Definition & Explanation
An inventory of all AI systems an organization develops, procures, or uses, including purpose, role (provider or deployer), risk classification, and owner. The term is used for three things: the internal AI register as the foundation of AI governance, the EU database in which high-risk AI systems must be registered (Articles 49 and 71 EU AI Act), and public registers such as the Dutch Algorithm Register.
The AI Act contains a formal registration obligation: providers register their high-risk AI systems in the EU database before placing the system on the market (Article 49), and the database itself is governed by Article 71. Public authority deployers of high-risk AI must also register their use. In addition, an internal AI register is practically indispensable, even though the law does not prescribe that exact form: without an inventory of all AI systems you cannot determine which systems are high-risk, which obligations apply, and who is responsible. In practice it is the first thing supervisory authorities and auditors ask for.
A mid-sized organization starts its AI Act journey with an inventory: HR uses a CV screening tool (high-risk, Annex III), customer service runs a chatbot (transparency obligation under Article 50), marketing uses a generative AI tool, and finance operates a fraud detection model. For each system the AI register records: vendor, the organization's role, risk class, data used, owner, and the status of obligations such as human oversight and instructions for use. That single document then drives the entire compliance agenda.
An AI register is not just for governments or for providers of high-risk AI. The formal registration in the EU database indeed applies to a limited group, but every organization using AI needs an internal register to demonstrate that it knows and meets its obligations. A second misconception is that the register is finished after a one-off inventory: new tools, changed use, and shadow AI adopted by employees make it a living document that needs periodic updates.