AI Sigil Logo
Contact Us
Back to all insights
A key to represent access and enforcement.

Sections

Enforcing the EU AI Act: Challenges and Responsibilities

Enforcement of the AI Act: A Comprehensive Overview

The European Union Artificial Intelligence Act (AI Act) came into force on August 1, 2024. This legislation introduces a risk-based approach to the regulation of artificial intelligence (AI), prohibiting certain unacceptable practices while imposing specific requirements on high-risk AI systems, such as those utilized in health, employment, and law enforcement.

Introduction

As the AI Act takes effect, one of the foremost challenges is the enforcement of its provisions in practice. This article delves into the enforcement structures established by the AI Act, focusing on the roles of various authorities and highlighting the complexities that may arise in implementation.

1. Centralized and Decentralized Enforcement Structures

The enforcement of the AI Act relies on both centralized and decentralized structures, with the primary actors being:

  • National Market Surveillance Authorities
  • The European Commission, through the AI Office
  • The European Data Protection Supervisor (EDPS)

2. Market Surveillance Authorities

Each EU Member State is required to designate at least one notifying authority and one market surveillance authority, which together constitute the national competent authorities.

  • Notifying Authorities: Responsible for the pre-implementation phase of AI systems, these authorities establish and apply conformity assessment frameworks. They certify compliance of high-risk AI systems with the AI Act.
  • Market Surveillance Authorities: These authorities supervise AI systems after they are placed on the market. They possess the power to impose sanctions for non-compliance, including administrative fines for various infringements.

Sanctions for non-compliance can be significant, including:

  • Administrative fines of up to EUR 35 million for non-compliance with prohibited AI practices.
  • Fines of up to EUR 15 million for non-compliance with operator obligations.
  • Fines of up to EUR 7 million for providing incorrect or misleading information.

3. The Role of the European Commission and AI Office

The European Commission has exclusive powers to supervise and enforce obligations for general-purpose AI models. This responsibility is delegated to the AI Office, which can act on its initiative or upon receiving complaints.

The AI Office is equipped with investigative and corrective powers, including:

  • Requesting documentation and information from providers of general-purpose AI models.
  • Conducting evaluations to assess compliance and investigate systemic risks.
  • Imposing fines of up to 3% of annual worldwide turnover or EUR 15 million for non-compliance.

4. The European Data Protection Supervisor (EDPS)

The EDPS serves as the competent market surveillance authority for EU institutions, agencies, and bodies. They hold similar powers to national market surveillance authorities but with lower fines:

  • Fines of up to EUR 1.5 million for non-compliance with prohibited AI practices.
  • Fines of up to EUR 750,000 for other infringements.

5. Cooperation Mechanisms

The AI Act includes mechanisms to ensure cooperation among national competent authorities and the European Commission. Key points include:

  • Market surveillance authorities must inform the Commission and other Member States if non-compliance extends beyond their national territory.
  • Provisional measures can be taken against operators not taking adequate corrective action.

6. Challenges in Enforcement

The enforcement framework of the AI Act presents several challenges:

  • The lack of a one-stop shop mechanism for operators dealing with multiple authorities across Member States.
  • Diverse procedural aspects may lead to inconsistencies in enforcement, as these are largely subject to national law.
  • The dual role of the AI Office may affect its impartiality.
  • Variation in expertise among market surveillance authorities could result in differing interpretations of the AI Act.

Conclusion

The enforcement of the AI Act is a complex endeavor that necessitates collaboration among various authorities. As the EU seeks to regulate AI effectively, addressing the challenges in its enforcement framework will be crucial for the successful implementation of the AI Act and the protection of citizens against potential risks associated with AI technologies.

More Insights

A safety helmet worn by drone operators

Revolutionizing Drone Regulations: The EU AI Act Explained

December 17, 2025 AI,AI Regulation,Drone Technology,Regulatory Framework
The EU AI Act represents a significant regulatory framework that aims to address the challenges posed by artificial intelligence technologies in various sectors, including the burgeoning field of...
Read More
A safety helmet worn by drone operators

Revolutionizing Drone Regulations: The EU AI Act Explained

December 1, 2025 AI,AI Regulation,Drone Technology,Regulatory Framework
The EU AI Act represents a significant regulatory framework that aims to address the challenges posed by artificial intelligence technologies in various sectors, including the burgeoning field of...
Read More
A light bulb to convey innovation and the bright potential of responsible AI solutions.

Embracing Responsible AI to Mitigate Legal Risks

November 29, 2025 AI,AI Ethics,AI Governance,AI Regulation
Businesses must prioritize responsible AI as a frontline defense against legal, financial, and reputational risks, particularly in understanding data lineage. Ignoring these responsibilities could...
Read More
A traffic light to illustrate the need for clear guidelines and regulations in managing AI technologies.

AI Governance: Addressing the Shadow IT Challenge

November 29, 2025 AI,AI Governance,AI Regulation Awareness,Regulatory Compliance
AI tools are rapidly transforming workplace operations, but much of their adoption is happening without proper oversight, leading to the rise of shadow AI as a security concern. Organizations need to...
Read More
A roadmap illustrating the journey companies must take to align with AI regulations.

EU Delays AI Act Implementation to 2027 Amid Industry Pressure

November 29, 2025 AI,AI Regulation,EU Compliance,Regulatory Compliance
The EU plans to delay the enforcement of high-risk duties in the AI Act until late 2027, allowing companies more time to comply with the regulations. However, this move has drawn criticism from rights...
Read More
A semiconductor chip

White House Challenges GAIN AI Act Amid Nvidia Export Controversy

November 29, 2025 AI,AI Regulation,Artificial Intelligence Governance,Technology Policy
The White House is pushing back against the bipartisan GAIN AI Act, which aims to prioritize U.S. companies in acquiring advanced AI chips. This resistance reflects a strategic decision to maintain...
Read More
Compliance checklist

Experts Warn of EU AI Act’s Impact on Medtech Innovation

November 29, 2025 AI,EU Compliance,Medtech Innovation,Regulatory Compliance
Experts at the 2025 European Digital Technology and Software conference expressed concerns that the EU AI Act could hinder the launch of new medtech products in the European market. They emphasized...
Read More
A tree

Ethical AI: Transforming Compliance into Innovation

November 29, 2025 AI,AI Ethics,Ethical AI
Enterprises are racing to innovate with artificial intelligence, often without the proper compliance measures in place. By embedding privacy and ethics into the development lifecycle, organizations...
Read More
A warning sign

AI Hiring Compliance Risks Uncovered

November 29, 2025 AI,AI Compliance,AI Regulation,Regulatory Compliance
Artificial intelligence is reshaping recruitment, with the percentage of HR leaders using generative AI increasing from 19% to 61% between 2023 and 2025. However, this efficiency comes with legal...
Read More