The energy sector automates more decisions every year — from load forecasting and maintenance to recruitment and staffing. The moment an energy company uses an AI system to screen candidates, make hiring decisions or assign work, the activity falls under the EU AI Act (Regulation (EU) 2024/1689). This page explains what that means in practice, which dates apply, and how to gather the evidence you need.
Your role: deployer, not provider
The AI Act distinguishes two roles. A provider (Article 3(3)) develops the AI system and places it on the market. A deployer (Article 3(4)) uses the system under its own authority. Most energy companies are deployers: you have purchased a recruitment or staffing tool and apply it to your own candidates and employees.
Your role determines your obligations. Note that you can be reclassified as a provider under Article 25 if you put your own name on the system, substantially change its intended purpose, or make a substantial modification. You then take on the provider's full obligations.
Why recruitment AI is high-risk
AI systems used for recruitment, selection, promotion or termination count as high-risk under Annex III, point 4, on employment and workforce management. This applies regardless of sector — and therefore to energy companies too. The high-risk classification is what triggers the deployer's heaviest obligations.
Deployer obligations (Article 26)
For high-risk AI, Article 26 requires you, among other things, to:
- use the system in accordance with the provider's instructions for use,
- ensure human oversight by people with the right competence, training and authority,
- keep the logs automatically generated by the system (generally for at least six months),
- inform affected workers and their representatives before putting a high-risk AI system into use in the workplace,
- monitor operation and report serious incidents.
In addition, Article 27 (fundamental rights impact assessment, FRIA) applies to certain deployers, along with Article 50 (transparency) and Article 4 (AI literacy).
Key dates
- 2 February 2025 — prohibited practices (Article 5) and the AI literacy requirement (Article 4) already apply.
- 2 August 2026 — the transparency rules (Article 50) and deployer obligations for high-risk AI under Annex III start to apply.
On the Digital Omnibus: There is a proposal to postpone parts of the high-risk rules to 2 December 2027. The proposal was approved by the European Parliament on 16 June 2026, but the Council has not finalised the process and the proposal is not in force. Plan against 2 August 2026 until something else is formally decided.
The cost of non-compliance
The fines in Article 99 are significant:
- up to EUR 35 million or 7% of global annual turnover for prohibited practices (Article 5),
- up to EUR 15 million or 3% for breaching, among others, the high-risk and transparency requirements,
- up to EUR 7.5 million or 1% for supplying incorrect information to authorities.
The higher of the amount and the percentage applies.
From requirement to evidence
The obligations themselves are manageable — the hard part is being able to demonstrate that you meet them the day an authority, customer or auditor asks. PowerQuant delivers fixed-price compliance evidence (M1/M2/M3) documenting your deployer role, your Article 26 procedures and, where required, your Article 27 impact assessment — tailored to the energy sector.
This page is general information about the AI Act and does not constitute legal advice.