Conformity assessment (EU AI Act)
A conformity assessment under the EU AI Act is the process of demonstrating that a high-risk AI system meets the requirements of Articles 9 to 15 before it is placed on the EU market. It is carried out either through internal control (Annex VI) or, for certain systems, with a notified body (Annex VII), and underpins the CE marking.
Two assessment routes
- Internal control (Annex VI) - the provider self-assesses against Articles 9 to 15. This is the default route for most Annex III high-risk systems.
- Third-party assessment with a notified body (Annex VII) - required for certain biometric systems and where a system is a safety component of a product already covered by sector law that mandates third-party assessment.
What follows a passed assessment
Once a high-risk system passes conformity assessment, the provider draws up an EU declaration of conformity (Article 47), affixes the CE marking (Article 48), and registers the system in the EU database (Article 71) before placing it on the market. Substantial modifications generally trigger a fresh assessment. Most high-risk obligations, including conformity assessment, apply from 2 August 2026, with high-risk AI embedded in regulated products following from 2 August 2027.
Last reviewed June 2026 by the ComplyAgent team.
See also our EU AI Act compliance guide, ISO/IEC 42001 and NIST AI RMF, or browse the full glossary.