Abstract
The Artificial Intelligence (AI) Act distinguishes between the different actors involved in the supply chain of high-risk AI systems. The purpose of this paper is to outline and compare the obligations of importers, distributors and deployers, and to analyse the circumstances in which these obligations may be extended and aligned with those of providers of high-risk AI systems. The obligations of importers and distributors are primarily of a verification nature. In general, the obligations of distributors are more limited than those of importers, who bear the burden of primary verification of compliance by providers. In contrast, the obligations of deployers are generally not subordinate to those of providers but constitute an independent responsibility arising from the need to address the risks posed during the deployment phase of high-risk AI systems. A specific situation arises where interference with AI systems results in the imposition of obligations on a non-deployer that are equivalent to those imposed on providers of high-risk AI systems. This is because AI-based systems are, among other things, susceptible to changes in their purpose in ways that are independent of their design and the intentions of their providers. Proper identification and understanding of the responsibilities of the various actors in the supply chain are key to minimising the risks associated with the use of high-risk AI systems across the European Union and to avoiding the imposition of financial sanctions.