The EU AI Act introduces key roles in the AI value chain, including authorized representatives (ARs) who act as intermediaries between non-EU AI providers and EU regulators. Authorized Representatives perform tasks specified in the mandate on behalf of non-EU providers, facilitating entry into the EU market.
Providers of high-risk AI systems or general-purpose AI models from third countries must appoint an AR within the EU. ARs, based in the EU, handle regulatory obligations and perform tasks specified in the mandate connected with EU regulations.
ARs verify documentation, maintain records, provide information to authorities, and serve as a contact point for compliance issues. While specific qualifications are not listed, ARs ideally possess a strong understanding of EU regulations, technical aspects of AI, good communication skills, and knowledge of EU laws. They play a vital role in ensuring transparency and trustwortiness in the EU AI ecosystem.
The EU AI Act introduces several pivotal roles within the AI value chain, each tasked with specific compliance duties:
Develops AI systems or GPAI models and must comply with regulations when distributing or producing AI outputs in the EU market. Example: A software company creating AI-driven products for EU consumers.
Utilizes AI systems in real-world applications and must ensure compliance with regulations regarding data governance and incident reporting. Example: A healthcare provider using AI algorithms to assist in medical diagnostics.
Incorporates AI systems into products and must adhere to regulations regardless of location if distributing in the EU market. Example: An automotive manufacturer integrating AI technology into self-driving vehicles sold in the EU.
Acts as a gatekeeper for AI systems entering the EU market from non-EU countries and must conduct due diligence before placement. Example: An EU-based company importing AI-powered gadgets from Asia.
Provides AI systems for distribution or use in the EU market and must verify compliance of related providers and importers. Example: A technology company distributing AI software solutions to EU businesses.
Acts as an intermediary between non-EU AI providers and EU authorities, performing tasks specified in the mandate on behalf of the provider. Example: An EU-based consultancy appointed by a U.S. AI developer to oversee regulatory obligations in the EU.
Providers of high risk AI systems or general-purpose AI models based in third countries must appoint an AR within the EU before introducing their products to the Union market. This requirement emphasizes the importance of having a local presence to navigate EU regulations effectively.
However, there is an exception to this obligation for providers of general-purpose AI models released under a free and open-source license permitting access, usage, modification, and distribution of the model, along with the public availability of parameters, model architecture information, and usage data, unless such models present systemic risks.
As defined in the EU AI Act, AR’s are individuals or entities located or established within the EU who have received and accepted a written mandate from a provider of a high risk AI system or a general-purpose AI model. Their primary responsibility is to perform and carry out, on behalf of the provider, the obligations and procedures established by the regulation.
AR’s serve as intermediaries between AI providers located outside the EU and regulatory bodies within Europe and their crucial role is to ensure in the frame of their mandate that the provider has undertaken all measures and has all required documentation prescribed with the strict regulations of the EU AI Act.
For example, let’s say a tech company based in the United States develops an AI system classified as high risk or general-purpose AI models and wants to sell it in the EU market. Before they can do so, they need to appoint an AR within the EU.
This representative will handle all communication with European regulatory authorities, ensuring that the company has all documentation in place and has taken prescribed actions to prove that the AI system meets all necessary compliance standards before it is made available for sale.
In summary, AR plays a crucial role in streamlining the regulatory process for AI providers operating outside the EU. By ensuring adherence to EU regulations, they contribute to building trust and transparency in the AI industry within Europe.
In the intricate domain of AI regulation in the European Union, ARs shoulder diverse responsibilities, encompassing verification and serving as regulatory liaisons. Let’s explore each of these roles in detail.
An Authorized Representative is any natural or legal person located or established within the EU who receives and accepts a written mandate from a provider of a high risk AI system or a general-purpose AI model. This mandate empowers them to act on behalf of the provider, carrying out obligations and procedures mandated by the regulation.
AR’s are tasked with verifying that the EU declaration of conformity and technical documentation have been prepared and that the appropriate conformity assessment procedure has been conducted by the provider.
ARs keep essential documentation, including the contact details of the provider, EU declaration of conformity, technical documentation, and relevant certificates, available to AI Office for at least 10 years after the AI system is placed on the market.
They provide the AI Office, upon request, with all necessary information and documentation to demonstrate compliance with the regulation.
ARs cooperate with competent authorities and the AI Office, upon request, in any action related to the AI system or general-purpose AI model. This may include actions to reduce and mitigate risks posed by the AI system or model.
They comply with registration obligations, if applicable, and ensure that correct information is provided to the EU database for high-risk AI systems.
Authorized Representatives serve as a contact person established within the EU for issues related to ensuring compliance with the regulation. They may be addressed by competent authorities on all matters concerning compliance and shell act within the framework of the mandate issued by the provider.
If an AR believes or has reasons to believe that the provider is not fulfilling its obligations under the regulation, they have the authority to terminate the mandate. In such cases, they inform the relevant market surveillance authority and, if applicable, the notified body about the termination and the reasons behind it.
To illustrate, let’s consider a scenario where a company based in the US develops a high-risk AI system intended for the EU market. Before making the system available in the EU, the US company must appoint an AR established within the EU. This AR will check if the company has appropriate documentation and measures in place that will assure that the system meets all regulatory requirements, verify documentation, and cooperate with authorities if needed.
In summary, ARs serve as essential liaisons between non-EU AI providers and EU regulatory bodies and contribute to a safer and more transparent AI ecosystem within Europe.
The EU AI Act does not explicitly list specific qualifications required for an AR. However, given the responsibilities of the role, the AR should ideally have a strong understanding of the EU AI Act, its requirements, and the technical aspects of the AI systems they represent.
The AR is expected to verify that the EU declaration of conformity and the technical documentation have been appropriately drawn up by the provider. This implies a need for technical knowledge to understand these documents and verify their accuracy.
Moreover, the AR must be capable of cooperating with competent national authorities and providing them with all the necessary information and documentation. This suggests a need for good communication skills and a thorough understanding of the AI system and its compliance with the EU AI Act.
It’s also worth noting that the AR must be established within the EU. This could imply a need for knowledge of EU laws and regulations, as well as the specific requirements of the EU AI Act.
The EU AI Act has introduced several roles within the AI value chain, including providers, deployers, product manufacturers, importers, distributors, and authorized representatives (ARs). ARs act as intermediaries between non-EU AI providers and EU regulatory bodies, performing tasks specified in the mandate on behalf of non-EU providers.
Providers of high-risk AI systems or general-purpose AI models based in third countries must appoint an AR within the EU before introducing their products to the EU market. ARs, located or established within the EU, carry out regulatory obligations mandated by the regulation, verifying that the EU declaration of conformity and technical documentation have been prepared and that the appropriate conformity assessment procedure has been conducted by the provider.
ARs have various responsibilities, including verifying documentation, record-keeping, providing information to authorities, cooperating with competent bodies, and serving as a contact person for compliance issues. They play a crucial role in streamlining the regulatory process for non-EU AI providers, contributing to trust and transparency in the AI industry within Europe.
While specific qualifications are not explicitly stated in the EU AI Act, Authorized Representatives should ideally possess a strong understanding of EU regulations, technical aspects of AI systems, good communication skills, and knowledge of EU laws and regulations. Their role is essential in providing trustworthiness in the AI value chain so that high-risk AI systems comply with the EU AI Act, contributing to a safer and more transparent AI ecosystem within Europe.
If you need assistance with implementing AI within your business, reach out to our team at GDPRLocal.