PowerQuantEUSend your AI questionnaire

The real estate sector is increasingly using AI – for recruitment, tenant screening, energy optimisation and marketing. When a real estate company, a property manager, a residential landlord or an agent puts an AI system into use in its own operations, the business normally becomes a deployer under the EU AI Act. That role carries concrete obligations – and the risk of penalties if they are not met. This page summarises what applies and how PowerQuant helps you build the documentation.

Your role: deployer or provider

The AI Act distinguishes between two main roles. A provider is the party that develops an AI system or has it developed and places it on the market under its own name. A deployer is the party that uses an AI system in its own professional activity.

Most real estate actors buy AI tools from external system vendors and are therefore deployers, not providers. This is not an automatic boundary, however: under Article 25, a deployer can be regarded as a provider – with the provider's full obligations – if, for example, you put your own name on a high-risk system, substantially change its intended purpose or make a substantial modification. The role must therefore be assessed on a case-by-case basis.

Which real estate AI can be high-risk?

The Act regulates so-called high-risk systems most strictly; these are listed in Annex III.

Recruitment and staffing AI. Annex III point 4 (employment) classifies AI used to recruit, screen applications or make decisions affecting employment terms as high-risk. This applies across all sectors, including real estate companies. If you use AI to screen candidates for property management, agent or caretaker roles, you are likely covered by the rules.

Tenant screening and credit assessment. Annex III lists creditworthiness assessment of natural persons as high-risk. AI that performs credit checks on housing applicants may therefore be covered. This is not a given, however – an individual assessment must be made based on the system's intended purpose. A tool that only verifies identity or handles documents is normally classified differently from one that scores a person's creditworthiness.

Other real estate AI. Systems for property operations, energy optimisation and marketing normally fall outside Annex III. They may still be covered by Article 5, which since 2 February 2025 prohibits certain AI practices, and by Article 50 on transparency – for example the obligation to inform persons who interact with a chatbot or encounter AI-generated content.

Our recommendation is not to over-classify. The starting point should always be the system's actual intended purpose, and uncertain cases should be flagged as "must be assessed on a case-by-case basis".

The deployer's obligations (Article 26)

For high-risk systems, Article 26 requires, among other things, that you:

  • use the system in accordance with the provider's instructions for use,
  • ensure human oversight by persons with the right competence,
  • monitor operation and report serious incidents to the provider and the supervisory authority,
  • keep the logs the system generates,
  • inform workers and their representatives before a high-risk system is put into use in the workplace.

In certain cases, a fundamental rights impact assessment (FRIA) under Article 27 must be carried out. Article 4 also requires, since 2 February 2025, sufficient AI literacy among staff who operate the systems.

Timeline

  • 2 February 2025 – Article 4 (AI literacy) and Article 5 (prohibited practices) in force.
  • 2 August 2026 – Article 50 (transparency) and the deployer obligations linked to Annex III start to apply.
  • 2 December 2027 (proposed) – the Digital Omnibus proposes deferring Annex III to this date. The European Parliament approved the proposal on 16 June 2026, but the Council is awaiting publication in the Official Journal of the European Union. The proposal is not yet in force and should be treated as just that – a proposal.

Penalties

Article 99 sets the ceilings for administrative fines:

  • EUR 35 million or 7 % of global annual turnover – infringement of Article 5 (prohibited practices).
  • EUR 15 million or 3 % – infringement of high-risk requirements and Article 50.
  • EUR 7.5 million or 1 % – incorrect or misleading information to authorities.

Before procurement

Before you procure or put new AI tools into use:

  • Map which AI systems you already use and their intended purpose.
  • Assess for each system whether it may be covered by Annex III – flag uncertain cases.
  • Request the provider's documentation, instructions for use and conformity evidence.
  • Clarify whether you risk becoming a provider under Article 25.
  • Establish procedures for human oversight, logging and incident reporting.
  • Ensure AI literacy among the relevant staff under Article 4.

PowerQuant is delivered as documentation support: Module 1 (AI inventory + Article 4 register) and Module 2 (Provider documentation package). SEK prices are preliminary.

This page is general information about the AI Act and does not constitute legal advice.