Quick Summary
This is a practical, step-by-step checklist for complying with Article 50 of the EU AI Act — the transparency rule requiring disclosure of AI-generated and AI-manipulated content. Article 50's obligations become enforceable in August 2026, so this guide walks through inventorying your content, classifying what's in scope, closing exemption gaps, implementing disclosures, and documenting the whole process.
Why this checklist matters now
Article 50 has been law since the EU AI Act entered into force, but organisations have had a transition period to prepare. That runway is nearly over.
Unlike a lot of AI Act coverage that stays theoretical, this is meant to be worked through in order. Each step below builds on the one before it.
Step 1: Inventory your AI-generated and AI-modified content
You can't disclose what you haven't found. Start by cataloguing everywhere AI touches your published content:
- ✓Marketing copy, blog posts, and product descriptions drafted or edited by AI
- ✓Product photography or graphics generated or retouched by AI tools
- ✓Video or audio that's been AI-generated or AI-modified (including voiceovers and dubbing)
- ✓Chatbots, virtual assistants, or other AI systems that interact directly with users
- ✓Any use of emotion recognition or biometric categorisation on your site or app
This is usually the slowest step and the one organisations underestimate — content accumulates across teams, tools, and years, and most of it was never tagged as "AI-involved" at the time.
Step 2: Classify what's actually in scope
Not everything you find in Step 1 is automatically a disclosure obligation. Article 50 draws a distinction between content that merely used AI somewhere in its production and content a reasonable person could mistake for authentic, human-generated material.
Focus your classification on the categories Article 50 actually names:
- ✓AI-generated or AI-manipulated images, audio, or video that could pass as authentic
- ✓Deepfakes — synthetic media depicting real people saying or doing things they didn't
- ✓AI systems that interact directly with people (chatbots, voice assistants)
- ✓Emotion recognition and biometric categorisation systems
- ✓AI-generated text published on matters of public interest
If you need the underlying legal detail rather than a working summary, our EU AI Act explainer and the Law vs Guidelines vs Code of Practice breakdown cover this in full.
Step 3: Determine your role — provider or deployer
Your obligations differ depending on whether you built the AI system or you're using someone else's. Most organisations doing this checklist are deployers — using third-party AI tools rather than building their own models — but the line isn't always obvious, especially if you've fine-tuned or heavily customised a tool.
Our provider vs deployer guide walks through exactly how to tell which one you are and what changes if you're both.
Step 4: Check for exemptions before you assume everything needs a label
Not every piece of AI-touched content needs disclosure. Article 50 carves out exemptions for certain editorial, artistic, and law-enforcement uses, and some jurisdictions layer additional carve-outs on top.
See our full breakdown of AI disclosure exceptions by jurisdiction and industry before you finalise your Step 2 classification list.
Step 5: Design and implement your disclosures
For everything that survives Steps 2 and 4, you need an actual disclosure — not just an internal note that something is AI-generated.
Common implementation patterns include:
- ✓Visible labels or badges on AI-generated images and video
- ✓Machine-readable metadata or watermarking, so disclosure survives downstream reuse
- ✓Clear, upfront statements when a chatbot or virtual assistant is AI, not human
- ✓Consistent placement and wording so disclosures read the same way across your site
The Commission's Code of Practice documents recommended implementation patterns and official disclosure icons if you want a recognised starting point rather than designing your own from scratch.
Step 6: Align with the Guidelines and Code of Practice
The Article 50 Guidelines aren't legally binding, but they're the clearest signal of how regulators expect the law to be interpreted in practice — and the Code of Practice gives you a recognised implementation framework you can point to if your approach is ever questioned.
Our Law vs Guidelines vs Code of Practice guide explains how the three fit together.
Step 7: Document everything
Regulators expect to see your reasoning, not just your labels. For each content type in your inventory, keep a record of:
- ✓Why it was classified as in-scope or exempt
- ✓What disclosure method you chose and why
- ✓When the disclosure was applied
- ✓Who reviewed and approved the decision
This audit trail is what turns "we think we're compliant" into something you can actually demonstrate. Our AI transparency audit guide goes deeper into building this out as an ongoing process rather than a one-off exercise.
Step 8: Assign ownership and train your team
Compliance breaks down fastest when nobody owns it. Assign a specific person or team to:
- ✓Review new content against your classification criteria before publication
- ✓Keep the disclosure documentation from Step 7 up to date
- ✓Stay current as the Guidelines and Code of Practice evolve
- ✓Field questions from other teams about whether something needs a label
Step 9: Monitor and revisit
Article 50 compliance isn't a one-time project. New content ships continuously, AI tools change what they're capable of, and the Guidelines are still being refined. Revisit your inventory and classification on a regular cadence — quarterly is a reasonable starting point for most organisations — rather than treating this checklist as a single pass.
Penalties for non-compliance
Transparency violations under Article 50 fall under the EU AI Act's general penalty tier: fines of up to €7.5 million or 1.5% of global annual turnover, whichever is higher. That's lower than the penalties for prohibited practices or high-risk system violations, but it's still a meaningful exposure — and regulators have shown they're willing to act once enforcement powers are live.
How TickAI helps
Working through this checklist manually across a large website is slow. TickAI is built to shortcut Steps 1, 2, and 7 specifically: it scans your site to discover AI-generated and AI-modified content, helps you decide what's in scope, and maintains the audit trail regulators expect to see — so the rest of this checklist becomes a much smaller lift.


