AI Provider Trust Registry evidence verified as of 2026-07-05

Registry / GPAI Code

Who signed the EU GPAI Code of Practice?

EC signatory-list status for major model developers: full signatories, partial signatories, and absences. The cell answers: Is the model developer on the EC's GPAI Code of Practice signatory list? Statuses below are evidence grades, not endorsements, “no public evidence” means we could not verify it from public sources, not that the answer is no.

OpenAI API first-party API
Yes, public confidence: high · verified 2026-07-05

OpenAI appears on the European Commission's GPAI Code of Practice signatory list as a full signatory (all chapters); only xAI is listed as a partial (Safety & Security chapter only) signatory. This is a model-developer obligation; OpenAI is both developer and platform here.

source · archived copy · full cell

Azure OpenAI Service OpenAI model, served by Microsoft Azure
Yes, public confidence: high · verified 2026-07-05

Layered reality: the GPAI Code of Practice is a provider (model developer) obligation, and the developer here is OpenAI, a full signatory on the EC's list (verified 2026-07-05). Microsoft, the serving platform, is ALSO a full signatory in its own right as a GPAI provider. Neither is a partial signatory (contrast xAI, Safety & Security chapter only). Cell graded on OpenAI per the two-level rule; Microsoft's status recorded as corroborating platform posture.

source · archived copy · full cell

Anthropic API first-party API
Yes, public confidence: high · verified 2026-07-05

Anthropic appears on the European Commission's GPAI Code of Practice signatory list. The EC page singles out xAI as having signed only the Safety and Security chapter; no such qualification is listed for Anthropic, implying a full (all-chapters) signature. Anthropic's own announcement: anthropic.com/news/eu-code-practice.

source · archived copy · full cell

Claude via AWS Bedrock Anthropic model, served by AWS Bedrock
Yes, public confidence: high · verified 2026-07-05

Two-level rule: the GPAI Code of Practice is a provider (model developer) obligation, so this cell grades Anthropic, not AWS. Anthropic is on the EC's signatory list for the full Code (announced its intent at anthropic.com/news/eu-code-practice). Separately, Amazon itself also appears on the EC signatory list in its own capacity (as an Amazon GPAI provider), which does not substitute for Anthropic's obligations for Claude. Only xAI signed a subset (Safety & Security chapter).

source · archived copy · full cell

Claude via Google Vertex AI Anthropic model, served by Google Cloud Vertex AI
Yes, public confidence: high · verified 2026-07-05

Two-level layering - the GPAI Code of Practice is a model-provider obligation, so this cell grades Anthropic (the developer), which appears on the EC signatory list as a full-code signatory (announced July 21, 2025); only xAI is noted as a partial (Safety & Security chapter) signatory. Google, the serving platform here, is separately also a full-code signatory, so both layers of this offering sit under the Code.

source · archived copy · full cell

Gemini via Vertex AI Google model, served by Google Cloud Vertex AI
Yes, public confidence: high · verified 2026-07-05

Google appears on the European Commission's GPAI Code of Practice signatory list with no caveat, i.e., signed all three chapters (unlike xAI, which signed Safety & Security only). CoP signature is a developer-level (Google) commitment covering its GPAI models incl. Gemini.

source · archived copy · full cell

AWS Bedrock (platform) platform row
-Not applicable confidence: high · verified 2026-07-05

The GPAI Code of Practice is an obligation of the GPAI model provider, not of a distribution platform, so it does not attach to Bedrock as a platform serving third-party models. For the record: Amazon IS on the EC signatory list, having signed the full Code (no chapter limitation noted, unlike xAI's Safety & Security-only signature), that signature is relevant to Amazon as developer of its own models (e.g. Amazon Nova/Titan rows), and each third-party model's CoP status belongs on its developer's row per the two-level rule.

source · full cell

Mistral La Plateforme first-party API
Yes, public confidence: high · verified 2026-07-05

Mistral AI appears on the European Commission's GPAI Code of Practice signatory list with no chapter limitation. Mistral was among the first signatories (July 2025). Developer-level obligation; applies to Mistral as GPAI model provider.

source · archived copy · full cell

Mistral via Azure AI Mistral AI model, served by Microsoft Azure
Yes, public confidence: high · verified 2026-07-05

Two-level rule - this cell describes Mistral AI, the model developer and GPAI provider under the EU AI Act, not Microsoft (the distributor). Mistral AI appears on the European Commission's GPAI Code of Practice signatory list without any chapter limitation. Microsoft has separately signed the Code, but the provider obligation for Mistral models rests with Mistral.

source · archived copy · full cell

Cohere API Cohere model, served by Cohere (first-party)
Yes, public confidence: high · verified 2026-07-05

Cohere appears on the European Commission's GPAI Code of Practice signatory list as a full-code signatory (no chapter limitation, unlike xAI's Safety & Security-only signature). Provider-level obligation of Cohere as model developer; first-party offering so developer = platform.

source · archived copy · full cell

Cohere via AWS Bedrock Cohere model, served by AWS Bedrock
Yes, public confidence: high · verified 2026-07-05

Developer-level dimension (two-level rule): the GPAI Code of Practice is a model-provider obligation, so this cell describes Cohere, not AWS. Cohere is named on the European Commission's signatory list for the GPAI Code of Practice with no chapter limitation. AWS/Amazon is separately a signatory, but for Cohere-on-Bedrock the relevant GPAI provider is Cohere.

source · archived copy · full cell

Llama via AWS Bedrock Meta model, served by AWS Bedrock
No public evidence confidence: high · verified 2026-07-05

Two-level rule: the GPAI Code of Practice is a provider (model developer) obligation, so this cell grades Meta, not AWS. Meta does not appear on the European Commission's signatory list for the GPAI Code of Practice as of 2026-07-05 (list checked directly; signatories include Amazon, Anthropic, Google, Microsoft, OpenAI, Mistral AI, and others; xAI signed the Safety & Security chapter only). Meta publicly stated in July 2025 that it would not sign the Code. Stated neutrally: absence from the signatory list is not itself non-compliance with the AI Act, demonstrating compliance with GPAI obligations through alternative adequate means remains legally possible. Note Amazon's own signature covers Amazon as a GPAI provider and does not substitute for Meta's obligations for Llama.

source · archived copy · full cell

Llama via Azure AI Meta model, served by Microsoft Azure (Azure AI Foundry / Models-as-a-Service)
No public evidence confidence: high · verified 2026-07-05

EU AI Act dimension, assessed against the model developer (Meta), per the two-level rule, since the GPAI Code of Practice is a provider obligation. Meta is absent from the European Commission's GPAI Code of Practice signatory list as checked 2026-07-05 (23 signatories listed; Meta not among them). Absence from the list does not preclude Meta from demonstrating AI Act compliance through alternative adequate means. Note: Microsoft (the serving platform) is itself a signatory, but that does not cover Meta's provider obligations for Llama.

source · archived copy · full cell

xAI API xAI model, served by xAI (first-party)
Partial confidence: high · verified 2026-07-05

xAI appears on the European Commission's GPAI Code of Practice signatory list, but only for the Safety and Security chapter. Per the EC page: "xAI signed up to the Safety and Security Chapter; this means that it will have to demonstrate compliance with the AI Act's obligations concerning transparency and copyright via alternative adequate means." Applies to xAI as model developer (provider obligation).

source · archived copy · full cell

DeepSeek API (first-party) first-party API
No public evidence confidence: high · verified 2026-07-05

DeepSeek (Hangzhou DeepSeek Artificial Intelligence) does not appear on the European Commission's GPAI Code of Practice signatory list, in full or for any individual chapter, as of 2026-07-05. The EC page notes the list is continuously updated as signatures are confirmed. This is a model-developer obligation; developer and platform are the same entity for this first-party offering.

source · archived copy · full cell

DeepSeek via Fireworks AI DeepSeek model, served by Fireworks AI
No public evidence confidence: high · verified 2026-07-05

Per the two-level rule this dimension describes DeepSeek, the model developer, the GPAI Code of Practice is a provider obligation, and for open-weight models the GPAI provider remains DeepSeek, not Fireworks. DeepSeek does not appear on the EC's signatory list (23 signatories as of 2026-07-05; xAI is a partial Safety & Security-only signatory). Absence is a finding, though the Code is voluntary and providers may demonstrate AI Act compliance by alternative means. Nuance: some Art 53 obligations are lightened for open-weight releases meeting Art 53(2) conditions, but signatory status is simply absent here.

source · archived copy · full cell