Conformity Body Notification
This new topic is needed because the content specifically addresses the application and notification procedures for conformity assessment bodies under the AI Act, which is a distinct regulatory mechanism not adequately covered by existing topics.
conformity assessment body notified body notification procedure application procedure body notification assessment body designation notification requirements application requirements
Overview
Legal Framework
Article 32 of the AI Act establishes the procedure for conformity assessment body notification. It creates a presumption of conformity: where a body demonstrates it meets the criteria in published harmonised standards, it is presumed to comply with the core requirements for notified bodies outlined in Article 31. This mechanism streamlines the notification process for national authorities by leveraging existing EU harmonisation tools. Recital 125 provides context, emphasizing the need for robust third-party conformity assessment for high-risk AI systems due to their complexity and associated risks, justifying the involvement of specialized notified bodies.
Practical Application
The authoritative commentary clarifies that the notification framework grants a central role to harmonised standards as a tool for demonstrating technical competence. The practical application hinges on the European Commission's publication of these standard references in the Official Journal. A conformity assessment body seeking notification must first align its procedures and competencies with the relevant harmonised standards. Upon successful demonstration to its national authority, the presumption under Article 32 applies, obligating that authority to accept the body's compliance with the covered requirements of Article 31. This process shifts the evidentiary burden, making adherence to published standards the primary pathway to becoming a notified body under the AI Act.
Key Considerations
- Standard Dependency: A conformity assessment body's ability to leverage the presumption of conformity is entirely contingent on the existence and publication of applicable harmonised standards by the European Commission. Bodies must monitor the Official Journal for these references.
- Scope of Presumption: The presumption only applies to the requirements of Article 31 that are "covered" by the harmonised standard in question. A body must ensure the standard it uses is exhaustive for the requirements it needs to demonstrate.
- National Authority Role: While the presumption is binding, the national authority retains the duty to verify the body's demonstration of conformity with the standards and to assess compliance with any Article 31 requirements not covered by those standards.
Laws (22)
View all 22Recital 179
Article 30
Aanmeldingsprocedure
Article 31
Voorschriften in verband met aangemelde instanties
Article 32
Vermoeden van conformiteit met voorschriften met betrekking tot aangemelde instanties
Article 33
Dochterondernemingen van aangemelde instanties en onderaanneming
Article 34
Operationele verplichtingen van aangemelde instanties
Article 35
Identificatienummers en lijsten van aangemelde instanties
Article 37
Betwisting van de bekwaamheid van aangemelde instanties
Article 38
Coördinatie van aangemelde instanties
Article 39
Conformiteitsbeoordelingsinstanties van derde landen
Article 45
Informatieverplichtingen voor aangemelde instanties
Recital 50
Article 29
Application of a conformity assessment body for notification
Article 30
Notification procedure
Article 32
Presumption of conformity with requirements relating to notified bodies
Recital 68
Recital 125
Recital 126
Recital 139
Guidance (12)
Guidelines 1/2019 on Codes of Conduct and Monitoring Bodies under Regulation 2016/679
Guidelines on codes of conduct and monitoring bodies
Guidelines 4/2019 on Article 25 Data Protection by Design and by Default Version 2.0 Adopted on 20 October 2020
Guidelines on data protection by design and by default
Version history
Guidelines on articles 46 (2) (a) and 46 (3) (b) of Regulation 2016/679 for transfers of personal data between EEA and non-EEA public authorities and bodies
Guidelines 9/2022 on personal data breach notification under GDPR
Guidelines on personal data breach notification under GDPR
Version history
Guidelines on the accreditation of certification bodies
Guidelines 02/2022 on the application of Article 60 GDPR
Guidelines on the application of Article 60 GDPR
With the introduction of the GDPR, the concept of the one-stop shop was established as one of the main innovations. In cross-border processing cases, the supervisory authority in the Member State of the controller's or processor's main establishment is the authority leading the enforcement of the GDPR for the respective cross-border processing activities, in cooperation with all the authorities which may face the effects of the processing activities at stake: be it through the establishments ...
VERSIEGESCHIEDENIS
binding corporate rules voor verwerkingsverantwoordelijken
Versiegeschiedenis
guidelines accreditatie
Richtsnoeren van 1/2018 voor certificering en het vaststellen van certificeringscriteria overeenkomstig de artikelen 42 en 43 van de verordening
guidelines certificering
Richtsnoeren 1/2019 voor gedragscodes en toezichthoudende organen in de zin van Verordening 2016/679
guidelines gedragscodes en toezichthoudende organen
Versiegeschiedenis
guidelines meldplicht datalekken
Richtsnoeren 4/2019 inzake artikel 25 Gegevensbescherming door ontwerp en door standaardinstellingen
guidelines privacy by design en default