The provider and deployer distinction matters because obligations follow the role a company actually performs. A company can build, place, operate, modify or use AI systems in ways that create different responsibility profiles.
Operational information, not legal advice.
Role classification model
Provider role
Deployer role
Importer or distributor role
Responsibility chain
Direct answer
The provider and deployer distinction matters because duties follow the role a company actually performs. A company may build, place, integrate, modify, operate or use an AI system. Each of those actions can create a different responsibility profile.
For the next layer, compare provider vs deployer roles, review high-risk AI system signals, or start with an EU AI Act risk assessment.
Decision criteria
First inspection
This page provides operational information for AI governance readiness. It is not legal advice.
Related guides
A direct answer page for US companies that need to understand possible EU AI Act exposure.
Understand high-risk AI system triage and why early classification matters before implementation.
A practical guide to assessing EU AI Act risk before committing budget to implementation.
Run a diagnostic-first EU AI Act assessment for role, risk, documentation and implementation exposure.
Official sources
Official European Commission overview of the EU AI Act and its risk-based regulatory framework.
Official publication of Regulation (EU) 2024/1689 laying down harmonised rules on artificial intelligence.
External references are included for source orientation. This page remains operational information and is not legal advice.