Tag: market surveillance authority ai act

  • AI Act Penalties for Public Sector Research

    Universities and public research bodies are covered by the EU AI Act’s penalty framework, but they are not fined like companies. Article 99(8) of Regulation (EU) 2024/1689 leaves it to each Member State to decide how far, and whether, administrative fines apply to public authorities and bodies established on its territory — a carve-out that no generic “AI Act penalties” explainer written for commercial vendors mentions. This article sets out what research institutions actually risk, and when.

    The EU AI Act is Regulation (EU) 2024/1689, the world’s first comprehensive cross-sectoral law regulating artificial intelligence, which entered into force on 1 August 2024 and applies a risk-tiered set of obligations and fines to providers and deployers of AI systems, including public-sector research organisations.

    How does the AI Act’s tiered fine structure work?

    Article 99 of the AI Act sets three tiers of administrative fine, scaled to the seriousness of the breach. The ceilings are deliberately set above the GDPR’s €20 million/4% cap to signal that AI enforcement is meant to have real teeth from the outset.

    • Tier 1 — prohibited practices (Article 5): up to €35 million or 7% of worldwide annual turnover, whichever is higher, for banned uses such as social scoring, subliminal manipulation, or untargeted facial-recognition scraping.
    • Tier 2 — high-risk system non-compliance: up to €15 million or 3% of turnover for failing to meet risk-management, data-governance, documentation, or human-oversight duties for high-risk AI systems.
    • Tier 3 — misleading information: up to €7.5 million or 1% of turnover for supplying incorrect, incomplete, or misleading information to a market surveillance authority or notified body.

    Recital 81 requires that whatever figure a Member State ultimately sets, penalties must be “effective, proportionate and dissuasive” — the same three-part test used elsewhere in EU law, including data protection enforcement.

    Are universities and public bodies fined the same as companies?

    Not automatically. Article 99(8) states that each Member State shall lay down rules on the extent to which administrative fines may be imposed on public authorities and bodies established in that Member State. This single clause is the crux of institutional liability for universities, national research councils, and other publicly funded research organisations — and it is the fact almost entirely absent from commercial-vendor-focused coverage of “AI Act penalties”.

    In practice, this means the €35m/7% ceiling is not a fixed number for a university — it is a national policy choice. Member States are free to:

    • Apply the full commercial fine scale to public bodies, to preserve a level playing field;
    • Set a lower cap or a fixed-fee schedule that reflects public funding constraints; or
    • Substitute non-monetary corrective measures (compliance orders, publication of findings) in place of fines for state-funded bodies.

    Because transposition is still working through national legislatures as of mid-2026, a university’s actual exposure depends on where it is established, not on the AI Act’s headline figures alone. Research administrators should check their national AI Act implementing law — not the regulation’s text alone — to find their institution’s real ceiling.

    How are EU institutions and agencies treated differently?

    The Act does draw one explicit, EU-wide distinction between public and commercial actors. Article 100 subjects the EU’s own institutions, bodies, offices and agencies to a separate, lower fine scale, enforced by the European Data Protection Supervisor (EDPS) rather than a national market surveillance authority. For prohibited practices, the EU-institution ceiling is €1.5 million; for other infringements, €750,000 — roughly 4–5% of the commercial ceilings.

    This confirms, in the Act’s own text, that the legislature considered public-sector and non-profit bodies a distinct risk-and-resource category rather than an oversight gap. It also gives national legislators a concrete precedent to draw on when they set their own Article 99(8) rules for universities and public research bodies within their jurisdiction.

    AI Act fine ceilings by actor type
    Actor type Prohibited practices High-risk non-compliance Misleading information Who enforces
    Commercial company €35m or 7% turnover €15m or 3% turnover €7.5m or 1% turnover National market surveillance authority
    University / public research body Set by national law (Art. 99(8)) Set by national law (Art. 99(8)) Set by national law (Art. 99(8)) National market surveillance authority
    EU institution, body or agency €1.5m (Art. 100) €750,000 (Art. 100) €750,000 (Art. 100) European Data Protection Supervisor

    Who actually enforces the AI Act against a university?

    Enforcement is decentralised. Each Member State designates one or more national market surveillance authorities under Article 70 to police AI Act compliance within its territory, including by public bodies. At EU level, the European AI Office, established within the European Commission in February 2024, holds exclusive competence over general-purpose AI model providers and coordinates cross-border enforcement — but it does not directly fine individual universities for high-risk system misuse; that remains a national market-surveillance-authority function.

    For a research institution, this means the practical first point of regulatory contact is a domestic body — often the same authority, or one working alongside the authority, that already handles product-safety or data-protection oversight — not Brussels.

    Where is research-sector exposure highest?

    AI systems used in education and vocational training — including tools that determine admission, assess students, or monitor exam conduct — are classified as high-risk under Annex III(3) of the AI Act. High-risk obligations (risk management, technical documentation, human oversight, data governance) become directly applicable from 2 August 2026, per the Act’s phased implementation timetable, alongside the general application date set for most remaining provisions.

    Universities and research funders deploying AI for admissions scoring, plagiarism or research-integrity screening, automated grant-assessment triage, or proctoring therefore carry the same substantive compliance duties as a commercial high-risk provider — only the fine ceiling, under Article 99(8), may differ nationally. Institutions using such tools should not assume “non-profit” status reduces their compliance workload; it may only affect the penalty if that workload is neglected.

    Answer-first Q&A

    What is the penalty for violating the AI Act?

    Penalties follow a three-tier structure under Article 99: up to €35 million or 7% of global turnover for prohibited practices, up to €15 million or 3% for high-risk non-compliance, and up to €7.5 million or 1% for misleading regulators. Public bodies fall under a separate national rule set by Article 99(8) rather than these fixed ceilings.

    What is the penalty for prohibited AI use cases under the EU AI Act?

    Prohibited practices — such as social scoring, subliminal manipulation, and untargeted biometric scraping — carry the Act’s highest tier: up to €35 million or 7% of worldwide annual turnover, whichever is higher. This is the ceiling that also anchors the national rules Member States must write for public authorities under Article 99(8).

    Is the AI Act legally binding?

    Yes. As an EU Regulation (2024/1689), the AI Act is directly applicable and legally binding in every Member State without national transposition legislation, unlike a Directive. Member States must still legislate separately on penalty specifics for public bodies under Article 99(8) and designate enforcement authorities under Article 70.

    What this means for research administrators

    Three actions follow directly from the text. First, confirm whether your national government has finalised its Article 99(8) rules for public-sector fines — many are still in transposition as of mid-2026, so the applicable ceiling for your institution may not yet be settled. Second, audit any admissions, assessment, or proctoring AI against the Annex III(3) high-risk classification ahead of the 2 August 2026 application date. Third, treat the Article 100 EDPS regime for EU bodies as the closest available precedent for how a “public-interest, non-commercial” fine schedule is likely to be structured nationally — proportionate, but not zero.

    The direction of travel is clear: research institutions are inside the AI Act’s enforcement perimeter, not outside it. The open question, left deliberately to national law, is how hard that enforcement bites.

  • EU AI Office: Enforcement for Research Bodies

    The EU AI Office does not enforce most of the AI Act. It is a European Commission unit, inside the Directorate-General for Communications Networks, Content and Technology (DG CNECT), with exclusive competence over general-purpose AI (GPAI) models. Day-to-day enforcement against high-risk AI systems — the category covering most tools used in universities, funders and public research bodies — falls to each Member State’s national market surveillance authority, not the AI Office.

    The EU AI Office is the Commission’s central coordinating body for Regulation (EU) 2024/1689 (the AI Act), responsible for supervising GPAI models, chairing the technical governance structure and preparing Commission guidance — while national authorities retain enforcement power over almost everything else.

    What is the EU AI Office?

    The AI Office was established by a European Commission decision in January 2024, alongside political agreement on the AI Act. It sits within DG CNECT rather than as a stand-alone agency, and functions legally as part of the Commission — so references to “the AI Office” in the Act’s text are references to the Commission acting through that unit.

    Its headquarters are in Brussels. Wikipedia’s infobox for the European Artificial Intelligence Office records around 60 staff at 2024 launch, projected above 140, under Director Lucilla Sioli. The Office also acts as Secretariat to the European AI Board, the forum of one representative per Member State coordinating national implementation.

    • Supervises GPAI model providers under AI Act Chapter V
    • Drafts codes of practice, guidelines and implementing acts for the Commission
    • Coordinates joint investigations across Member States on cross-border AI risk
    • Runs the AI Act Service Desk and single information platform
    • Chairs the scientific panel of independent experts monitoring systemic-risk models

    Who actually enforces the AI Act — the AI Office or national authorities?

    Enforcement is split by system type, not centralised in one body. The AI Office’s remit is narrow but powerful: only GPAI models and systems — the foundation models underpinning many downstream research tools. Everything else, including the high-risk systems a university, funder or public research agency is far more likely to deploy directly, is enforced nationally.

    Each Member State designates one or more market surveillance authorities (MSAs) under Article 74, alongside a “notifying authority” overseeing conformity-assessment bodies. Because States may designate sector-specific bodies rather than one regulator, the map is fragmented: CMS Law’s 2025 enforcement analysis notes that, once sectoral designations are counted, several thousand bodies across the EU can hold market-surveillance-authority status, with AI systems now added to their remit.

    A separate rule applies to the EU’s own institutions. Under Article 74(9), the European Data Protection Supervisor (EDPS) is the market surveillance authority for AI systems used by EU institutions, bodies, offices and agencies — relevant to EU-funded research infrastructures and executive agencies, as distinct from national universities and funders.

    Body Enforces Covers Key power
    EU AI Office GPAI model obligations (Chapter V) Foundation-model providers, EU-wide Model evaluations, mitigation orders, market withdrawal
    National market surveillance authority High-risk and other AI system obligations Deployers/providers within one Member State, incl. universities and public bodies Inspections, corrective orders, fines
    European Data Protection Supervisor All AI Act obligations EU institutions, bodies, offices and agencies Fines against EU public administration
    European AI Board Coordination, not direct enforcement All 27 Member States (via national reps) Consistency, joint-investigation coordination

    Does the research exemption apply to universities and public bodies?

    Partly, and the boundary matters more than most explainers acknowledge. Article 2(8) states that obligations do not apply to research, testing or development activity on an AI system before it is placed on the market or put into service. Article 2(6) separately exempts systems developed and used for the sole purpose of scientific research and development.

    Neither carve-out protects a university once it moves from research into operational use. Annex III(3) classifies AI systems used to evaluate exam answers, determine admission or assess applicants as high-risk. A plagiarism-detection or admissions-scoring tool a university actually deploys against students is therefore fully in scope — and, because most universities and funders are “bodies governed by public law”, Article 27 requires a fundamental rights impact assessment (FRIA) before deployment.

    How can research institutions and public bodies seek guidance?

    Three channels exist, and institutions frequently default to the wrong one. The AI Act Service Desk (ai-act-service-desk.ec.europa.eu) is the Commission’s central portal where any stakeholder, including a university legal office or funder’s compliance team, can submit a question and get an answer from a Commission-coordinated expert team; it is the right first stop for interpretive questions on scope, classification or the research exemptions above.

    For enforcement-specific queries — “is our deployed system high-risk, and what must we file?” — the correct contact is the national market surveillance authority in the institution’s own Member State, not the AI Office, which has no jurisdiction over nationally-deployed high-risk systems. EU-affiliated bodies should instead approach the EDPS. National governments must separately establish AI regulatory sandboxes, giving public research bodies a supervised route to trial new systems before full-scale deployment.

    What are the penalties for AI Act non-compliance?

    Article 99 sets three fine tiers, using the higher figure for large organisations and the lower for SMEs and start-ups:

    • Up to €35 million or 7% of global annual turnover for breaching prohibited AI practices (Article 5)
    • Up to €15 million or 3% of global annual turnover for breaching most other provider or deployer obligations
    • Up to €7.5 million or 1% of global annual turnover for supplying incorrect, incomplete or misleading information to authorities or notified bodies

    Article 101 gives the Commission a separate fining power against GPAI model providers, up to 3% of worldwide annual turnover or €15 million, whichever is higher, for infringements the AI Office identifies through model evaluation. Public-sector bodies are not exempt from Article 99 fines, though Member States retain some discretion over how penalties apply to public administration.

    Providers can reduce GPAI exposure by signing the General-Purpose AI Code of Practice, published by the AI Office in 2025 with independent experts across transparency, copyright and safety/security chapters. Adherence is voluntary but, pending harmonised standards, creates a presumption of conformity — worth knowing for institutions procuring GPAI tools from signatory vendors.

    Answer-first questions on the EU AI Office

    Where is the EU AI Office?

    The EU AI Office is headquartered in Brussels, inside the European Commission’s Directorate-General for Communications Networks, Content and Technology (DG CNECT). It is not a separate legal agency; it operates as a Commission unit with its own director, staff and published mandate under the AI Act’s governance provisions.

    Who is the head of the EU AI Office?

    The EU AI Office is led by Director Lucilla Sioli, who reports within DG CNECT’s management structure. The director’s mandate covers GPAI supervision, Secretariat duties for the European AI Board, and coordination of the scientific panel of independent experts that monitors systemic-risk models.

    What is a market surveillance authority?

    A market surveillance authority is the national body a Member State designates to monitor, inspect and take corrective or punitive action against non-compliant products — including, under the AI Act, high-risk AI systems deployed within that country’s territory, such as university admissions or assessment tools.

    What is post-market monitoring under the AI Act?

    Post-market monitoring is the ongoing obligation on providers and deployers of high-risk AI to actively collect and analyse performance data after deployment. It feeds directly into market surveillance authority oversight, giving regulators evidence to investigate serious incidents or systemic risk once a system is in real-world use.

    Implications for research administrators

    The practical takeaway is that “who do we ask” and “who can fine us” are different questions with different answers. The AI Office is the right destination for interpretive guidance on GPAI; the national market surveillance authority holds actual enforcement jurisdiction over a deployed high-risk system inside a research institution.

    As GPAI-based tools proliferate across grant review, plagiarism screening and admissions, institutions that conflate the AI Office’s central mandate with national enforcement risk misdirecting queries and missing the FRIA obligations Article 27 attaches to public bodies. Building this literacy now, ahead of the Act’s staged 2025–2027 application timeline, is cheaper than resolving a misdirected enforcement dispute later. For related governance context, see CASRAI’s research administration resources.