EU AI Act incident response runbook

Article 3(49) of Regulation (EU) 2024/1689 defines a serious incident as any incident or malfunctioning of a high-risk AI system that directly or indirectly leads to one of: the death of a person, serious harm to a person's health, a serious and irreversible disruption of the management or operation of critical infrastructure, the infringement of obligations under Union law intended to protect fundamental rights, or serious harm to property or the environment. Near-misses and minor incidents are not serious incidents but must be logged under the post-market monitoring obligations in Article 72.

Article 73 sets three clocks. Default: 15 days from the moment the provider becomes aware (Article 73(2)). Death of a person: 10 days from awareness (Article 73(3)). Infringement of fundamental rights or widespread / serious disruption of critical infrastructure: 2 days from awareness, immediately if practicable (Article 73(3)). The clock is on the date of awareness, not the date of the incident itself.

The market surveillance authority of the Member State where the incident occurred. Each Member State designates this authority under Article 70. For cross-border or systemic incidents, the AI Office at the European Commission is also looped in. If you are a deployer rather than a provider, Article 26(5) requires you to inform the provider without undue delay; the provider then files the Article 73 report. If personal data is involved, GDPR Article 33 imposes a separate 72 hour clock to the national Data Protection Authority.

Article 26(5) puts the operational reporting burden on deployers in a specific way: deployers who become aware of a serious incident must inform the provider without undue delay, then the importer or distributor, then the relevant market surveillance authority. The 15 / 10 / 2 day clocks in Article 73 are formally on the provider, but deployers should treat the awareness moment as their own clock and surface the incident immediately. Contractual agreements with providers should make this notification chain explicit.

Not directly. Article 73 incident reporting applies to providers of high-risk AI systems under Annex III and safety components of regulated products under Annex I. General-purpose AI models with systemic risk have separate obligations under Article 55(1)(c) to track and report serious incidents and corrective measures to the AI Office. Limited and minimal risk systems are out of scope of Article 73 entirely but may still trigger GDPR Article 33 if personal data is involved, NIS2 for critical sectors, or DORA for financial services.

Late reporting is itself a violation of Article 73 and falls under Tier 2 of Article 99 penalties: up to EUR 15 million or 3% of global annual turnover, whichever is higher. The Article 99 mitigating factors framework will consider whether the delay was good-faith (still investigating, internal escalation) or negligent. The practical advice: even if the clock has expired, file immediately and document the timeline. Refusing to report compounds the violation.

No. The runbook applies the plain text of Article 73 + Article 3(49) + Article 26(5) + Article 99 to your facts and outputs a structured draft. The market surveillance authority interpretation, the specific incident facts, and any cross-border or sectoral complications need a qualified lawyer in the relevant Member State. Use the runbook to compress the first 30 minutes of an incident, not to replace counsel.