Article 28 of the AI Act provides critical information on notifying authorities, specifically how each member state must establish at least one notifying authority responsible for setting up and carrying out necessary procedures related to the assessment, designation, and notification of conformity assessment bodies and their monitoring.
The aforementioned procedures must be developed in cooperation between notifying authorities of EU member states. Similarly, the member states may decide that the foregoing assessment and monitoring shall be carried out by a national accreditation body in accordance with the provisions of Regulation (EC) No 765/2008, which sets out the requirements for accreditation and market surveillance relating to the marketing of products.
Notifying authorities shall be established, organized, and operated so that no conflict of interest arises with conformity assessment bodies and that the objectivity and impartiality of their actions are safeguarded. Additionally, the notifying authority must refrain from offering or providing any activities that conformity assessment bodies perform or any consultancy services on a commercial or competitive basis.
Competent personnel must be responsible for notifying conformity assessment bodies, and they should be different from the personnel responsible for assessing such bodies. Similarly, the notifying authorities shall have an adequate number of competent personnel available to perform their tasks. Competent personnel shall have the necessary expertise, where applicable, for their function in fields such as information technologies, AI and law, including the supervision of fundamental rights.
All information and data gathered by notifying bodies shall be subject to confidentiality requirements in accordance with Article 78 of the AI Act.
