Glossary term
Glossary term
Governance and Compliance
A national authority responsible for monitoring compliance, investigating nonconforming products or systems, and taking enforcement action. AI governance teams should know which authorities may oversee their AI use or products. Regulatory engagement should be planned before an issue occurs, including who responds, where evidence is stored, and how corrective action is tracked.
EU AI Act Article 70 requires Member States to designate market surveillance authorities; in France this is the CNIL with the ANSSI for cybersecurity aspects, while Germany is using BNetzA.
Italy's Garante and France's CNIL both took early enforcement actions against ChatGPT in 2023 under GDPR, foreshadowing market surveillance approaches for AI.
The European Data Protection Supervisor was designated by the EU AI Act as the market surveillance authority for EU institutions, bodies, offices, and agencies.