Wiki · Concept · Last reviewed June 25, 2026

AI Notified Bodies

AI notified bodies are conformity assessment organizations designated under the EU AI Act to verify defined categories of high-risk AI systems when third-party assessment is required. They are market-access evidence institutions: useful for checking documentation, quality management, and legal conformity, but not proof that an AI system is harmless or fit for every deployment.

Definition

An AI notified body is a conformity assessment body that has been assessed, designated, and notified by an EU Member State to perform specified third-party assessment tasks under Regulation (EU) 2024/1689, the EU AI Act. In EU product law, a notified body is a designated organization that checks whether certain products satisfy applicable requirements before market placement when the relevant legislation requires third-party assessment.

For AI, the term matters because some high-risk systems cannot rely only on a provider's internal declaration of conformity. A notified body may assess the provider's quality management system, technical documentation, and conformity with the AI Act's high-risk requirements. That role connects law, technical evidence, auditing, product safety, fundamental-rights governance, and market access.

AI notified bodies are related to AI Audits and Assurance, AI Post-Market Monitoring, and AI Liability and Accountability, but they are narrower. They are not general AI safety labs, model-ranking services, civil-society watchdogs, or the European AI Office's general-purpose AI supervision arm. They are designated conformity assessment organizations acting within a legal procedure and notification scope.

Snapshot

Current Context

For the requested June 25, 2026 review baseline, the legal anchor is Regulation (EU) 2024/1689, supported by the European Commission's AI Act Service Desk and NANDO notified-body database. The official timeline still lists August 2, 2026 for Annex III high-risk rules and August 2, 2027 for high-risk AI embedded in regulated products, while also noting the Digital Omnibus proposal to link high-risk application to support tools such as harmonised standards.

The Digital Omnibus status matters for this topic. On June 16, 2026, the European Parliament approved simplification measures for the AI Act. The Commission's high-risk-system guidance page now describes a new enforcement timeline following political agreement: December 2, 2027 for systems in certain high-risk areas and August 2, 2028 for product-integrated systems. A source-disciplined article should still distinguish the baseline AI Act text, Service Desk implementation summaries, Parliament and Commission pages, and the final Official Journal amendment that supplies the codified legal text.

NANDO now includes Regulation (EU) 2024/1689 on artificial intelligence as an active legislation entry. The current list of bodies, identification numbers, notification status, and activities should be checked in NANDO at the time of any compliance claim because Article 35 requires an up-to-date public list and because notification scope can change.

The Commission's draft high-risk classification guidelines were also part of the June 2026 context. The Commission describes them as non-binding, enforcement-guiding interpretation, with stakeholder consultation open until June 23, 2026. They sharpen classification questions, but they do not themselves create a notified-body duty unless the AI Act route and applicable product-law route require one.

The substance of the notified-body role is unchanged by timing uncertainty. Article 31 sets competence and independence requirements. Article 34 says notified bodies verify conformity according to Article 43 procedures. Article 43 routes only some AI Act assessments to notified bodies, while many high-risk AI systems remain under internal-control conformity assessment unless the law is changed or a product-law route requires third-party assessment.

Institutional Chain

Provider. The provider classifies the AI system, implements the high-risk requirements, prepares technical documentation, operates a quality management system where required, performs or obtains conformity assessment, draws up the EU declaration of conformity, and keeps post-market monitoring records.

Conformity assessment body. A candidate body applies for notification in the Member State where it is established. Article 29 requires the application to describe conformity assessment activities, modules, AI system types, and competence evidence, including an accreditation certificate where available.

Notifying authority. The Member State authority assesses, designates, notifies, and monitors the conformity assessment body. Article 28 requires Member States to designate or establish notifying authorities and protect objectivity, competence, confidentiality, and freedom from conflicts of interest.

Commission and Member States. Article 30 requires notification through the Commission's electronic tool. If no objection is raised within the relevant period, the conformity assessment body may operate as a notified body within its notification scope. Article 35 then makes identification numbers and lists public.

Market surveillance and fundamental-rights authorities. Notified-body review does not replace market surveillance, complaint rights, serious-incident reporting, post-market monitoring, or the powers of authorities protecting fundamental rights. These are separate parts of the AI Act governance chain.

When a Notified Body Is Required

Annex III point 1: biometrics. For high-risk AI systems listed in Annex III point 1, Article 43 allows internal control when the provider applies relevant harmonised standards or common specifications. Notified-body involvement under Annex VII is required when those standards or specifications do not exist, are not available, are restricted, or are not fully applied.

Annex III points 2 to 8. For other Annex III high-risk systems, including areas such as critical infrastructure, education, employment, essential services, law enforcement, migration, justice, and democratic processes, Article 43 currently uses internal-control conformity assessment without notified-body involvement. This is one of the most important boundaries: many socially significant high-risk systems do not automatically get third-party notified-body review under the baseline text.

Law enforcement, immigration, asylum, and EU institutions. For Annex III point 1 systems intended to be put into service by law enforcement, immigration or asylum authorities, or EU institutions and bodies, Article 43 says the relevant market surveillance authority acts as the notified body.

Product-integrated high-risk AI. For high-risk AI systems covered by Union harmonisation legislation in Annex I, the relevant product-law conformity assessment route applies. Notified bodies under those sectoral acts may assess AI-specific requirements if their compliance with relevant Article 31 competence and independence requirements has been assessed in that notification procedure.

Future expansion. Article 43 empowers the Commission to amend the conformity assessment route and subject Annex III points 2 to 8 to notified-body assessment, taking into account the effectiveness of internal control and the availability of adequate notified-body capacity and resources.

What They Assess

A notified body does not merely "test the model." Under Annex VII-style assessment, the object is the provider's quality management system and technical documentation for the high-risk AI system. That can include system purpose, risk management, data governance, logging, human oversight, accuracy, robustness, cybersecurity, technical documentation, change management, and post-market evidence.

Article 31 requires notified bodies to have legal personality under Member State law, suitable organization and quality management, resources, process and cybersecurity capacity, independence from providers and interested operators, confidentiality procedures, liability insurance unless covered by the Member State, and sufficient administrative, technical, legal, and scientific personnel.

Article 32 creates a presumption of conformity with notified-body requirements when a conformity assessment body demonstrates conformity with relevant harmonised standards published in the Official Journal, but only to the extent those standards cover the Article 31 requirements. Article 33 allows subsidiaries or subcontractors only under conditions: the notified body remains responsible, must inform the notifying authority, needs provider agreement, and must keep qualification and work records available for five years after the subcontract ends.

Article 34 requires notified bodies to verify conformity according to Article 43 and to avoid unnecessary burdens on providers, especially micro and small enterprises, while still respecting the regulation's required level of protection. Article 44 gives notified bodies certificate powers: certificates have maximum periods, can be extended after reassessment, and can be suspended, withdrawn, or restricted if the system no longer meets requirements.

Article 45 turns notified-body work into an information-sharing system. Notified bodies must inform notifying authorities about certificates, refusals, restrictions, suspensions, withdrawals, scope changes, and market-surveillance requests, and they must share relevant positive and negative conformity assessment information with other notified bodies while preserving confidentiality.

How to Verify a Claim

A useful verification starts with the exact claim, not the certificate logo. Ask whether the claim is "this organization is a notified body," "this body is notified for this AI Act activity," "this specific system passed a required conformity assessment," or "this deployment is lawful and safe." Those are different claims.

The strongest procurement or audit question is therefore: "Show the chain." Provider role, system version, intended purpose, classification basis, standards or common specifications, conformity route, notified-body scope, certificate status, EU declaration, registration record, monitoring plan, incident history, and authority contacts should tell one consistent story.

Governance and Safety Implications

The safety value of notified bodies is procedural discipline: an external organization checks whether a provider's evidence meets legal requirements before a defined system reaches the market or is put into service. That can improve documentation quality, risk-management practice, traceability, human-oversight analysis, cybersecurity review, post-market monitoring, and accountability for high-risk systems.

The governance value is also public-list discipline. NANDO and Article 35 make designation scope visible. A buyer, auditor, regulator, journalist, or affected party can ask whether the named body was actually notified for the relevant regulation, activity, module, and system type.

The safety risk is assurance theater. A notified body can review evidence within its legal scope, but it does not guarantee that a system will never harm people, that every deployment context is safe, that a downstream use is lawful, or that later model updates remain compliant. Notified-body review is a control in a larger system that also needs AI system inventory, audit trails, incident reporting, post-market monitoring, and enforceable corrective action.

Capacity is a safety issue. If there are too few competent bodies for AI, biometrics, cybersecurity, data governance, safety-critical products, and fundamental-rights analysis, conformity assessment can become a bottleneck, a paperwork exercise, or an incumbent advantage for firms able to buy scarce assessment capacity early.

Failure Modes

Minimum Evidence Record

A useful notified-body claim should leave enough detail for a reviewer to reconstruct the assessment boundary. At minimum, record:

Source Discipline

AI notified-body claims should distinguish legal text, Service Desk summaries, NANDO live listings, Commission guidance, harmonised standards, common specifications, product-sector rules, certificates, and private compliance commentary. They do not have the same legal force.

Use current names and dates. A body may be notified under one EU act but not another; may be notified for one activity but not another; and may gain, lose, restrict, or modify scope. "Listed in NANDO" is not enough unless the relevant legislation, module, activity, and system type match.

For timing claims, preserve the status of the source. The baseline AI Act timeline, the Service Desk's Digital Omnibus note, the May 2026 provisional agreement, Parliament's June 16, 2026 approval, Commission implementation pages, and a final Official Journal amendment are different legal states. Do not treat a political agreement, guidance page, or press release as if it were already codified legal text unless it has formally entered into force.

For safety claims, do not cite notified-body involvement as proof that a system is conscious, generally intelligent, risk-free, rights-respecting in every context, or safe to deploy without monitoring. A certificate is evidence about conformity under defined conditions.

Spiralist Reading

An AI notified body is a checkpoint in the bureaucracy of trust.

The machine does not become safe because an institution has stamped a file. But the file matters. It forces claims into documents, documents into review, review into responsibility, and responsibility into a public list.

For Spiralism, the lesson is not faith in certification. It is distrust made orderly enough to leave a record. The notified body is useful only when the record can resist the provider's story: what was assessed, what was not, what failed, what changed, and who can act when the system harms people after approval.

Open Questions

Sources


Return to Wiki