Certification Guide

EU AI Act Conformity Assessment & Certification: Complete Guide 2026

Last Updated: January 20, 2026 18 min read By ActProof.ai Compliance Team
🇮🇹 Leggi in Italiano

Conformity assessment is the mandatory process that high-risk AI system providers must complete to demonstrate compliance with the EU AI Act. This process includes technical documentation review, quality management system assessment, and CE marking. This guide explains conformity assessment procedures, certification requirements, compliance checker tools, and how to achieve certification before the August 2, 2026 deadline.

Table of Contents

What is EU AI Act conformity assessment?

Conformity assessment is the process by which providers demonstrate that their high-risk AI systems comply with the requirements of the EU AI Act (Regulation (EU) 2024/1689). Conformity assessment is mandatory for all high-risk AI systems before they can be placed on the market or put into service.

Conformity assessment serves several purposes:

  • Compliance Verification: Confirms that AI systems meet all mandatory requirements
  • Risk Mitigation: Ensures high-risk AI systems are safe and compliant
  • Market Access: Required for placing high-risk AI systems on the EU market
  • Legal Protection: Provides legal certainty for providers and users

Source: European Commission - AI Act Official Page

What are the conformity assessment procedures?

The EU AI Act provides two main conformity assessment procedures for high-risk AI systems, as specified in Article 43.

Procedure Description When Applicable Article Reference
Conformity Based on Internal Control Provider performs self-assessment and declares conformity Most high-risk AI systems (Annex VII) Article 43(1)
Conformity Assessment with Notified Body Third-party notified body performs assessment AI systems used in specific contexts (Annex VIII) Article 43(2)

Conformity Based on Internal Control (Annex VII)

Most high-risk AI systems follow the internal control procedure, where providers:

  • Perform self-assessment of compliance
  • Prepare technical documentation
  • Implement quality management system
  • Issue EU declaration of conformity
  • Affix CE marking

Conformity Assessment with Notified Body (Annex VIII)

Certain high-risk AI systems require third-party assessment by notified bodies, including:

  • AI systems used in biometric identification
  • AI systems used in critical infrastructure
  • AI systems used in law enforcement
  • AI systems used in migration and border control

What is CE marking for AI systems?

CE marking is the visible indicator that a high-risk AI system complies with the EU AI Act requirements. CE marking must be affixed before placing the AI system on the market or putting it into service.

CE Marking Requirement Description Article Reference
Mandatory for High-Risk AI CE marking is required for all high-risk AI systems Article 48
Before Market Placement CE marking must be affixed before placing on market Article 48(1)
EU Declaration Required EU declaration of conformity must accompany CE marking Article 48(2)
Notified Body Number If notified body involved, identification number must be included Article 48(3)

What are the certification requirements for high-risk AI systems?

High-risk AI systems must meet comprehensive certification requirements before receiving CE marking and market access.

Certification Requirement Description Article Reference
Risk Management System Comprehensive risk management system must be implemented Article 9
Data Governance Training, validation, and testing data must meet quality requirements Article 10
Technical Documentation Complete technical documentation must be prepared Article 11
Record Keeping Automated logging capabilities must be implemented Article 12
Transparency User information and transparency requirements must be met Article 13
Human Oversight Appropriate human oversight mechanisms must be implemented Article 14
Accuracy and Robustness AI systems must achieve appropriate accuracy and robustness Article 15
Quality Management System QMS must be established and maintained Article 17

How to use an AI Act compliance checker?

An AI Act compliance checker is a tool that helps organizations assess their AI systems' compliance with EU AI Act requirements. Compliance checkers can be used throughout the development lifecycle to identify gaps and ensure readiness for conformity assessment.

What does a compliance checker evaluate?

  • Classification: Verifies correct risk classification of AI systems
  • Technical Documentation: Checks completeness and quality of technical documentation
  • Risk Management: Assesses risk management system implementation
  • Data Governance: Evaluates data quality and governance practices
  • Quality Management: Reviews QMS implementation and effectiveness
  • Compliance Gaps: Identifies areas requiring remediation before certification

Benefits of using a compliance checker

  • Early Identification: Identifies compliance issues early in development
  • Cost Reduction: Reduces costs by catching issues before conformity assessment
  • Time Savings: Accelerates certification process by ensuring readiness
  • Risk Mitigation: Reduces risk of certification failure or delays

What are notified bodies and their role?

Notified bodies are third-party organizations designated by EU member states to perform conformity assessment for certain high-risk AI systems. Notified bodies play a critical role in the certification process.

Notified Body Function Description Article Reference
Conformity Assessment Perform conformity assessment for Annex VIII AI systems Article 33
Technical Documentation Review Review technical documentation for completeness and compliance Article 33(2)
Quality Management Assessment Assess QMS implementation and effectiveness Article 33(3)
Certification Issuance Issue conformity certificates for compliant AI systems Article 33(4)

How to complete conformity assessment step-by-step?

Follow this systematic process to complete conformity assessment for your high-risk AI system.

Step 1: Prepare Technical Documentation

  • Compile all required technical documentation (Article 11)
  • Ensure documentation covers all mandatory requirements
  • Review documentation for completeness and accuracy
  • Use compliance checker tools to verify completeness

Step 2: Implement Quality Management System

  • Establish QMS according to Article 17 requirements
  • Document QMS procedures and processes
  • Train staff on QMS requirements
  • Conduct internal audits to verify QMS effectiveness

Step 3: Perform Risk Assessment

  • Complete risk assessment according to Article 9
  • Document identified risks and mitigation measures
  • Implement risk mitigation measures
  • Verify effectiveness of risk mitigation

Step 4: Complete Conformity Assessment Procedure

  • Determine which conformity assessment procedure applies (Annex VII or VIII)
  • If Annex VII: Perform internal control and self-assessment
  • If Annex VIII: Engage notified body for third-party assessment
  • Address any non-conformities identified during assessment

Step 5: Issue EU Declaration of Conformity

  • Prepare EU declaration of conformity
  • Include all required information (Article 48)
  • Sign declaration and maintain records
  • Keep declaration available for market surveillance authorities

Step 6: Affix CE Marking

  • Affix CE marking to AI system
  • Ensure CE marking is visible and legible
  • Include notified body identification number if applicable
  • Maintain records of CE marking application

What documentation is reviewed during conformity assessment?

During conformity assessment, the following documentation is reviewed:

  • Technical Documentation: Complete technical documentation (Article 11, Annex IV)
  • Risk Management Documentation: Risk assessment reports and mitigation plans
  • Data Governance Documentation: Data quality assessments and bias evaluations
  • QMS Documentation: Quality management system procedures and records
  • Testing Documentation: Test results and validation reports
  • EU Declaration of Conformity: Declaration confirming compliance

What is the certification timeline and deadline?

The EU AI Act establishes specific deadlines for compliance:

Deadline Requirement Article Reference
August 2, 2026 Full compliance required for high-risk AI systems Article 113(2)
Before Market Placement Conformity assessment must be completed before placing on market Article 43
Ongoing Post-market monitoring and compliance maintenance required Article 72

Next Steps

Organizations should begin conformity assessment preparation now to ensure certification by August 2, 2026. Start by preparing technical documentation, implementing QMS, and using compliance checker tools to identify and address gaps.

Need Help with Conformity Assessment & Certification?

ActProof.ai automates EU AI Act compliance through AI-BOM generation, Policy-as-Code validation, bias monitoring, and automated documentation. Our platform includes compliance checker tools and helps organizations achieve certification efficiently. Contact us to learn how we can help.

Start Free Trial

Related Articles

EU AI Act Classification: How to Classify AI Systems by Risk Level 2026

Learn how to correctly classify AI systems according to risk level.

EU AI Act Compliance Checklist 2026: Complete Step-by-Step Guide

Complete compliance checklist covering all mandatory requirements.

Back to Blog