Article 25 (EU AI Act)
The EU AI Act provision creating a direct obligation chain between providers and deployers of high-risk AI systems, including responsibility transfer when systems are substantially modified.
Article 25 establishes that organizations deploying third-party high-risk AI systems bear deployer obligations regardless of vendor promises. Critically, a deployer that modifies an AI system in ways that change its intended purpose may legally become the provider, inheriting the full provider obligation set. This is the primary anchor for AI vendor risk assessment under the EU AI Act and the basis for procurement diligence on any third-party AI.
A bank deploys a third-party credit scoring AI but customizes the risk thresholds for its own portfolio. Under Article 25 this customization may trigger provider status - requiring the bank to produce its own technical documentation and conformity assessment.
“What used to take weeks of manual reviews and policy work is now structured and auditable in Enzai within minutes. It’s the first time AI governance has felt operational, not theoretical.”
Ready to get started
with your AI governance program?
Enzai provides an AI governance and enablement platform that will help your organisation maximise AI adoption, while minimising AI risk.
Hear back in 24 hours
Customer Support Ticket Classification
Draft Use Case
5 requested AI solutions
Requested on: 7 Nov 2026
Requested by: Enzai
Reviewers:
Automated Contract Risk Review
Draft Use Case
5 requested AI solutions
Requested on: 7 July 2026
Requested by: Enzai
Reviewers:
Sales Forecasting & Demand Prediction
Draft Use Case
5 requested AI solutions
Requested on: 18 August 2026
Requested by: Enzai
Reviewers:
Employee Resume Screening Assistant
Draft Use Case
5 requested AI solutions
Requested on: 19 June 2026
Requested by: Enzai
Reviewers:
We help you find answers
What problem does Enzai solve?
Enzai provides enterprise-grade infrastructure to manage AI risk and compliance. It creates a centralized system of record where AI systems, models, datasets, and governance decisions are documented, assessed, and auditable.
Who is Enzai built for?
How is Enzai different from other governance tools?
Can we start if we have no existing AI governance process?
Does AI governance slow down innovation?
How does Enzai stay aligned with evolving AI regulations?
Research, insights, and updates
Empower your organization to adopt, govern, and monitor AI with enterprise-grade confidence. Built for regulated organizations operating at scale.