Future Proof The Authority Stack
Agent Certified AI Agent Certification

The Council of Europe AI Convention and what it means for certification

In September 2024, in Vilnius, the European Union, the United Kingdom, the United States, Israel and a number of other states signed the first legally binding international treaty on artificial intelligence. It is not an AI Act. It has no conformity assessment regime, no CE mark, and no fine schedule. It is a human rights instrument, and it asks something quieter of the states that ratify it: prove, in whatever domestic form you choose, that your AI activity respects human dignity, is transparent enough to be held accountable, and has been proportionately assessed for its risk to rights, democracy and the rule of law. This article sets out what the Convention actually requires, how its enforcement architecture differs from the EU AI Act's, and why its principles based, methodology agnostic design creates a durable role for structured certification evidence, particularly outside the EU.

Key takeaways

  • The Council of Europe Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law was adopted in May 2024 and opened for signature in Vilnius in September 2024. It is the first legally binding international AI treaty, and unlike most Council of Europe conventions it is open to non-member states; the EU, the UK, the US and Israel were among the states that signed.
  • The Convention is principles based and technology neutral. Its core obligations cover human dignity and autonomy, transparency and oversight, accountability, non-discrimination, privacy, and a proportionate risk and impact assessment for AI systems with significant potential impact on human rights.
  • It applies directly to public authorities, but for the private sector it takes a two track approach: parties may apply its provisions directly or take other appropriate measures to meet its objectives, which gives states real flexibility in how they cover private AI activity.
  • Unlike the EU AI Act's Article 43 conformity assessment and Article 99 penalty regime of up to 35 million euro or 7 percent of global turnover, the Convention has no certification scheme, no accreditation body and no fines. Enforcement runs through domestic law and a Conference of the Parties that monitors implementation.
  • Because the Convention requires proportionate risk and impact assessment without specifying a methodology, structured certification evidence, such as a documented seven-dimension assessment or an EU AI Act Article 27 fundamental rights impact assessment, is well positioned to serve as the practical proof a private-sector deployer presents, especially in signatory states without a detailed AI statute of their own.

What was signed in Vilnius, and why it is unusual

The Council of Europe's Committee of Ministers adopted the Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law in May 2024. It was opened for signature in Vilnius, Lithuania, in September 2024, and the states that signed at that ceremony included the European Union itself as a party in its own right, the United Kingdom, the United States, and Israel, alongside a number of Council of Europe member states. That signatory list is worth pausing on. Most Council of Europe conventions bind only the organisation's 46 member states. This one was deliberately drafted to be open to states well outside that membership, on the premise that AI governance principles which stop at Europe's border are not much of a governance floor. Bringing the United States and the United Kingdom in as signatories at the outset, alongside the EU, was a design choice, and it is the reason the Convention is described as the first legally binding international treaty on AI rather than merely the first European one.

It is worth being precise about what "legally binding" means here, because it does different work than it does in the EU AI Act context. A treaty binds the states that ratify it under international law. It does not, by itself, create obligations that a company can be sued or fined under directly, the way a directly applicable EU regulation does. The binding force operates at the level of states, who then commit to implementing the Convention's principles through domestic law, regulation, or other appropriate measures. That distinction between binding on states and directly enforceable against companies is the single most important thing to understand about how this instrument reaches an AI agent operator's obligations.

What the Convention actually requires

The Convention is principles based and technology neutral, which is itself a contrast worth naming: the EU AI Act is a detailed, sector-and-risk-tiered rulebook running to well over a hundred articles, while the Convention states a small number of obligations at a level of generality closer to a human rights charter. Its core obligations for parties include ensuring that AI systems respect human dignity and individual autonomy; ensuring transparency and oversight, including the ability to identify AI-generated content or AI-influenced decisions where necessary; ensuring accountability for the adverse impacts of AI systems; ensuring equality and non-discrimination, including addressing bias; and protecting privacy and personal data in AI contexts.

The obligation that connects most directly to certification practice is the requirement that, for AI systems carrying the potential for significant impact on human rights, parties ensure a proportionate risk and impact assessment process is undertaken, addressing risks to human rights, democracy and the rule of law, together with proportionate mitigation measures. Notice what the Convention does not do here. It does not define a scoring methodology, specify who conducts the assessment, or set a cadence or evidence standard. It does not create a conformity mark that signals the assessment happened. It states the outcome it wants and leaves the mechanism entirely to the party and, in practice, to whatever domestic measure or private-sector practice ends up satisfying that party's obligation.

The two track approach: public authorities versus private actors

The Convention's application architecture is often summarised as a two track approach, and the distinction matters more than it might first appear. Track one applies the Convention directly to AI activities carried out by public authorities, including private actors acting on a public authority's behalf, such as a contractor building a public-sector decision system. Track two covers the private sector more broadly, and here the Convention gives parties a choice: each party must either apply the Convention's substantive provisions directly to private-sector AI activity, or take other appropriate measures that meet the Convention's objectives and principles by some other route.

That second track is a genuine grant of flexibility, and it is where the Convention diverges most sharply from the EU AI Act's model. The AI Act gives member states no choice about how to cover private-sector high-risk AI systems: the regulation applies directly and uniformly to providers and deployers across the Union, with the same conformity assessment and penalty architecture regardless of which member state a company operates from. The Convention instead tells each party to reach the same destination, private-sector AI activity that respects human dignity, transparency, accountability, non-discrimination and privacy, by whatever legislative path fits that state's existing legal system. A state with strong existing data protection, anti-discrimination and administrative law covering algorithmic decisions may conclude those instruments, read together, already meet its Convention obligations for much of the private sector, without a new AI-specific statute at all.

Why the enforcement architecture is so different from the EU AI Act's

The practical consequence of the Convention's design is that it has no certification scheme, no conformity assessment body, and no penalty regime of its own. There is no Article 43 equivalent that a notified body applies before a high-risk AI agent can be placed on a market, and no Article 99 equivalent specifying a fine ceiling of 35 million euro or 7 percent of global annual turnover. What the Convention has instead is a Conference of the Parties, established to monitor how signatories are implementing the treaty's principles domestically, and an expectation that each party will translate the Convention into its own law, regulation, or other appropriate measure.

This is not a weaker instrument in every sense, but it is a differently shaped one, and risk leads should not assume the two are interchangeable or that ratifying the Convention is a paperwork exercise. For an EU-based operator, the EU AI Act, Regulation (EU) 2024/1689, already contains risk management system requirements, transparency obligations, human oversight requirements and a fundamental rights impact assessment obligation under Article 27 that between them substantially satisfy the Convention's principles for AI activity inside the Union. The EU itself signed the Convention as a party, and its domestic implementing measure, in substance, is the AI Act it had already legislated. The interesting cases are elsewhere. For a signatory state such as the United Kingdom or the United States, which as of 2026 has not passed a single omnibus AI statute comparable to the AI Act, the Convention creates real pressure to demonstrate, through some domestic measure, that private-sector AI activity meets the treaty's principles without a unified technical rulebook to point to. Switzerland illustrates one response: its Federal Council reported in November 2024 that it intended to align domestic implementation with the Convention primarily through existing sectoral law rather than a dedicated AI statute, a path other signatories including the UK are weighing in their own way.

For contrast on how differently the two instruments treat enforcement, see the Article 99 penalties guide on agentliability.eu, and for how a non-EU signatory state is approaching implementation without a dedicated AI statute, see the Switzerland AI regulation guide on agentliability.co.

Why this creates demand for structured certification evidence

Put the Convention's two features side by side: a binding obligation to conduct a proportionate risk and impact assessment for AI systems with significant potential impact on human rights, and no specified methodology for doing so. That combination is the gap structured, documented, third-party-reviewed certification evidence is built to fill. It does not fill it because the Convention says so; the Convention does not endorse, reference, or require any certification framework, and it would misstate the treaty to claim otherwise. It fills the gap because a private-sector deployer that needs to show a regulator, a counterparty, a court or a Conference of the Parties monitoring exercise that it has actually assessed an AI system's human rights impact needs some artefact to point to, and a well-documented assessment produced against a stable rubric is a materially stronger artefact than an internal memo written for the occasion.

This is the same logic that makes an EU AI Act Article 27 fundamental rights impact assessment useful evidence inside the Union: a structured, repeatable process that produces a defensible record. For operators in non-EU signatory states without a directly applicable AI statute, the equivalent structured record has to come from somewhere else, whether a certification process, an internal governance framework built to an external standard, or a sector-specific assessment already required by existing law. The point is narrow and should not be overstated: the Convention creates a principle-shaped space, proportionate risk and impact assessment, and structured certification evidence is one practical way, among others, of occupying that space credibly.

How the Agent Certified seven dimensions map to the Convention's principles

The Agent Certified methodology scores seven dimensions: Trust and Transparency, Context Awareness, Distribution and Scope, Product Safety and Reliability, Governance, System Integration, and Autonomy Envelope. None were built with the Convention in mind, since the methodology predates the treaty's entry into force in most signatory states. But the underlying evidence each dimension produces maps onto the Convention's principles fairly directly, which is worth setting out plainly rather than implying any formal relationship that does not exist.

Trust and Transparency evidence, covering disclosure of AI involvement and the ability to identify AI-influenced decisions, speaks to the Convention's transparency and oversight obligation. Governance evidence, covering accountable ownership and escalation paths, speaks to the accountability and responsibility obligation. Context Awareness and Autonomy Envelope evidence, covering the boundaries within which an agent is permitted to act and the human oversight that constrains it, speaks to the human dignity and individual autonomy obligation. Product Safety and Reliability and System Integration evidence, covering testing, failure handling and technical robustness, forms part of the proportionate risk and impact assessment a significant-impact AI system needs. None of this means a Conference of the Parties monitoring exercise treats an Agent Certified assessment as compliance. It means an operator who has already produced this evidence is not starting from a blank page when a regulator, insurer or counterparty in a signatory state asks how it assessed a given agent's human rights impact.

For the full seven-dimension rubric, see the methodology page. For how the dimensions map specifically to EU AI Act obligations, including Article 27, see the seven dimensions to AI Act obligations map and the FRIA and Article 27 overlap article. For a broader comparison of what ISO 42001, the NIST AI RMF and the AI Act each ask of an operator, which is useful background for understanding how the Convention sits alongside them, see NIST AI RMF, ISO 42001 and the EU AI Act: what operators actually need.

What operators and risk leads should do now

Three practical steps follow, and none require treating the Convention as an imminent compliance deadline in the way the AI Act's Article 6 classification rules or Article 43 conformity assessment are deadlines.

First, map your jurisdictional exposure. If your AI agent activity is entirely inside the EU, your existing AI Act programme, including any Article 27 fundamental rights impact assessment work, is doing most of the work the Convention asks of the EU as a party. Confirm that mapping rather than assuming it, since the Convention's human dignity and non-discrimination principles are broader in scope than the AI Act's high-risk categories and may reach systems the AI Act classifies as limited or minimal risk.

Second, if you operate in a signatory state without a detailed AI statute, such as the United Kingdom or the United States as of 2026, do not wait for domestic implementing legislation before producing evidence. Ratification and domestic implementation are proceeding gradually and unevenly across signatories, and a Conference of the Parties monitoring cycle or a counterparty's due diligence request can arrive before your jurisdiction's implementing measure does. A structured, dated, third-party-reviewed impact assessment produced now is worth more than a plan to produce one once the law requires it.

Third, treat the Convention as confirmation of a direction rather than a new set of boxes to tick. Human dignity, transparency, accountability, non-discrimination, privacy and proportionate risk assessment are not new concepts to anyone who has built toward ISO 42001, the NIST AI RMF, or an EU AI Act programme. What the Convention adds is an international, cross-jurisdictional statement that these principles are now treaty-level expectations, not just regional regulatory preferences, useful the next time a board or an insurer asks why AI governance work matters outside the EU.


Frequently asked questions

What is the Council of Europe Framework Convention on Artificial Intelligence?

The Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law is a treaty adopted by the Council of Europe's Committee of Ministers in May 2024 and opened for signature in Vilnius, Lithuania in September 2024. It is the first legally binding international treaty specifically on artificial intelligence, principles based rather than a technical rulebook, and open to states outside the Council of Europe. Signatories at Vilnius included the European Union, the United Kingdom, the United States and Israel, reflecting a deliberately broad membership design.

How does the Convention differ from the EU AI Act?

The EU AI Act, Regulation (EU) 2024/1689, is a directly applicable regulation with detailed risk classification, a conformity assessment regime under Article 43, and penalties up to 35 million euro or 7 percent of global turnover under Article 99. The Convention is a principles based treaty with no conformity assessment body, no certification scheme, and no fines. It obliges parties to translate principles such as transparency, accountability and proportionate risk assessment into domestic law or other appropriate measures, monitored by a Conference of the Parties rather than enforced directly against companies.

Does the Convention apply to private companies or only to governments?

Both, through different mechanisms. The Convention applies directly to AI activities carried out by public authorities, including private actors acting on their behalf. For the private sector more broadly, it takes a two track approach: each party must either apply the Convention's provisions directly to private actors, or take other appropriate measures that meet its objectives and principles. That flexibility contrasts with the EU AI Act's uniform, directly applicable obligations on both public and private operators.

Does the Council of Europe Convention create its own AI certification scheme?

No. The Convention does not establish a conformity assessment body, a certification mark, or an accreditation regime. It requires a proportionate risk and impact assessment for AI systems with potential significant impact on human rights, but leaves the methodology to each party. Structured, third-party-reviewed certification evidence, such as a documented seven-dimension assessment or an EU AI Act Article 27 fundamental rights impact assessment, can practically fill that gap, without the Convention endorsing or requiring any specific framework.

What should risk leads and Chief AI Officers do now in response to the Convention?

Treat it as a signal about the direction of international AI governance rather than a new deadline. For EU-based operations, existing AI Act risk assessment, transparency and human oversight work substantially satisfies the Convention's principles. For operations in non-EU signatory states such as the United Kingdom or the United States, where no single omnibus AI statute yet exists, maintaining structured impact assessment evidence is the most concrete way to demonstrate Convention-consistent practice ahead of domestic implementing measures catching up.


References

  1. Council of Europe Framework Convention on Artificial Intelligence, Human Rights, Democracy and the Rule of Law, CETS No. 225. Adopted by the Committee of Ministers, May 2024. Opened for signature in Vilnius, Lithuania, 5 September 2024. Signatories at signing included the European Union, the United Kingdom, the United States, Israel and other Council of Europe member and non-member states. Text and status available at coe.int/en/web/artificial-intelligence/the-framework-convention-on-artificial-intelligence.
  2. Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 (EU Artificial Intelligence Act). OJ L, 2024/1689. Article 43 (conformity assessment), Article 99 (penalties, up to 35 million euro or 7 percent of global annual turnover), Article 27 (fundamental rights impact assessment).
  3. Swiss Federal Council, report on Switzerland's approach to regulating artificial intelligence, November 2024. Sets out an intention to implement the Council of Europe Framework Convention primarily through existing sectoral law rather than a dedicated AI statute.
  4. Council of Europe, Committee on Artificial Intelligence (CAI), explanatory report accompanying the Framework Convention on Artificial Intelligence. Describes the two track approach distinguishing public sector and private sector obligations, and the role of the Conference of the Parties in monitoring implementation.