Which obligations under the EU AI Act apply to deployers in Spain right now?

Three categories of obligation are already in force. First, Article 5 prohibited practices have applied since 2 February 2025: no AI system may use subliminal manipulation, exploit vulnerabilities to distort behaviour, carry out social scoring by public authorities, or conduct real-time remote biometric identification in public spaces by law enforcement (subject to narrow exceptions). Second, Article 4 AI literacy obligations have applied since 2 February 2025: deployers must ensure that staff who operate AI systems on their behalf have a sufficient level of AI literacy for the role. Third, if the deployer uses a general-purpose AI model (GPAI), the provider of that model has been subject to GPAI obligations under Chapter V since 2 August 2025. The next threshold is 2 August 2026, when Article 50 transparency obligations (disclosure to users that they are interacting with AI, labelling of AI-generated content) and high-risk deployer obligations under Article 26 apply to systems within Annex III. The Digital Omnibus provisional agreement of 7 May 2026 proposes moving the Annex III high-risk date to 2 December 2027, but this is not yet formally adopted or published in the Official Journal: the 2 August 2026 date remains legally binding until publication.

What are the deployer obligations under Article 26 of the EU AI Act?

Article 26 sets out the core obligations for deployers of high-risk AI systems. Deployers must: use the system only in accordance with the provider's instructions of use; implement appropriate technical and organisational measures to ensure the system is used as instructed; assign human oversight to natural persons who have the necessary competence, authority, and resources; monitor the system's operation and report serious incidents to the provider and, where required, to AESIA under Article 73; conduct a Fundamental Rights Impact Assessment (FRIA) under Article 27 where the system is used in enumerated sensitive contexts including employment decisions, creditworthiness, access to essential services, education, or law enforcement; maintain logs generated by the system where it is within their technical control to do so; and inform individuals subject to consequential decisions made using the system. Deployers in Spain who cannot comply with these obligations after receiving a high-risk system from a provider must notify AESIA and suspend use.

What is the draft Organic Law on AI governance that Spain submitted to Congress in May 2026?

On 26 May 2026, Spain's Council of Ministers approved and submitted to the Congress of Deputies a draft Organic Law on the proper use and governance of artificial intelligence. The draft does not create new substantive AI obligations beyond the EU AI Act (which is a directly applicable Regulation) but rather provides the national institutional and sanctioning architecture required for implementation. Its key provisions include: formal designation of notifying authorities and market surveillance authorities in Spain, including AESIA as the single point of contact; a sanctioning regime that applies the EU AI Act penalty tiers in Spanish administrative law; an obligation on public-sector bodies to maintain and publish a register of AI systems in use; coordination mechanisms between AESIA, AEPD, Banco de España, CNMV, and sector regulators; and provisions governing the national AI regulatory sandbox operated by AESIA. The law must complete parliamentary scrutiny and cannot substitute for the EU AI Act which is already directly applicable.

How does AESIA's regulatory sandbox work and who can access it?

AESIA operates Spain's national AI regulatory sandbox under Article 57 of Regulation (EU) 2024/1689, which requires Member States to establish at least one real-world testing environment. Spain was the first EU Member State to have a functioning AI sandbox and is now in its third cohort. The sandbox allows providers to test high-risk or borderline AI systems in a controlled environment with AESIA supervision, including systems that would otherwise trigger full conformity assessment requirements. Participation provides regulatory certainty and direct dialogue with AESIA during development. By mid-2026 more than 20 AI systems had been processed end-to-end through the sandbox. Applications are submitted to AESIA at aesia.digital.gob.es. SMEs and start-ups receive priority access under Article 64 of the Regulation.

How does Spain coordinate between AESIA and AEPD on AI systems that process personal data?

Most AI systems that process personal data in Spain will fall simultaneously under Regulation (EU) 2024/1689 (the AI Act, supervised by AESIA) and Regulation (EU) 2016/679 (GDPR, supervised by AEPD). AESIA and AEPD operate under a formal cooperation protocol. When an AI system triggers both AI Act obligations and data protection obligations, AESIA is the lead supervisory authority for the AI-specific requirements (risk management, technical documentation, human oversight) while AEPD retains jurisdiction over data protection issues (lawful basis, data subject rights, DPIA obligations). An automated decision that uses personal data and triggers Article 22 GDPR rights will generally require both a DPIA under GDPR supervised by AEPD and, if the system is high-risk, a Fundamental Rights Impact Assessment under Article 27 of the AI Act reviewed by AESIA. Operators should treat the two assessments as complementary, not alternative.

What practical steps should an operator take to prepare for 2 August 2026 in Spain?

Six concrete steps apply regardless of whether the Digital Omnibus deferral is formally adopted before 2 August 2026. First, classify every AI system you deploy against the Annex III high-risk categories: employment and workers management (Article 6(2)(b)), education (6(2)(a)), access to essential private and public services and benefits (6(2)(c)), creditworthiness (6(2)(b) finance), critical infrastructure (6(2)(g)), law enforcement (6(2)(d)), migration and asylum (6(2)(e) and (f)), and administration of justice (6(2)(h)). Second, for systems that qualify, download and work through AESIA's 16 compliance guides from aesia.digital.gob.es/en/guides, paying particular attention to guides 5 (Risk Management), 7 (Data Governance), 8 (Transparency), 10 (Human Oversight), and 14 (Serious Incident Reporting). Third, review your GPAI provider's technical documentation and code of practice adherence if you deploy a general-purpose AI model; your Article 26 obligations include using the system in line with the provider's instructions. Fourth, conduct a Fundamental Rights Impact Assessment under Article 27 for any Annex III system used in employment, credit, education, or public service access contexts. Fifth, establish or audit the human oversight mechanism required by Article 14: a named person, with the competence and authority to intervene or suspend the system, must be in place before deployment. Sixth, brief your commercial insurance broker on the specific Annex III category your system falls into and the documentation you have built, as this determines what underwriting class applies.

AI Liability and Operator Duties in Spain: 2026 Guide

Q: What is Spain's liability exposure for an AI agent that causes harm to a third party?

Spain's civil liability for AI agent harm operates under three overlapping frameworks. First, the EU AI Act's penalty regime enforced by AESIA applies to regulatory breaches, not to civil compensation to harmed parties. Second, Spain's general civil liability rules under Articles 1902 to 1910 of the Codigo Civil (tort law) apply, requiring fault and causation. Third, and prospectively, Directive (EU) 2024/2853 (the revised Product Liability Directive), formally adopted 18 November 2024 and applying to products placed on the market after 9 December 2026, expressly includes software and AI systems within the definition of product. Under the revised PLD, a claimant will benefit from rebuttable presumptions of defectiveness where the defendant has not complied with mandatory safety obligations under EU law (such as the AI Act), and where the system's technical complexity makes it excessively difficult to establish a defect. Spain must transpose the revised PLD by 9 December 2026. Operators placing AI systems on the Spanish market after that date face the expanded liability framework, including compensable data loss and medically recognised psychological harm.

Q: What are the penalties for AI Act violations in Spain?

Regulation (EU) 2024/1689 sets maximum penalty tiers which member states must implement. AESIA holds enforcement authority for these in Spain. The tiers are: up to EUR 35 million or 7 per cent of total worldwide annual turnover (whichever is higher) for violations of Article 5 prohibited practices; up to EUR 15 million or 3 per cent of turnover for violations of high-risk provider and deployer obligations (including Article 26 deployer duties, Article 9 risk management, Article 13 transparency, Articles 16 and 17 documentation, and Article 73 incident reporting); and up to EUR 7.5 million or 1 per cent of turnover for supplying incorrect, incomplete, or misleading information to AESIA. Penalties for SMEs are calculated at the lower of the absolute cap or the percentage cap. AESIA Director Belda has signalled a warnings-first approach through 2025 and into 2026, with formal penalties reserved for clear, deliberate, or repeated violations. No public enforcement decisions had been published as of June 2026.

Q: What insurance options exist for an AI operator exposed to liability in Spain?

Spain sits within the European AI insurance market, which is at an early stage. The market instruments available to Spanish operators include: Munich Re aiSure, a parametric or performance-based policy settling on measurable AI performance data (verify current availability for Spanish-domiciled risks before purchase); Armilla, a Lloyd's coverholder offering AI liability and performance cover reported at up to approximately USD 25 million [VERIFY current terms]; HSB (Hartford Steam Boiler, Munich Re group), which has offered affirmative AI and algorithmic-risk cover to SMEs; and the AIUC-1 standard, introduced following the ElevenLabs voice agent policy announced 11 February 2026, which provides a structured benchmark for AI agent insurability. EIOPA's Opinion on AI governance and risk management (EIOPA-BoS-25-360, 6 August 2025) signals that European insurance supervisors, including Spain's DGSFP, expect insurers to address AI governance risk within their own underwriting and risk management frameworks. Operators preparing for insurance should document their Article 9 risk management system, Article 13 transparency implementation, and Article 26 human oversight measures as these form the core of any underwriting submission.

What an operator in Spain must know first. Spain is uniquely positioned within the EU AI Act architecture. AESIA (Agencia Española de Supervisión de la Inteligencia Artificial), created by Royal Decree 729/2023 and operational since June 2024, is the EU's first dedicated national AI supervisory agency. The EU AI Act applies directly in Spain today. Prohibited practices under Article 5 have been enforceable since 2 February 2025. High-risk deployer obligations under Article 26 apply from 2 August 2026 (with a proposed deferral under the Digital Omnibus to 2 December 2027, not yet formally adopted). Any business deploying an AI agent in Spain faces a named, operational enforcement authority, 16 published compliance guides, and a sanctions regime reaching EUR 35 million or 7 per cent of global turnover at the highest tier.

Spain did not wait for the EU AI Act enforcement architecture to arrive. By establishing AESIA before the Act's own governance provisions came into force, Spain became the only EU Member State with a functioning, staffed AI supervisory agency ready to enforce rules that most other national authorities were still preparing for. A draft Organic Law on AI governance approved by Spain's Council of Ministers on 26 May 2026 adds national institutional architecture on top of the directly applicable Regulation. This guide maps what operators and deployers of AI systems in Spain are required to do now, what AESIA is, what the national law adds, and what the liability picture looks like when an AI agent causes harm.

Key takeaways

AESIA is Spain's national competent authority under Article 70 of Regulation (EU) 2024/1689. It is the first dedicated AI supervisory agency in the EU, operational since June 2024 under Royal Decree 729/2023.
Article 5 prohibited practices have been enforceable since 2 February 2025. Article 50 transparency obligations and Annex III high-risk deployer obligations under Article 26 apply from 2 August 2026 under the currently binding law.
The Digital Omnibus provisional agreement of 7 May 2026 proposes moving the Annex III date to 2 December 2027. This is not yet formally adopted or published in the Official Journal: the 2 August 2026 date remains the binding deadline.
A draft Organic Law on AI governance was submitted to the Spanish Congress of Deputies on 26 May 2026. It provides the national sanctioning, institutional coordination, and public-sector transparency architecture required for implementation of the Regulation.
AESIA has published 16 compliance guides covering all core obligations for providers and deployers of high-risk AI systems, available in Spanish at aesia.digital.gob.es.
AESIA operates Spain's national AI regulatory sandbox, currently in its third cohort, which has processed more than 20 systems end-to-end. SMEs receive priority access under Article 64 of the Regulation.
The revised Product Liability Directive (EU) 2024/2853 expressly covers software and AI systems. It applies to products placed on the market after 9 December 2026. Spain must transpose it by that date, creating an additional civil liability route for harmed third parties from 9 December 2026 onwards.
AESIA coordinates formally with AEPD on cases where the AI Act and GDPR overlap. Most AI systems using personal data will trigger both supervisory regimes simultaneously.

AESIA: the first dedicated AI supervisory agency in the EU

When the EU AI Act was published in the Official Journal on 12 July 2024 and entered into force on 1 August 2024, most Member States were still designing their supervisory architecture. Article 70 of Regulation (EU) 2024/1689 required Member States to designate national competent authorities by 2 August 2025. Spain had already moved.

Royal Decree 729/2023, approved by the Spanish Council of Ministers in August 2023 and published in the Official Gazette (BOE) the same month, established AESIA's statute, defined its functions, and located it within the Ministry of Economic Affairs and Digital Transformation (now under the Ministry for Digital Transformation and Civil Service). AESIA became operational in June 2024, more than a year before the EU AI Act's own governance architecture (the AI Board, European AI Office, scientific panel, and advisory forum) became fully active in August 2025.

AESIA's mandated functions under Royal Decree 729/2023 and the EU AI Act include: market surveillance for AI systems placed on or entering the Spanish market; receiving and investigating complaints from individuals and organisations about AI Act violations; conducting audits, inspections, and investigations of providers, deployers, and authorised representatives; imposing the penalty regime under Article 99 of the Regulation; operating the national AI regulatory sandbox under Article 57; publishing guidance for providers and deployers; coordinating with other national authorities including AEPD, Banco de España, and CNMV on overlapping regulatory perimeters; and representing Spain in the European AI Board.

AESIA's Director General has publicly described the agency's current posture as guidance-first. No public enforcement decisions had been issued as of June 2026. The agency's stated approach is to issue warnings and require corrective action before imposing financial penalties, except where violations are deliberate, repeated, or cause clear harm. This does not mean operators can treat Article 5 prohibitions as aspirational: the sanctioning powers have been in place since 2 August 2025, and the warnings-first posture applies to procedural violations, not to prohibited practices.

The EU AI Act as it applies in Spain

Regulation (EU) 2024/1689 is directly applicable across all EU Member States without national transposition. It entered into force on 1 August 2024. Its obligations apply in a phased sequence. Understanding that sequence is the starting point for any operator deploying an AI system in Spain.

What is already in force

Article 5 prohibited practices have applied since 2 February 2025. For an operator in Spain, this means the following are illegal and enforceable by AESIA now. AI systems that use subliminal techniques operating below the threshold of a person's consciousness to materially distort their behaviour in a way that causes or is likely to cause harm. Systems that exploit specific vulnerabilities of a group of persons due to their age, disability, or economic situation to materially distort their behaviour. Systems used by public authorities for social scoring based on social behaviour or personal characteristics leading to detrimental treatment outside the context where data was generated. Real-time remote biometric identification systems in publicly accessible spaces by law enforcement (subject to specific, narrow exceptions requiring judicial authorisation). Emotion recognition systems in workplaces and educational institutions (with narrow exceptions for safety purposes and medical or research purposes). AI systems that create or expand facial recognition databases through untargeted scraping.

Article 4 AI literacy obligations have applied since 2 February 2025. Providers and deployers must ensure that staff who operate AI systems on their behalf have a sufficient level of AI literacy for their tasks. This means deployers are already obliged to have completed basic training or briefing of employees who use AI tools in their day-to-day work. AESIA's guidance on AI literacy sets out a competency framework that can serve as a practical benchmark.

GPAI model obligations under Chapter V have applied since 2 August 2025. If an operator in Spain deploys a system built on a general-purpose AI model (such as a large language model-based AI agent), the provider of that underlying model must have brought it into compliance with GPAI documentation, copyright transparency, and risk management obligations. Deployers do not directly bear GPAI provider obligations, but they rely on the GPAI provider's compliance to operate legally. If the GPAI provider is not compliant, the system the deployer has built on top of it may carry inherited risk.

What applies from 2 August 2026

Article 50 transparency obligations apply from 2 August 2026 and are not deferred by the Digital Omnibus provisional agreement. From that date: any deployer operating a chatbot or conversational AI agent must disclose to users, in a clear and timely manner, that they are interacting with an AI system, unless this is obvious from context. AI-generated audio, video, image, or text content that could mislead people must be labelled as AI-generated. Emotion recognition and biometric categorisation systems must notify individuals subject to their processing. A narrow watermarking grace period to 2 December 2026 applies only for machine-readable marking of AI-generated content by systems already on the market before 2 August 2026.

High-risk deployer obligations under Article 26 of Regulation (EU) 2024/1689 also apply from 2 August 2026 for systems within Annex III. The Annex III categories include: AI systems used in the management and operation of critical infrastructure (electricity, water, transport, gas); AI systems used in education, vocational training, or student assessment; AI systems used in employment, workers management, and access to self-employment; AI systems used in access to essential private services and essential public services and benefits including credit scoring, insurance risk assessment, and social benefit eligibility; AI systems used in law enforcement and border control; AI systems used in the administration of justice; and AI systems used in democratic processes and electoral systems.

The Digital Omnibus caveat

On 7 May 2026, the Council, Parliament, and Commission reached a provisional political agreement in trilogue on the Digital Omnibus on AI, which would move the Annex III high-risk compliance date from 2 August 2026 to 2 December 2027. This agreement has not been formally adopted by the Council and Parliament and had not been published in the Official Journal of the European Union as of mid-June 2026. The provisional agreement must clear formal adoption procedures. Until publication, the 2 August 2026 date remains the legally binding deadline under Regulation (EU) 2024/1689 as enacted. Operators who defer compliance preparation in reliance on the proposed deferral are taking regulatory risk. AESIA has not published guidance indicating it will suspend enforcement pending the Omnibus adoption.

Spain's draft Organic Law on AI governance

On 26 May 2026, Spain's Council of Ministers approved a draft Organic Law on the proper use and governance of artificial intelligence and submitted it to the Congress of Deputies for parliamentary scrutiny. The law is not yet in force. Its purpose is not to supplement the substantive requirements of the EU AI Act, which is directly applicable, but to provide the national institutional and procedural architecture without which the Regulation cannot be fully enforced domestically.

The draft law's key provisions include the following. It formally designates AESIA as the single point of contact for the supervisory architecture under the EU AI Act and as the market surveillance authority for AI systems not covered by sector-specific product frameworks. It designates sectoral authorities (AEPD for personal data, Banco de España and CNMV for financial services, AEMPS for medical devices, and others) as the competent authorities for AI systems within their existing regulatory perimeters. It implements the penalties regime in Spanish administrative law, applying the Article 99 tiers and adding provisions that calibrate fines for SMEs. It introduces a requirement for public-sector bodies in Spain to maintain and publish a register of AI systems in use, beyond what the EU AI Act itself requires. It provides legislative grounding for AESIA's sandbox operation and defines the criteria for SME and start-up priority access. It establishes formal coordination mechanisms between AESIA and sector authorities, codifying the cooperation that AESIA and AEPD have been operating under informal arrangement since 2024.

Parliamentary processing typically takes several months in Spain. The law will need to pass through the Congreso de los Diputados and the Senado. Given the current parliamentary arithmetic, the timeline for enactment is uncertain, but the substance is not controversial among the major parties, all of which have supported alignment with the EU AI Act framework. The practical implication for operators is that the EU AI Act's substantive obligations already apply by direct effect, and AESIA's enforcement powers already exist through the Regulation itself. The organic law adds procedural clarity and the public-sector register requirement; it does not add delay to the operator's compliance obligations.

AESIA's 16 compliance guides: what deployers should use

In December 2025, AESIA published a suite of 16 compliance guides covering all major obligations under the EU AI Act for providers and deployers of high-risk systems. These are available in Spanish at aesia.digital.gob.es/en/guides and represent the most operationally detailed national-level guidance published by any EU Member State authority for the Regulation. They are non-binding but represent AESIA's interpretation of the obligations, making them the practical reference for any operator seeking to demonstrate compliance to a Spanish regulator.

The 16 guides cover: introduction to the AI Regulation; practical guide with examples; conformity assessment; quality management system; risk management; human oversight; data and data governance; transparency; accuracy; robustness; cybersecurity; records; post-market monitoring; serious incident reporting; technical documentation; and a self-assessment checklist guide. Each guide includes an Excel-format checklist that operators can use to document their compliance measures and identify gaps. AESIA has characterised these as living resources subject to regular update as European Commission implementation acts and harmonised standards develop.

For a deployer in Spain operating an AI agent that falls within an Annex III category, the practical starting sequence is: Guide 5 (risk management under Article 9), Guide 7 (data governance under Article 10), Guide 8 (transparency under Article 13 for high-risk systems and Article 50 for all systems), Guide 10 (human oversight under Article 14), and Guide 14 (serious incident reporting under Article 73). The checklist templates from Guide 16 provide a documentation format that AESIA inspectors can be expected to recognise.

AESIA's regulatory sandbox

Article 57 of Regulation (EU) 2024/1689 requires Member States to establish at least one AI regulatory sandbox by 2 August 2026. Spain had already established its sandbox before the Regulation entered into force. AESIA's national sandbox allows providers to test AI systems that would otherwise require full conformity assessment in a supervised real-world environment. The sandbox provides access to AESIA staff, regulatory dialogue, and a structured exit pathway to market.

The sandbox is now in its third cohort. By mid-2026 more than 20 AI systems had been processed through the programme end-to-end, across sectors including finance, healthcare, education, and employment management. Participation in the sandbox does not exempt an operator from eventual compliance with the full Regulation requirements, but it provides a period of supervised development, reduces uncertainty about classification decisions, and builds a documented record of engagement with the regulator that is relevant in any subsequent enforcement proceedings.

SMEs and start-ups have priority access under Article 64 of the Regulation. Applications are submitted to AESIA directly at aesia.digital.gob.es. Sandbox participation agreements set out the specific testing parameters, the data access and confidentiality rules, and the timeline for the testing period.

AESIA and AEPD: the dual-regime reality

Most AI systems deployed in Spain process personal data. This creates a dual-regime situation that operators must address structurally. AESIA supervises the AI Act obligations. AEPD supervises GDPR compliance and the national organic law on data protection (Ley Orgánica 3/2018, LOPDGDD). The two authorities operate under a formal cooperation protocol.

The practical implications for a deployer are the following. A Fundamental Rights Impact Assessment required by Article 27 of the AI Act for Annex III systems used in employment, credit, education, or essential services is not the same as a Data Protection Impact Assessment required by Article 35 GDPR, although they cover overlapping ground. AESIA expects the FRIA; AEPD expects the DPIA. An operator should conduct both and cross-reference them. AEPD has published updated recommendations specifically on AI-based voice transcription and automated decision-making under GDPR, which provide a practical framework for the GDPR side of a dual-regime assessment.

Where an AI system's outputs constitute a solely automated decision that produces legal or similarly significant effects on data subjects, Article 22 GDPR applies alongside Article 26 of the AI Act. AEPD enforces Article 22 rights (the right to human review, the right to an explanation, and the right to contest). AESIA enforces the AI Act's transparency and human oversight obligations. Both require documentation. The safest approach is a unified governance structure with a single record that addresses both regulators' expectations, rather than two siloed compliance programmes.

Civil liability when an AI agent causes harm in Spain

The EU AI Act establishes a public regulatory regime with administrative penalties. It does not itself create a private right of action for individuals harmed by AI systems. Civil liability for AI agent harm in Spain operates through three legal channels.

Spanish tort law under the Codigo Civil

Articles 1902 to 1910 of the Spanish Codigo Civil establish the general framework for extracontractual civil liability. The foundational rule under Article 1902 requires a person who causes damage to another through fault or negligence to repair that damage. Applied to AI agent harm, this means a claimant must establish: that the AI system produced an output or took an action that caused identifiable harm; that the operator of the system was at fault (failed to take reasonable precautions), or negligent in their deployment; and causation between the deployment and the harm.

The opacity of complex AI systems makes the causation and fault elements difficult to establish in practice. Spanish courts, consistent with other European jurisdictions, have not yet developed a substantial body of case law specifically addressing AI agent liability. The general principles of fault-based tort apply, but claimants face practical evidentiary challenges. The Mata v. Avianca case (Southern District of New York, 2023), while not a Spanish case, illustrates the legal consequences of AI-generated output causing harm in a professional context: the court imposed sanctions on the lawyer who filed the AI-generated brief containing fabricated citations without verification. Spanish courts would likely reach an analogous result under general professional liability principles. The Moffatt v. Air Canada case (British Columbia Civil Resolution Tribunal, 2024) illustrates the principle that an operator cannot disclaim liability for their AI agent's statements to customers: the deployer, not the AI system, bears the legal obligation. Spanish consumer law and general civil liability principles support the same conclusion.

Product liability under Ley 3/2022 and the revised PLD

Spain's existing product liability framework is governed by Ley 3/2022, the national transposition of the original Product Liability Directive 85/374/EEC, and by the product safety provisions of the Ley General para la Defensa de los Consumidores y Usuarios (LGDCU). Under the existing framework, software and AI systems have generally not been classified as products for product liability purposes in Spain, leaving harm from AI software outputs within the fault-based tort framework.

This will change on 9 December 2026, when Directive (EU) 2024/2853 (the revised Product Liability Directive) must be transposed into Spanish law. The revised PLD expressly includes software and AI systems within the definition of product. It applies to products placed on the market or put into service after 9 December 2026. Under the revised PLD, a Spanish claimant will benefit from rebuttable presumptions of defectiveness: where the defendant has not complied with EU-law safety obligations (which include the EU AI Act), or where the technical complexity of the system makes it excessively difficult for the claimant to prove the defect, the burden of proof shifts toward the defendant. The revised PLD also expands the categories of compensable damage to include data loss and medically recognised psychological harm, alongside existing categories of physical and property damage.

The practical consequence for operators placing AI agents on the Spanish market after 9 December 2026 is a materially more demanding civil liability landscape. Non-compliance with the AI Act not only risks administrative penalties from AESIA: it also creates a rebuttable presumption of product defect in civil litigation. The two regimes reinforce each other, and compliant documentation built for AESIA purposes (risk management under Article 9, technical documentation under Articles 16 and 17, incident records under Articles 12 and 73) is simultaneously the evidence base for defending product liability claims.

Contractual liability in B2B deployments

Many AI agents are deployed by a business operator as part of a service delivered to business clients. In these B2B contexts, the contractual framework between the operator and its client allocates liability risk as between the two parties. Spanish contract law under the Codigo Civil and the Codigo de Comercio governs these allocations. Standard AI vendor contracts typically attempt to limit the vendor's liability for AI outputs, exclude consequential loss, and require the deployer customer to use the system in accordance with instructions. These provisions are enforceable between commercial parties under Spanish law (unlike B2C contexts, where consumer protection rules limit exclusion clauses under the LGDCU). Operators on both sides of a B2B AI contract should review their liability allocation in light of the AI Act's deployer obligations: an operator who breaches Article 26 deployer duties cannot simply pass liability to the AI provider where the breach arises from the deployer's own conduct.

Insurance for AI operators in Spain

The commercial insurance market for AI agent liability in Europe is at an early and developing stage. Spanish operators face the same market structure as their counterparts in other EU Member States. No Spanish-specific AI liability product exists as a domestic policy class. Spanish-domiciled operators access the international AI insurance market through the same channels as other European operators.

The instruments available include Munich Re aiSure (parametric or performance-based cover, settling on measurable performance data rather than fault-based claims); Armilla, a Lloyd's of London coverholder offering AI liability and performance cover; HSB (Hartford Steam Boiler, Munich Re group), which has offered affirmative AI and algorithmic-risk cover to SMEs; and cover structured around the AIUC-1 standard, which sets out adversarial evaluation benchmarks across data and privacy, safety, security, reliability, accountability, and societal impact. The ElevenLabs policy announced on 11 February 2026 was the first coverage instance backed by the AIUC-1 standard for AI voice agents.

EIOPA's Opinion on Artificial Intelligence governance and risk management (EIOPA-BoS-25-360, published 6 August 2025) is addressed to national competent authorities in the insurance sector, including Spain's DGSFP (Dirección General de Seguros y Fondos de Pensiones). The Opinion does not create new insurance coverage requirements for policyholders but signals that European insurance supervisors expect insurers to address AI governance risk in their own underwriting frameworks. The practical implication is that insurers writing AI liability risks in Spain are likely to increase their documentation requirements for AI governance evidence as the market matures.

For operators preparing to approach the market for AI liability cover, the documentation built for AESIA compliance purposes is the core of the underwriting submission. The risk classification under Annex III, the Article 9 risk management record, the Article 14 human oversight mechanism, and the Article 73 incident reporting register are the primary evidence an underwriter will seek to assess the risk.

What operators deploying AI in Spain should do now

The regulatory environment in Spain is more defined than in most EU Member States because AESIA is operational and has published comprehensive guidance. The compliance pathway for operators is well-mapped.

The first step is classification. Every AI system the operator deploys must be assessed against Article 5 (prohibited outright), Annex III (high-risk, with full deployer obligations), Article 50 (transparency obligations applying to all AI systems including low-risk ones from 2 August 2026), and the GPAI provisions (where the system is built on a general-purpose AI model). AESIA's Guide 2 (practical guide with examples) is the most useful starting point for classification decisions.

For Annex III systems, the operator must build the Article 26 compliance posture before the legally binding deadline of 2 August 2026. The core elements are: a record of the provider's instructions of use and confirmation the system is being used in accordance with them; a Fundamental Rights Impact Assessment under Article 27 for relevant use contexts; a named human oversight mechanism under Article 14 with documented competence and intervention authority; an incident monitoring and reporting procedure under Article 73; and the Article 12 logging record where this is within the operator's technical control.

For transparency obligations applying from 2 August 2026 (Article 50), operators running chatbots, customer service AI, or any conversational agent must ensure that all users are clearly and timely informed they are interacting with an AI system.

For operators who are uncertain about their classification or who are testing a system that may be borderline, AESIA's regulatory sandbox is the appropriate route. Sandbox applications are free to submit and provide access to regulatory dialogue that would otherwise require formal interpretation requests.

For operators building commercial insurance into their risk management approach, the coverage gap between existing professional indemnity and cyber policies and AI-specific liability exposure should be mapped against the Annex III classification of the specific system. AI-specific endorsements and the emerging dedicated AI liability products from carriers including Munich Re, Armilla, and HSB provide the clearest route to affirmative coverage, with ISO/IEC 42001 certification increasingly used as an underwriting benchmark for governance maturity.

Frequently asked questions

What is AESIA and why does it matter for operators in Spain?

AESIA (Agencia Española de Supervisión de la Inteligencia Artificial) is Spain's dedicated national AI supervisory agency, created by Royal Decree 729/2023 and operational since June 2024. It was the first standalone AI supervisory agency established by any EU Member State. It is Spain's designated national competent authority under Article 70 of Regulation (EU) 2024/1689, with inspection powers, sanctioning authority, and operational enforcement capacity already in place. Any AI operator in Spain should treat AESIA as the primary regulatory contact for all EU AI Act matters.

Which EU AI Act obligations apply to deployers in Spain right now?

Article 5 prohibited practices and Article 4 AI literacy obligations have applied since 2 February 2025. GPAI model obligations under Chapter V apply since 2 August 2025. Article 50 transparency obligations and Article 26 high-risk deployer obligations apply from 2 August 2026 under the currently binding law (with a proposed Omnibus deferral to 2 December 2027 that is not yet formally adopted).

What are the deployer obligations under Article 26?

Deployers of high-risk AI systems under Annex III must: use the system in accordance with the provider's instructions; implement technical and organisational measures for compliant use; assign a competent human oversight person under Article 14; conduct a Fundamental Rights Impact Assessment under Article 27 in relevant contexts; maintain logs under Article 12 where technically feasible; monitor the system and report serious incidents under Article 73; and inform individuals subject to consequential decisions.

What is Spain's draft Organic Law on AI governance?

Approved by the Council of Ministers on 26 May 2026 and submitted to Congress, it establishes the national institutional architecture for EU AI Act implementation in Spain: formal designation of AESIA and sector authorities, the sanctioning regime in Spanish administrative law, a public-sector AI register, and the legal basis for AESIA's sandbox. It does not add substantive obligations beyond the directly applicable Regulation.

How does AESIA's regulatory sandbox work?

AESIA operates Spain's national AI regulatory sandbox under Article 57 of the Regulation, currently in its third cohort with more than 20 systems processed end-to-end. Operators can test borderline or high-risk systems in a supervised real-world environment with AESIA dialogue, gaining regulatory certainty before full commercial deployment. SMEs have priority access under Article 64. Applications go to aesia.digital.gob.es.

What is the liability exposure if an AI agent causes harm to a customer in Spain?

Current liability operates through Articles 1902 to 1910 of the Codigo Civil (fault-based tort) and existing product safety law. From 9 December 2026, the revised Product Liability Directive (EU) 2024/2853 applies to AI systems placed on the market after that date, introducing rebuttable presumptions of defectiveness and expanding compensable damage to include data loss and medically recognised psychological harm. Non-compliance with the AI Act creates a presumption of product defect under the revised PLD.

How does AESIA coordinate with AEPD?

AESIA supervises AI Act obligations; AEPD supervises GDPR compliance. They operate under a formal cooperation protocol. Most AI systems processing personal data trigger both regulators. Operators must build compliance documentation for each: a Fundamental Rights Impact Assessment for AESIA and a Data Protection Impact Assessment for AEPD, using AESIA's 16 guides and AEPD's published recommendations on automated decision-making in parallel.

What are the penalties for AI Act violations in Spain?

Up to EUR 35 million or 7 per cent of global annual turnover for Article 5 prohibited practices. Up to EUR 15 million or 3 per cent for high-risk obligation violations including Article 26 deployer duties. Up to EUR 7.5 million or 1 per cent for misleading information to AESIA. AESIA Director Belda has signalled a warnings-first enforcement posture, with penalties reserved for deliberate, repeated, or harmful violations.

What insurance options are available to AI operators in Spain?

Spanish operators access the international AI insurance market. Available instruments include Munich Re aiSure (parametric cover), Armilla (Lloyd's coverholder, AI liability cover up to approximately USD 25 million [VERIFY]), HSB (affirmative AI and algorithmic-risk cover for SMEs), and coverage structured around the AIUC-1 standard introduced following the ElevenLabs voice agent policy in February 2026. Governance documentation built for AESIA compliance forms the core of any underwriting submission.

What practical steps should an operator take before 2 August 2026?

Classify all AI systems against Article 5, Annex III, and Article 50. For Annex III systems: work through AESIA's Guides 5, 7, 8, 10, and 14 and complete the checklist templates; appoint a human oversight person under Article 14; complete a Fundamental Rights Impact Assessment under Article 27; establish incident reporting procedures under Article 73. For all AI systems: implement Article 50 user-disclosure mechanisms for chatbots and conversational agents. Consider the sandbox for borderline classification cases. Map the insurance gap and approach the market with your governance documentation ready.

References

Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence (EU AI Act). Official Journal of the European Union, 12 July 2024.
Royal Decree 729/2023, of 22 August 2023, approving the statute of the Spanish Agency for the Supervision of Artificial Intelligence (AESIA). BOE-A-2023-18942.
AESIA, Support guides for compliance with the AI Act (16 guides), published 16 December 2025. Available at aesia.digital.gob.es/en/guides.
Spain, Council of Ministers, draft Organic Law on the proper use and governance of artificial intelligence, approved 26 May 2026, submitted to Congress of Deputies.
Directive (EU) 2024/2853 of the European Parliament and of the Council on liability for defective products. Official Journal of the European Union, 18 November 2024. Applies to products placed on the market after 9 December 2026.
EIOPA Opinion on Artificial Intelligence governance and risk management, EIOPA-BoS-25-360, published 6 August 2025.
Council of the EU and European Parliament, provisional political agreement on the Digital Omnibus on AI, 7 May 2026 (proposed deferral of Annex III to 2 December 2027, not yet formally adopted or published in the Official Journal).
Ley Organica 3/2018, de 5 de diciembre, de Proteccion de Datos Personales y garantia de los derechos digitales (LOPDGDD). BOE-A-2018-16673.
Ley 3/2022, de 28 de febrero, de convivencia universitaria (mistakenly cited by some sources as the product liability transposition: see Real Decreto Legislativo 1/2007 for the LGDCU framework governing product liability in Spain).
ElevenLabs, first AIUC-1-backed AI agent insurance policy announcement, 11 February 2026. PR Newswire and ElevenLabs blog.
Moffatt v. Air Canada, 2024 BCCRT 149, British Columbia Civil Resolution Tribunal.
Mata v. Avianca Inc., 22-cv-1461 (S.D.N.Y. 2023).
ISO/IEC 42001:2023, Information technology, Artificial intelligence, Management system.
DLA Piper, Spain: Government approves the draft Organic Law on the proper use and governance of artificial intelligence, Privacy Matters, May 2026.
Alston and Bird, EU AI Act Compliance: Guidance from the Spanish AI Regulator, Alston Privacy, 2025.

AI liability and operator duties in Spain: 2026 guide.