Article 22 of the AI Act provides information about the authorized representatives of providers of high-risk AI systems, including their duties and responsibilities.
Providers of high-risk AI systems based out of third-world countries must appoint an authorized representative by written mandates before making their systems available on the EU market. Such a representative must be empowered to perform the tasks as instructed by the provider.
The authorized representative must perform all such tasks mandated by the provider. It shall provide a copy of the mandate to the market surveillance authorities upon request in one of the official languages of the EU as indicated by the competent authority.
The mandate shall empower the authorized representative to be addressed by the competent authorities, in addition to or instead of the provider, on all issues concerning compliance with the AI Act.
The mandate will empower the authorized representative to perform any of the following tasks:
- Verify that the technical documentation and the EU declaration of conformity are drawn up per the requirements of the Act;
- Ensure the appropriate conformity assessment procedure has been carried out by the provider;
- Keep the following documents for a period of 10 years after the high-risk AI system is put into service or placed on the market, in case requested by the national competent authorities and national authorities or bodies that supervise the application of EU harmonization laws, or are referred in other EU laws that might be relevant for the high-risk AI systems:
- Contact details of the provider;
- Copy of the EU declaration of conformity;
- Technical documentation;
- The certificate issued by the notified body.
- Provide a national competent authority with all the information and documentation necessary when requested to demonstrate the conformity of their high-risk AI system, including access to relevant logs generated by the high-risk AI system;
- Cooperate with the competent authorities when requested in any actions being taken in relation to the high-risk AI system, especially if the actions aim to reduce or mitigate the risks posed by the high-risk AI system;
- Comply with the registration requirements per Article 49, or if the registration is carried out by the provider itself, ensure their name, address and contact details are correct for registration purposes.
The authorized representative must terminate the mandate if they have reasons to believe that the provider is acting against the provisions of the AI Act and may be in violation of their obligations. Additionally, they must inform the relevant market surveillance authority and the relevant notified body about the termination of the mandate and the reasons behind the termination.
