Updated on April 10^th 2024 based on the version and article numbering approved by the EU Parliament on March 13^th 2024.

Requirements should apply to high-risk AI systems as regards risk management, the quality and relevance of data sets used, technical documentation and record-keeping, transparency and the provision of information to deployers, human oversight, and robustness, accuracy and cybersecurity. Those requirements are necessary to effectively mitigate the risks for health, safety and fundamental rights, and no other less trade restrictive measures are reasonably available, thus avoiding unjustified restrictions to trade.

‍

[Previous version]

Updated on Feb 6^th 2024 based on the version endorsed by the Coreper I on Feb 2^nd

In line with the commonly established notion of substantial modification for products regulated by Union harmonisation legislation, it is appropriate that whenever a change occurs which may affect the compliance of a high risk AI system with this Regulation (e.g. change of operating system or software architecture), or when the intended purpose of the system changes, that AI system should be considered a new AI system which should undergo a new conformity assessment. However, changes occurring to the algorithm and the performance of AI systems which continue to ‘learn’ after being placed on the market or put into service (i.e. automatically adapting how functions are carried out) should not constitute a substantial modification, provided that those changes have been pre- determined by the provider and assessed at the moment of the conformity assessment.