How Agentic AI Systems Are Regulated Under the EU AI Act
Agentic AI is moving from demonstrations into real workflows: research assistants that plan evidence searches, customer agents that trigger transactions, clinical workflow assistants that retrieve information and prepare recommendations, and operations agents that coordinate tasks across systems.
The EU AI Act does not create a separate legal category called agentic AI. It regulates the system by what it is, who provides or deploys it, what it does, what risk the use case creates, and whether sector rules such as MDR or IVDR also apply.
Start with the definition
Article 3(1) defines an AI system as a machine-based system designed to operate with varying levels of autonomy and to generate outputs such as predictions, content, recommendations or decisions that can influence environments. This already captures much of agentic AI.
Separate model from system
A GPAI model is one layer. The agentic application adds instructions, retrieval, tools, memory, access rights, workflow logic and logging. A company building an agent on top of a model API may still be the provider of a regulated AI system.
Risk depends on use case
Agentic capability does not automatically mean high-risk AI. High-risk classification comes mainly from Article 6, Annex III and product-safety legislation. Employment, essential services, critical infrastructure, education, law enforcement and clinical uses require special care.
High-risk obligations become design controls
High-risk systems need risk management, data governance, documentation, logs, transparency, human oversight, robustness, cybersecurity, QMS, conformity assessment where applicable, post-market monitoring and incident reporting. For agents this means permitted tasks, allowed tools, prohibited actions, approval gates, escalation paths, stop controls and audit logs of prompts, sources, tool calls and downstream actions.
Medical devices: dual compliance can apply
If AI software qualifies as a medical device under MDR or IVDR and requires notified body assessment, the AI Act high-risk framework is likely to apply too. The AI Act does not replace MDR or IVDR; it adds AI-specific controls integrated with technical documentation, clinical evaluation, usability, cybersecurity, PMS and vigilance.
Practical checklist
- Classify the system early.
- Map legal roles.
- Define intended purpose and autonomy limits.
- Control tools and permissions.
- Log the full action loop.
- Validate realistic and adversarial scenarios.
- Design human oversight into workflow.
- Monitor after deployment.
Executive takeaway
Agentic AI does not escape regulation because it is new, and it is not automatically high-risk because it is autonomous. The answer is contextual: what the system does, who provides or deploys it, what actions it can influence and which sector rules already apply.
