Key data
| Regulation | Decision (EU) 2026/1080 of the Council — Council of Europe Framework Convention on AI, Human Rights, Democracy and the Rule of Law |
|---|---|
| Publication | May 13, 2026 |
| EU Council approval | April 21, 2026 |
| Entry into force | Not specified |
| Affected parties | Technology companies, AI developers, organizations using AI, public administrations |
| Category | European Regulation — Binding international treaty |
| Relationship with AI Act | Complementary — adds international dimension and fundamental rights |
Technology companies and any organization using AI systems in their operations have a new layer of international obligations. The EU Council approved on April 21, 2026 the ratification of the Council of Europe Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law, published in the Official Journal on May 13, 2026 as Decision (EU) 2026/1080.
This convention is not a recommendation or a guide to best practices: it is the first legally binding international treaty on artificial intelligence. Its ratification by the EU converts its requirements into real obligations for member states and, by extension, for private actors operating in their territories.
What does this regulation establish?
The convention establishes that AI systems must respect three fundamental pillars: human rights, democracy and the rule of law. To guarantee this, it imposes on signatory states—and on actors under their jurisdiction—a series of concrete obligations:
- Ensure that AI systems do not violate fundamental rights of individuals.
- Implement oversight mechanisms on the development and deployment of AI.
- Ensure transparency in the functioning of AI systems.
- Establish mechanisms of accountability for public and private actors.
- Pay special attention to sensitive sectors where AI can affect rights or democratic processes.
The convention is complementary to the European AI Regulation (AI Act), not substitutive. While the AI Act regulates the European internal market with a risk management logic by system categories, this convention adds an international dimension and fundamental rights that goes beyond the single market. Companies already adapting to the AI Act must understand that this convention adds additional obligations, especially in terms of oversight and accountability.
Economic and operational impact
The direct impact is regulatory compliance, not quantified fees or sanctions in this decision. However, the operational implications are relevant for any company that develops or uses AI:
- Review of existing systems: AI systems already deployed must be evaluated against the new standards for human rights and transparency.
- New oversight processes: Companies will need to establish or strengthen internal control and audit mechanisms for their AI systems.
- Documentation and accountability: The ability to demonstrate compliance is required, which implies investment in AI governance.
- Sensitive sectors with greater burden: Companies operating AI in areas affecting individual rights, electoral processes or access to public services will have stricter requirements.
- International dimension: Being a Council of Europe treaty—not just the EU—its scope extends beyond the single market, affecting companies with operations in signatory non-EU countries.
Ratification also reinforces the EU's position as a global reference in AI governance, which can translate into competitive advantages for European companies operating in international markets with equivalent standards.
Who does it affect?
- Technology companies that develop or commercialize AI systems.
- AI developers from any sector, including startups and scale-ups.
- Companies from any sector that deploy AI systems in their processes (HR, customer service, credit scoring, logistics, health, etc.).
- Public administrations that use AI in service delivery or decision-making.
- Organizations and entities that operate AI in sensitive sectors: healthcare, justice, education, financial services, security.
- Companies with operations in Council of Europe countries outside the EU, given the international scope of the convention.
Practical example
A human resources company that uses an AI system to filter applications operates in a sensitive sector: the system's decisions directly affect people's rights (access to employment). Under this convention, the company must:
- Document how the system works and what criteria it applies (transparency).
- Establish a mechanism by which candidates can know and challenge automated decisions (accountability).
- Periodically monitor that the system does not generate discriminatory biases that violate fundamental rights.
- Demonstrate upon eventual inspection that it complies with these standards.
This same scheme applies to a financial entity using AI for credit scoring, a hospital using AI for diagnosis, or a platform using AI to moderate content with impact on freedom of expression.
What should companies do now?
- Map all AI systems in use: Identify what AI systems the company develops or deploys, in what processes and with what impact on people or rights.
- Assess the risk level of each system: Prioritize systems operating in sensitive sectors or that make decisions with direct impact on individual rights.
- Review alignment with the AI Act: The convention is complementary to the AI Act. If work is already underway on AI Act compliance, review whether oversight and transparency mechanisms also cover the convention's requirements.
- Establish or strengthen internal oversight mechanisms: Designate AI governance officers, define periodic audit processes and document system decisions.
- Implement accountability mechanisms: Ensure that people affected by AI decisions can know, question and challenge those decisions.
- Monitor the evolution of entry into force: The entry into force date is not yet specified. Monitor the EU Official Journal and Council of Europe communications to learn about adaptation timelines.
Frequently asked questions
What does the Council of Europe Framework Convention on AI require of companies?
It requires ensuring that AI systems respect human rights, democracy and the rule of law. It implies oversight mechanisms, transparency and accountability for both public and private actors that develop or deploy AI systems.
How does this convention differ from the European AI Regulation (AI Act)?
The Council of Europe Framework Convention adds an international dimension and fundamental rights that the AI Act does not cover. Both regulations are complementary: the AI Act regulates the European internal market, while the convention establishes binding international standards on human rights, democracy and the rule of law.
When does the Council of Europe AI Framework Convention enter into force?
The entry into force date is not specified in the decision published on May 13, 2026. Ratification was approved by the EU Council on April 21, 2026.
Which companies does the Council of Europe Framework Convention on AI affect?
It mainly affects technology companies, AI system developers, organizations using AI systems in their operations, and public administrations. Any company operating in sensitive sectors such as healthcare, finance, justice or security is particularly affected.
Official source
Decision (EU) 2026/1080 of the Council of 21 April 2026 on the conclusion of the Council of Europe Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law. Published in the Official Journal of the European Union on May 13, 2026.
Disclaimer: This article is for informational purposes only and does not constitute legal advice. The interpretation and application of regulations may vary depending on specific circumstances and jurisdictions. Companies should consult with legal experts to assess their particular situation and ensure full compliance with applicable regulations. The information contained herein is based on publicly available sources and may be subject to updates or changes in interpretation by competent authorities.