 tells you which compliance requirements are set by implementing act and therefore subject to this committee machinery.

Art.6(7) — High-Risk AI Classification for Harmonised Legislation

Article 6(7) authorises the Commission to adopt implementing acts establishing a list of AI systems referred to in Art.6(1) that are not considered high-risk. Where an AI system is covered by harmonised Union legislation listed in Annex I (CE-marked products — medical devices, machinery, vehicles), Art.6(1) presumes high-risk status unless the system is purely advisory to human review and the defect risk is low. Art.6(7) implementing acts can carve out specific AI system categories from this presumption.

Developer implication: If you are building AI systems integrated into CE-marked products, an Art.6(7) implementing act could remove or confirm your high-risk classification. The committee procedure means Member States have a significant say in whether your product category is high-risk.

Art.51(4) — GPAI Systemic Risk Designation

Article 51(4) authorises the Commission to adopt implementing acts to designate a specific GPAI model as a model with systemic risk based on its actual capabilities. This is separate from the general 10^25 FLOP threshold: a model below the threshold can still be designated as having systemic risk if the Commission, acting on AI Office advice and after assessing the model, determines it has equivalent capabilities.

Developer implication: This is the most operationally significant implementing act power for GPAI model providers. An Art.51(4) implementing act designating your model as having systemic risk triggers the full obligations of Art.55 — adversarial testing, incident reporting to the AI Office, cybersecurity measures, and energy efficiency disclosures. The committee procedure means Member State representatives must approve the designation before it becomes binding.

The procedural sequence:

AI Office conducts evaluation of the GPAI model
AI Office recommendation to Commission
Commission submits draft implementing act to Art.105 committee
Committee votes (examination procedure)
Positive opinion → designation in force; negative or no opinion → cannot adopt (Art.105(3))
Model provider notified; Art.55 obligations apply

Art.62(4) — AI Regulatory Sandbox Coordination

Article 62(4) authorises the Commission to adopt implementing acts establishing detailed arrangements for the implementation and administration of the AI regulatory sandboxes — the controlled testing environments where AI systems can be tested prior to deployment. These implementing acts cover harmonised conditions across Member State sandbox programmes.

Developer implication: If you operate in an AI regulatory sandbox (under Art.57–62), the specific rules governing what you can do in the sandbox, how liability is managed during testing, and how sandbox outputs are treated for conformity assessment purposes are set by implementing acts under Art.105.

Art.74(11) — Standard Forms for Market Surveillance

Article 74(11) authorises the Commission to adopt implementing acts specifying standard forms and templates for the declarations, documentation, and notifications required under the AI Act — including conformity assessment documentation, CE marking declarations of conformity, and notifications to market surveillance authorities.

Developer implication: The exact format of your Declaration of Conformity for high-risk AI systems, the structure of your technical documentation, and the template for any notifications to national competent authorities are set by Art.74(11) implementing acts. If you are preparing compliance documentation now, these standard forms may not yet be published — check for published implementing acts before finalising your templates.

Current status (as of Q1 2026): The Commission has not yet published all standard forms and templates under Art.74(11). Developers are currently drafting documentation based on the substantive requirements in the AI Act while awaiting the implementing act templates. When published, you will need to align your documentation format with the templates.

Art.74(12) — EU Database Access Procedures

Article 74(12) authorises the Commission to adopt implementing acts specifying the technical details and procedural rules for accessing the EU database for high-risk AI systems under Art.71. The EU database is where providers of high-risk AI systems must register before placing their systems on the market or putting them into service.

Developer implication: How you register your high-risk AI system in the EU database — the access credentials, the technical API (if any), the registration format — is governed by an Art.74(12) implementing act. Registration in the EU database is a legal prerequisite for market access for high-risk AI systems. Without the implementing act specifying the procedure, registration cannot be completed as specified.

Note: The EU database for high-risk AI systems is the same database referred to in Art.49 (registration obligation for providers). The Art.74(12) implementing act governs the technical implementation of Art.49 compliance.

Art.77(6) — Measures for Serious Risk

Article 77(6) authorises the Commission to adopt implementing acts specifying the common measures to be taken across Member States where a high-risk AI system is found to present a serious risk that requires urgent action at Union level. This is the emergency implementing act provision — it allows the Commission to impose pan-EU restrictions or prohibitions on specific AI systems that Member State market surveillance has identified as seriously risky.

Developer implication: An Art.77(6) implementing act could require withdrawal, suspension, or restriction of a specific AI system across the entire EU market. This is not hypothetical enforcement risk — it is a defined implementing act power. The committee procedure applies: Member States must vote by qualified majority to approve such measures, and Art.105(3) means a deadlocked committee blocks even emergency measures.

The No-Opinion Deadlock: Why It Matters in Practice

Article 105(3) is unusual in the context of EU comitology. The standard examination procedure allows the Commission to adopt in no-opinion situations (with some exceptions). The AI Act's stricter no-opinion rule reflects the political sensitivity of AI governance: Member States wanted a structural guarantee that the Commission cannot unilaterally adopt implementing acts that set AI compliance requirements without at least some Member State consensus.

What a deadlock means for developers:

A deadlocked committee on an implementing act means the relevant compliance requirement is in a legal limbo. You have substantive obligations in the AI Act text, but the procedural rules for satisfying them have not been implemented. Examples:

If the Art.74(11) standard forms are deadlocked, you must still comply with the Declaration of Conformity requirement in Art.48, but the mandated format has not been published. You use your best interpretation of the substantive requirements until the deadlock resolves.
If the Art.74(12) database access procedure is deadlocked, you cannot register in the EU database — which means you face a compliance gap through no action of your own.

Developer response to deadlocks: Monitor implementing act progress via EUR-Lex and Commission work programmes. Where implementing acts are in committee, understand which compliance requirements depend on them. Build your compliance architecture to the substantive requirements; add procedural format compliance when implementing acts are adopted.

Timeline: How Long Implementing Acts Take

Implementing acts under the examination procedure do not have a defined minimum timeline comparable to the 3-month scrutiny period for delegated acts. The process is:

Phase	Typical Duration	Determines
Commission drafting	3–18 months	Internal preparation, stakeholder input
Committee submission	Days	Formal submission to committee
Committee deliberation	4–12 weeks	Member State review and discussion
Committee vote	Single meeting	Outcome: positive, negative, no opinion
Publication in OJ	Days to weeks after adoption	Entry into force

The practical implication: Implementing acts can move faster than delegated acts (no fixed 3-month scrutiny window) or much slower (if committee deliberations are extended). For compliance planning, do not assume a standard timeline — track actual committee progress through EUR-Lex and the Commission register of committee documents.

Where to track progress:

The Commission maintains a register of comitology documents (Comitology Register) where committee agendas, draft acts, and vote outcomes are published. EUR-Lex tracks implementing acts published in the Official Journal. Commission DG CONNECT handles AI Act comitology procedures.

Developer Monitoring Obligations

The AI Act does not impose an explicit obligation to monitor implementing act adoption — but practical compliance requires it. An implementing act that specifies a mandatory form or procedure for a requirement you must already satisfy becomes your compliance obligation from its entry into force.

Priority Monitoring List

Art.51(4) — GPAI systemic risk designation: Any GPAI model provider should monitor this channel. A designation implementing act triggers Art.55 obligations on a timeline set by the implementing act itself.

Art.74(11) — Standard forms and templates: Any developer of high-risk AI systems needs these forms for compliance documentation. Monitor for publication; update your templates when published.

Art.74(12) — EU database access: High-risk AI system providers have a registration obligation under Art.49. You cannot complete registration without the implementing act. Monitor for adoption.

Art.6(7) — High-risk classification carve-outs: If you operate in a sector covered by Annex I harmonised legislation, any Art.6(7) implementing act defining non-high-risk categories is commercially significant.

Art.77(6) — Serious risk measures: If you operate in a sector where market surveillance is active and your AI category has attracted regulatory attention, this emergency provision is a tail risk worth monitoring.

Monitoring Channels

Source	Monitoring Target	Recommended Frequency
EUR-Lex — Regulation 2024/1689 implementing acts	All adopted implementing acts	Monthly
Commission Comitology Register	Committee agendas and draft acts	Monthly
AI Office publications	Signals of upcoming implementing act activity	Weekly
DG CONNECT work programme	Planned implementing act timeline	Quarterly
EAIB (European AI Innovation Board)	Member State positions on draft implementing acts	As meetings occur

CLOUD Act Intersection

The comitology process has a CLOUD Act dimension that is less obvious than for delegated acts but equally relevant:

Consultation submissions: Before drafting implementing acts under Art.105, the Commission typically runs stakeholder consultations. If your company submits technical comments on draft standard forms (Art.74(11)) or proposed GPAI designation criteria (Art.51(4)), those submissions and the internal materials that support them are potentially CLOUD Act-compellable if stored on US cloud infrastructure.

Regulatory intelligence materials: Documents analysing which implementing acts affect your products, how committee votes are tracking, and what technical positions Member States are taking in committee — this is regulatory intelligence that may have competitive value. If stored on US cloud infrastructure, it is potentially accessible under CLOUD Act.

Compliance templates: When Art.74(11) standard forms are adopted, your completed compliance documentation (Declaration of Conformity, technical documentation) will contain substantive information about your AI systems. This documentation, stored on US cloud infrastructure, is potentially CLOUD Act-compellable by US authorities.

EU sovereign infrastructure strategy: For AI compliance documentation specifically, the sovereign infrastructure consideration is direct: the information required by the EU AI Act compliance process is exactly the kind of detailed AI system information that has strategic value. EU-hosted infrastructure eliminates CLOUD Act compellability for this documentation.

What Implementing Acts Cannot Do

Understanding the limits of implementing act powers under Art.105 is as important as understanding their scope:

No new obligations. Implementing acts implement existing obligations in the AI Act text — they specify how, not whether. An implementing act under Art.74(11) sets the format for a Declaration of Conformity; it cannot create a new conformity assessment requirement not found in the AI Act.

No Annex modifications. Changes to Annex I (harmonised legislation), Annex III (high-risk AI list), Annex IV (technical documentation requirements), or other substantive annexes require delegated acts (Art.104) or full legislative revision — not implementing acts.

No threshold changes. The GPAI training compute threshold of 10^25 FLOPs can only be changed by delegated act under Art.51(3) — not by implementing act. An Art.51(4) implementing act can designate a specific model with systemic risk, but cannot change the threshold that automatically triggers systemic risk status.

No penalty setting. The penalty amounts in Art.99 (up to €35M or 7% global turnover for prohibited AI system violations) are set in the AI Act text and cannot be modified by implementing act.

Python Tooling for Implementing Act Tracking

from dataclasses import dataclass, field
from datetime import date
from enum import Enum
from typing import Optional, List

class ImplementingActStatus(Enum):
    ANNOUNCED = "announced"         # In Commission work programme
    DRAFTING = "drafting"           # Commission internal preparation
    CONSULTATION = "consultation"   # Stakeholder consultation open
    COMMITTEE = "committee"         # Submitted to Art.105 committee
    POSITIVE_OPINION = "positive"   # Committee approved
    NEGATIVE_OPINION = "negative"   # Committee blocked
    NO_OPINION = "no_opinion"       # Deadlock — cannot adopt (Art.105(3))
    APPEAL = "appeal"               # Referred to appeal committee
    ADOPTED = "adopted"             # In force after OJ publication
    WITHDRAWN = "withdrawn"         # Commission withdrew proposal

class ImplementingActBasis(Enum):
    ART_6_7 = "Art.6(7)"    # High-risk carve-out for harmonised legislation
    ART_51_4 = "Art.51(4)"  # GPAI systemic risk designation
    ART_62_4 = "Art.62(4)"  # AI regulatory sandbox coordination
    ART_74_11 = "Art.74(11)" # Standard forms and templates
    ART_74_12 = "Art.74(12)" # EU database access procedures
    ART_77_6 = "Art.77(6)"   # Serious risk emergency measures

@dataclass
class ImplementingActTracker:
    """Track EU AI Act implementing acts under Art.105 committee procedure."""
    
    legal_basis: ImplementingActBasis
    title: str
    status: ImplementingActStatus
    committee_submission_date: Optional[date] = None
    committee_vote_date: Optional[date] = None
    entry_into_force_date: Optional[date] = None
    oj_reference: Optional[str] = None
    affects_your_systems: bool = False
    compliance_dependency: str = ""  # What compliance action this act enables
    blocking_risk: bool = False      # Does delay create a compliance gap?
    
    def is_deadlocked(self) -> bool:
        return self.status == ImplementingActStatus.NO_OPINION
    
    def compliance_gap_exists(self) -> bool:
        """True if this act is needed for compliance and has not been adopted."""
        pending_statuses = {
            ImplementingActStatus.ANNOUNCED,
            ImplementingActStatus.DRAFTING,
            ImplementingActStatus.CONSULTATION,
            ImplementingActStatus.COMMITTEE,
            ImplementingActStatus.NO_OPINION,
            ImplementingActStatus.APPEAL,
        }
        return (
            self.affects_your_systems
            and self.blocking_risk
            and self.status in pending_statuses
        )
    
    def urgency_level(self) -> str:
        if self.entry_into_force_date:
            days = (self.entry_into_force_date - date.today()).days
            if days < 0:
                return "OVERDUE"
            elif days < 30:
                return "CRITICAL"
            elif days < 90:
                return "HIGH"
            else:
                return "MEDIUM"
        if self.compliance_gap_exists():
            return "HIGH"
        return "LOW"

@dataclass
class Art105ComitologyTracker:
    """Monitor EU AI Act implementing acts through the Art.105 committee procedure."""
    
    active_acts: List[ImplementingActTracker] = field(default_factory=list)
    
    def get_compliance_gaps(self) -> List[ImplementingActTracker]:
        """Return acts that create compliance gaps because they are pending."""
        return [a for a in self.active_acts if a.compliance_gap_exists()]
    
    def get_deadlocked_acts(self) -> List[ImplementingActTracker]:
        """Return acts that are deadlocked at committee — cannot be adopted."""
        return [a for a in self.active_acts if a.is_deadlocked()]
    
    def gpai_designation_risk(self) -> dict:
        """Assess risk of your GPAI model being designated with systemic risk."""
        designation_acts = [
            a for a in self.active_acts
            if a.legal_basis == ImplementingActBasis.ART_51_4
        ]
        affecting_you = [a for a in designation_acts if a.affects_your_systems]
        return {
            "active_designation_acts": len(designation_acts),
            "potentially_affecting_you": len(affecting_you),
            "risk_level": "HIGH" if affecting_you else "MONITORING",
            "recommendation": (
                "Review AI Office evaluation status for your model immediately"
                if affecting_you else
                "Monitor AI Office publications for GPAI evaluation signals"
            )
        }
    
    def standard_forms_status(self) -> dict:
        """Check if standard forms and templates have been published."""
        forms_acts = [
            a for a in self.active_acts
            if a.legal_basis == ImplementingActBasis.ART_74_11
        ]
        adopted = [a for a in forms_acts if a.status == ImplementingActStatus.ADOPTED]
        pending = [a for a in forms_acts if a.status not in (
            ImplementingActStatus.ADOPTED, ImplementingActStatus.WITHDRAWN
        )]
        return {
            "forms_adopted": len(adopted),
            "forms_pending": len(pending),
            "status": "COMPLETE" if adopted and not pending else "PENDING",
            "compliance_action": (
                "Update documentation templates to match published forms"
                if adopted else
                "Use substantive requirements for now; update when forms published"
            )
        }
    
    def generate_monitoring_report(self) -> dict:
        return {
            "total_tracked_acts": len(self.active_acts),
            "adopted": len([a for a in self.active_acts if a.status == ImplementingActStatus.ADOPTED]),
            "in_committee": len([a for a in self.active_acts if a.status == ImplementingActStatus.COMMITTEE]),
            "deadlocked": len(self.get_deadlocked_acts()),
            "compliance_gaps": len(self.get_compliance_gaps()),
            "gpai_designation_risk": self.gpai_designation_risk(),
            "standard_forms_status": self.standard_forms_status(),
            "high_urgency_items": [
                a.title for a in self.active_acts if a.urgency_level() in ("CRITICAL", "HIGH")
            ]
        }

Art.105 and Art.104 Together: The Full Regulatory Picture

Understanding how implementing acts (Art.105) and delegated acts (Art.104) interact gives you the complete regulatory change picture for the AI Act:

Stage 1 — Delegation establishes the power: Art.104 delegated acts change the substantive scope (Annex III, thresholds). These require no committee vote — only EP/Council non-objection within 3–6 months.

Stage 2 — Implementation specifies the execution: Art.105 implementing acts define the technical and procedural mechanics (forms, templates, designations, procedures). These require a Member State committee positive opinion.

The practical compliance sequence:

Monitor for Art.104 delegated acts that change what applies to you
Monitor for Art.105 implementing acts that define how you must comply
Build substantive compliance architecture first (from Act text)
Update procedural implementation when implementing acts are adopted
Flag dependencies: where compliance steps require implementing acts not yet published

30-Item Art.105 Comitology Readiness Checklist

Procedure Understanding (5 items)

Know the difference between examination procedure (Art.5 Reg 182/2011) and advisory procedure (Art.4)
Understand the no-opinion deadlock rule in Art.105(3) and its implications
Know the qualified majority threshold for committee votes (55% MS + 65% population)
Understand that implementing acts implement existing obligations — they cannot create new ones
Know which implementing act powers are in the AI Act (Art.6(7), 51(4), 62(4), 74(11), 74(12), 77(6))

GPAI Model Providers (5 items)

Understand that Art.51(4) allows designation of sub-threshold models as having systemic risk
Know the AI Office's role in recommending GPAI systemic risk designations
Monitor AI Office publications for signals of impending designation implementing acts
Have a documented response plan if an Art.51(4) designation implementing act names your model
Understand Art.55 obligations that trigger on designation (adversarial testing, incident reporting, cybersecurity)

High-Risk AI System Providers (7 items)

Track Art.74(11) standard forms implementing acts — these determine your documentation format
Track Art.74(12) EU database access implementing acts — required for Art.49 registration
Check EUR-Lex for adopted Art.74(11) forms before finalising compliance documentation
Have a plan for updating documentation when standard forms are published
Understand Art.6(7) carve-out implementing acts that may affect your high-risk classification
Monitor Art.77(6) serious risk measures for your AI category
Know that compliance gaps caused by pending implementing acts do not excuse non-compliance with the substantive obligation

Monitoring Infrastructure (6 items)

Subscribe to EUR-Lex alerts for implementing acts citing Regulation 2024/1689
Bookmark the Commission Comitology Register for committee agendas and draft acts
Monitor AI Office publications for signals of upcoming implementing act activity (weekly)
Add DG CONNECT work programme to your annual compliance review calendar
Track EAIB meeting outputs for signals on Member State committee positions
Establish internal process to assess impact of each implementing act on your compliance programme

CLOUD Act and Infrastructure (4 items)

Assess where your compliance documentation is stored (US vs EU infrastructure)
Understand that completed conformity assessment forms may contain CLOUD Act-compellable AI system details
Evaluate storing consultation submissions and regulatory intelligence on EU-sovereign infrastructure
Consider sota.io for EU-sovereign hosting of compliance infrastructure and regulatory tracking systems

Integration with Art.104 Monitoring (3 items)

Maintain a unified regulatory tracker covering both implementing acts (Art.105) and delegated acts (Art.104)
Distinguish which compliance requirements depend on implementing acts vs delegated acts vs the Act text directly
Build compliance architecture to the Act text first; layer implementing act procedural formats when published

Deadlock and Contingency Planning (5 items)

Identify which implementing acts are blocking prerequisites for your compliance programme
Have a contingency approach for each blocking implementing act (substantive compliance while forms pending)
Monitor appeal committee activity for deadlocked implementing acts
Understand that Art.105(3) deadlocks cannot be overridden by the Commission alone
Assess political risk for implementing acts where Member State positions may be divided (GPAI designation, serious risk measures)