Article 13 of the EU AI Act requires high-risk AI systems to be designed so their operation is sufficiently transparent for deployers to interpret outputs and use them appropriately, and to be accompanied by instructions for use containing concise, complete, correct and clear information, including the system's capabilities, limitations and human oversight measures.
EU AI Act Article 13: Transparency and Instructions for Use for Deployers
What Article 13 Covers
Article 13 of Regulation (EU) 2024/1689 governs the information relationship between the provider of a high-risk AI system and the organisations that deploy it. It has two components. First, a design duty: the system must be designed and developed in such a way that its operation is sufficiently transparent to enable deployers to interpret the system's output and use it appropriately. Second, a documentation duty: the system must be accompanied by instructions for use in an appropriate digital format or otherwise.
The provision recognises a structural reality of the AI value chain. Deployers carry their own obligations under Article 26, including using systems in accordance with instructions, assigning human oversight and monitoring operation. They can only discharge those obligations if the provider equips them with honest, usable information. Article 13(1) makes this explicit: transparency must be ensured with a view to achieving compliance with the relevant obligations of both the provider and the deployer.
The Quality Standard for Instructions
Article 13(2) requires the instructions for use to include concise, complete, correct and clear information that is relevant, accessible and comprehensible to deployers. Each adjective does work. Concise rules out burying critical limitations in hundreds of pages. Complete rules out omitting known weaknesses. Correct rules out marketing optimism that overstates accuracy. Comprehensible means the information must land with the actual audience, which is often a procurement or operations team rather than machine learning researchers.
Mandatory Contents of the Instructions for Use
Article 13(3) lists the minimum contents. The instructions must contain at least:
- The identity and contact details of the provider and, where applicable, of its authorised representative.
- The characteristics, capabilities and limitations of performance of the system, including its intended purpose; the level of accuracy, including the relevant metrics, robustness and cybersecurity against which it was tested and validated, and any known or foreseeable circumstances that may impact those levels; any known or foreseeable circumstance that may lead to risks to health, safety or fundamental rights; where applicable, the technical capabilities to provide information relevant to explaining outputs; where appropriate, performance regarding specific persons or groups on which the system is intended to be used; specifications for the input data and, where appropriate, information on the training, validation and testing datasets; and where applicable, information enabling deployers to interpret the output and use it appropriately.
- Any predetermined changes to the system and its performance.
- The human oversight measures referred to in Article 14, including the technical measures put in place to facilitate interpretation of outputs by deployers.
- The computational and hardware resources needed, the expected lifetime of the system, and any necessary maintenance and care measures, including the frequency of software updates.
- Where relevant, a description of the mechanisms included in the system that allow deployers to properly collect, store and interpret the logs referred to in Article 12.
How to Implement Article 13 in Practice
- Treat the instructions for use as a product, with an owner, a review cycle and version control linked to model releases.
- Translate test results into operational guidance. Stating an accuracy figure is not enough if deployers cannot tell what it means for their workflow; pair metrics with the conditions under which they were measured and the situations where performance degrades.
- Write the limitations section first. Known failure modes, out-of-scope uses and populations where performance differs are the contents regulators are most likely to scrutinise, and the contents deployers most need.
- Align with Article 14 oversight design, so that the oversight measures described in the instructions match the controls that actually exist in the interface.
- Specify input data requirements concretely: formats, quality thresholds, language coverage and sampling assumptions.
- Check readability with a real deployer audience before release, and provide the instructions in the languages required for the markets served.
A Concrete Example
A provider sells an AI triage assistant to hospital networks. Under Article 13, its instructions for use would state the intended purpose as preliminary prioritisation of incoming cases for review by clinical staff; report the validated accuracy metrics together with the patient populations and data sources used in validation; warn that performance has not been validated for paediatric cases if that is so; describe the override and escalation controls available to clinicians; specify the minimum data fields the system needs; state the expected lifetime and update cadence; and explain how the hospital can access and interpret the system's logs. A hospital reading this document should be able to set up compliant human oversight without further reverse engineering.
How Article 13 Connects to Other Provisions
Article 13 is the information bridge between provider duties and deployer duties. The accuracy declaration links to Article 15(3), which requires accuracy levels and metrics to be declared in the accompanying instructions for use. The oversight content links to Article 14. The log-related content links to Article 12 and to the deployer monitoring duty in Article 26(5). The instructions form part of what importers and distributors must verify under Articles 23 and 24, and Article 86 explanations to affected persons will in practice draw on the interpretability information the provider supplies here. The technical documentation under Article 11 and Annex IV includes the instructions as part of the system description.
Actions to Take Before August 2, 2026
Providers should draft instructions for use alongside development rather than at the end, validate them with pilot deployers, and ensure consistency between the instructions, the technical documentation and any marketing claims, since inconsistency between declared and advertised performance is an obvious enforcement target. Deployers should start requesting draft instructions during procurement and treat their absence or vagueness as a red flag. The obligations apply to high-risk AI systems from August 2, 2026. This article provides general information about Regulation (EU) 2024/1689 and is not advice on any specific system.
Check your AI compliance readiness — free.
Take the Readiness Check 3 minutes · 10 questions · no signup requiredThis article is for informational purposes only and does not constitute legal advice. Regulatory requirements change frequently — verify current rules with official sources. Built by Sawai Gyoseishoshi Office, Hiroshima, Japan.