European Union: European Commission closes consultation on third draft of General-Purpose Artificial Intelligence Code of Practice, including quality of service requirement

On 30 March 2025, the European Commission closes the consultation on the third draft of the General-Purpose Artificial Intelligence (GPAI) Code of Practice. The draft incorporates a systemic Quality of Service requirement under the Safety and Security section for providers of general-purpose AI models with systemic risk (GPAISRs). Providers are required to develop and implement a Safety and Security Framework that defines systemic risk tiers and associated mitigations. The draft is in alignment with Articles 55 and 56 Artificial Intelligence Act, requiring providers of GPAI models with systemic risk to conduct risk evaluations, testing, and mitigation, and encourage adherence to codes of practice endorsed by the AI Office. The framework must include detailed systemic risk acceptance criteria and establish whether a GPAISR’s capabilities or behaviours pose unacceptable risks. Providers must also document fallback procedures to suspend development or deployment in cases of unresolved systemic risks.