August 2, 2026 is not a soft target. It is the date when the European Commission gains enforcement powers over providers of general-purpose AI models that were placed on the EU market before August 2, 2025. The grace period that gave foundation model providers a full year to align ends, and the AI Office moves from publishing guidance to checking compliance. If your organization builds, fine-tunes, integrates, or distributes a general-purpose AI model in the EU, the calendar has already decided when scrutiny starts.
The hard part is that the obligations are not fully written down in one place. The AI Act text sets the framework, but the operational detail lives in the GPAI Code of Practice, in AI Office guidelines on the scope of GPAI obligations, in the training-data summary template, and in the implementation choices each member state makes as it designates national competent authorities. These documents are revised. A clause in the Code of Practice that reads one way in June can be clarified in July, and the page that hosts it does not send you a notification when it changes.
This guide covers the specific EU pages to monitor ahead of the August 2026 GPAI enforcement milestone, how to set up change detection so you catch revisions to the Code of Practice and AI Office guidance the day they publish, and how to keep a documented record that you were watching. It is the dated-enforcement companion to our broader guide on AI regulation monitoring across the EU AI Act, US executive orders, and global policy, which covers the full multi-jurisdiction picture.
What Actually Changes in August 2026
The August 2, 2026 milestone is widely described as the point where the AI Act "applies," but for general-purpose AI specifically, the meaningful shift is enforcement, not the arrival of the rules.
The GPAI obligations have applied since August 2025
Obligations for providers of general-purpose AI models took effect on August 2, 2025. From that date, providers of new GPAI models placed on the market had to maintain technical documentation, provide information to downstream providers who integrate the model, put a copyright policy in place, and publish a sufficiently detailed summary of the content used for training. Models classified as carrying systemic risk took on additional duties: model evaluation, adversarial testing, systemic-risk assessment and mitigation, incident tracking and reporting, and cybersecurity protections.
August 2026 is when the AI Office can enforce
The distinction that matters for your compliance calendar: the AI Office's enforcement powers over GPAI providers become exercisable on August 2, 2026. Providers whose models were already on the market before August 2, 2025 were given until August 2, 2027 to bring those existing models into compliance, but the enforcement machinery itself, including the AI Office's ability to request documentation, conduct evaluations, and ultimately levy penalties, switches on in August 2026.
Why the documents keep moving
The AI Act delegates the practical detail to instruments that the Commission and AI Office continue to develop:
- The GPAI Code of Practice translates the legal obligations into concrete commitments across transparency, copyright, and safety and security. It is a living document and signatories adhere to specific versioned chapters.
- AI Office guidelines clarify who counts as a GPAI provider, when fine-tuning makes you a provider, and how the systemic-risk threshold is assessed.
- The training-content summary template prescribes the exact format providers must use to publish their data summary.
- Member-state designations name the national competent authorities and market surveillance authorities, which differ by country and arrive on different timelines.
Each of these can be revised without warning. That is precisely the kind of low-volume, high-stakes change that automated monitoring exists for. For the mechanics of detecting wording changes in dense legal pages, our guide to monitoring privacy policy and terms of service changes covers the same content-diff techniques applied to regulatory text.
Who Needs to Watch This
Not every team that uses AI is a GPAI provider, but the definition is broader than many assume.
You are likely in scope if you
- Train or develop a general-purpose AI model and make it available in the EU, whether commercially or as open weights.
- Fine-tune or substantially modify an existing general-purpose model in a way that meets the provider threshold described in AI Office guidance.
- Place a GPAI model on the EU market under your own name or trademark, even if a third party built it.
You should still monitor if you
- Integrate a third-party foundation model into a product. You are a downstream provider, and your obligations depend on the documentation the upstream provider gives you, which in turn depends on the Code of Practice they follow.
- Advise clients on AI compliance. Law firms and consultancies need the source documents the moment they change, not a summary weeks later.
- Run a compliance or risk function. You need a documented, timestamped record showing your organization tracked the obligations as they evolved.
This split matters because it determines check frequency and which pages are tier one versus tier two, a structure we lay out below and in our broader compliance monitoring software guide.
The Official EU Pages to Monitor
These are the primary sources for GPAI obligations ahead of August 2026. URLs are given without scheme so you can locate the current canonical page, since the Commission occasionally restructures its digital-strategy paths.
AI Office and Commission pages
AI Act page on the Commission's digital-strategy site: The hub for AI Act implementation, linking to guidelines, the Code of Practice, templates, and FAQs.
- URL: digital-strategy.ec.europa.eu (AI Act section)
- Check frequency: Daily
GPAI Code of Practice page: The page hosting the Code chapters and the list of signatories. Watch both the document links and the signatory roster, since new adherents and chapter revisions both signal movement.
- URL: digital-strategy.ec.europa.eu (Code of Practice for general-purpose AI)
- Check frequency: Daily through August 2026
AI Office guidelines on GPAI scope: Guidance clarifying the definition of a GPAI provider, the fine-tuning threshold, and systemic-risk classification.
- URL: digital-strategy.ec.europa.eu (guidelines section)
- Check frequency: Daily
Training-content summary template page: The mandated format for the public summary of training data.
- URL: digital-strategy.ec.europa.eu (template section)
- Check frequency: Every 2-3 days
AI Act FAQ / questions and answers: The Commission periodically updates an FAQ that often signals interpretation shifts before formal guidance lands.
- URL: digital-strategy.ec.europa.eu (AI Act Q&A)
- Check frequency: Every 2-3 days
Legal and consultation sources
EUR-Lex AI Act page: The consolidated legal text plus any delegated and implementing acts. New corrigenda and implementing acts appear here first.
- URL: eur-lex.europa.eu (search the AI Act and related acts)
- Check frequency: Every 2-3 days
Commission consultations and calls for evidence: Draft implementing acts and templates are often opened for feedback before they are finalized, which is your earliest possible warning.
- URL: ec.europa.eu (Have your say portal, filtered for AI)
- Check frequency: Weekly
European AI Board materials: The body coordinating consistent application across member states publishes opinions and recommendations that shape enforcement.
- Check frequency: Weekly
Member-state implementation pages
Each member state designates national competent authorities and market surveillance authorities. The relevant authority for your operating markets publishes its own guidance, enforcement priorities, and contact procedures.
- Monitor the designated authority page for each country where you place models on the market.
- Check frequency: Weekly per authority
For tracking the underlying statutory and legislative layer rather than the agency guidance layer, see our legislative tracking guide.
Recommended monitoring map
| Source | What it tells you | Check frequency | Tier |
|---|---|---|---|
| AI Act hub page | New guidance, templates, FAQs published | Daily | 1 |
| GPAI Code of Practice page | Chapter revisions, new signatories | Daily | 1 |
| AI Office GPAI scope guidelines | Who counts as a provider, systemic-risk threshold | Daily | 1 |
| Training-content summary template | Format you must use for data summaries | Every 2-3 days | 2 |
| AI Act FAQ / Q&A | Early interpretation signals | Every 2-3 days | 2 |
| EUR-Lex AI Act + implementing acts | Binding legal changes, corrigenda | Every 2-3 days | 2 |
| Have your say consultations | Drafts before they are finalized | Weekly | 2 |
| National competent authority pages | Country-specific enforcement approach | Weekly | 3 |
Setting Up GPAI Monitoring with PageCrawl
The setup mirrors any regulatory monitoring program, with one difference: the August 2026 enforcement date means the tier-one pages deserve daily checks right now, not quarterly reviews.
Step 1: Add the tier-one pages first. Create monitors for the AI Act hub page, the GPAI Code of Practice page, and the AI Office GPAI scope guidelines. These are the three that move most and matter most before enforcement begins. New monitors come with screenshots enabled by default, which gives you a timestamped visual record of exactly what each page said on each check, useful evidence if you ever need to show what guidance was live on a given date.
Step 2: Use content-only tracking mode. Regulatory pages carry navigation, cookie banners, event promos, and footer noise that you do not care about. Content-only tracking strips the page chrome so an alert fires on substantive text changes, not on a rotated banner image. Combine it with an AI focus instruction so the change summary tells you what actually shifted.
Step 3: Write a focused AI instruction. For the Code of Practice page, something like: "Alert me about changes to the text of any Code of Practice chapter, new or revised commitments related to transparency, copyright, or safety and security, additions or removals from the signatory list, and any new version numbers. Ignore navigation, cookie notices, and event listings." A precise instruction here is the difference between an actionable alert and noise. Our CSS selector guide covers narrowing to a specific document section when a page hosts multiple documents.
Step 4: Set frequency by tier. Daily checks for the three tier-one pages, every 2-3 days for tier two, weekly for member-state authority pages. The Standard plan's 15-minute floor is far more than you need for regulatory pages, so frequency is rarely the constraint, the number of pages is.
Step 5: Route alerts to the right people. Send all alerts to your compliance inbox for the audit trail, and use webhook automation to push technical changes (the training-data template, systemic-risk thresholds) to your engineering channel and policy changes to your legal channel. If your team runs automations in n8n or Zapier, the n8n website monitoring guide shows how to fan a single change event out to a tracker, a Slack message, and a calendar entry at once.
Step 6: Organize with folders and tags. A folder structure of AI Office, Code of Practice, Legal (EUR-Lex), and Member States, with tags like "enforcement-2026," "gpai-systemic-risk," and "training-data," keeps the program legible as it grows past the initial handful of pages.
Building a GPAI Compliance Timeline
Monitoring is most useful next to a fixed timeline of known dates, so each alert can be slotted against what was already expected.
| Date | What it means for GPAI |
|---|---|
| August 2, 2024 | AI Act enters into force |
| August 2, 2025 | GPAI provider obligations begin to apply to new models |
| August 2, 2026 | AI Office enforcement powers over GPAI become exercisable |
| August 2, 2027 | GPAI models on the market before Aug 2025 must be brought into compliance |
When a monitor fires, the workflow is the same each time: identify the change type (chapter revision, new template, scope clarification, authority designation), extract any new dates or thresholds, assess the impact on your models, assign an owner, and log it. That last step turns a stream of alerts into a regulatory change log, which is what an assessor asks for. For the broader practice of keeping that record across many regulations, see our regulatory compliance monitoring guide.
Why a Documented Archive Matters Here
The Code of Practice and AI Office guidance are revised in place. A commitment you read and implemented against in early 2026 may be reworded before enforcement starts, and the live page will only show the current version. If a national authority later asks how you interpreted an obligation, "this is what the guidance said on the date we built our process" is a far stronger answer than "this is what it says now."
PageCrawl stores historical versions of every monitored page, so you can pull up exactly what the Code of Practice chapter or the scope guidance said on any past check date, with the screenshot captured at that moment. For programs that need formal, court-grade archiving rather than version history, our website archiving guide covers the stronger options. Maintaining this archive is itself part of demonstrating good-faith compliance, the same reasoning that drives terms of service monitoring for SaaS vendors.
How This Differs From General AI Regulation Tracking
If you already run a broad AI policy monitoring setup, the August 2026 GPAI angle adds three specific things rather than replacing your program.
Tighter check frequency on a small set of pages
A general AI-policy program might check the AI Office weekly. Ahead of enforcement, the Code of Practice and scope guidelines warrant daily checks, because a clarification published in July directly affects what enforcement looks like in August.
Watching signatory lists, not just document text
The signatory roster of the Code of Practice is a signal in its own right. New adherents indicate which obligations the market is treating as settled, and that is competitive and compliance intelligence you do not get from the legal text.
Member-state granularity
The AI Act is one regulation, but enforcement runs through national authorities that designate on different timelines and publish different priorities. A page-per-country monitoring approach captures that variation, which a single EU-level monitor cannot. This is the same per-jurisdiction discipline our GDPR and CCPA privacy-law change tracking guide applies to data protection.
Choosing your PageCrawl plan
PageCrawl's Free plan lets you monitor 6 pages with 220 checks per month, which is enough to validate the approach on your most critical pages. Most teams graduate to a paid plan once they see the value.
| Plan | Price | Pages | Checks / month | Frequency |
|---|---|---|---|---|
| Free | $0 | 6 | 220 | every 60 min |
| Standard | $8/mo or $80/yr | 100 | 15,000 | every 15 min |
| Enterprise | $30/mo or $300/yr | 500 | 100,000 | every 5 min |
| Ultimate | $99/mo or $999/yr | 1,000 | 100,000 | every 2 min |
Annual billing saves two months across every paid tier. Enterprise and Ultimate scale up to 100x if you need thousands of pages or multi-team access.
Compliance monitoring is the cheapest insurance you can buy. A single missed regulatory change can trigger fines in the tens or hundreds of thousands, not to mention the audit overhead of proving you did not see it coming. Enterprise at $300/year covers 500 regulatory pages with unlimited history and timestamped screenshots, which is usually exactly what an assessor wants to see. All plans include the PageCrawl MCP Server, so your compliance team can ask Claude to summarize every change to a specific regulation over the last quarter and pull the exact diff, turning your monitoring history into a queryable audit trail. AI assistants can create monitors through conversation on every plan, including Free, and paid plans add on-demand checks and monitor management. Standard at $80/year is enough to cover 100 pages across your primary regulatory bodies if your program is smaller.
Getting Started
Begin with the three pages that move most before August 2026: the AI Act hub on the Commission's digital-strategy site, the GPAI Code of Practice page, and the AI Office guidelines on GPAI scope. Set each to content-only tracking with daily checks, write a focused AI instruction that targets chapter revisions and scope clarifications, and route alerts to your compliance inbox. This takes about fifteen minutes and covers the sources most likely to change in the run-up to enforcement.
Run it for two weeks. You will almost certainly catch at least one revision or FAQ update you would otherwise have learned about late. Once you see the value, expand to the EUR-Lex legal text, the consultation portal, and a monitor per member state where you place models on the market. PageCrawl's free tier covers 6 pages, enough for the core GPAI sources, and the Standard plan at $80/year handles a full multi-source program with room for the rest of your AI regulation calendar.