EU AI Act and Public Procurement: What Contracting Authorities Must Now Require
Public contracting authorities that deploy high-risk AI systems are now deployers under Article 26 of the EU AI Act, with legal obligations that must flow through procurement contracts. This guide explains the mandatory clauses, CE marking verification steps, and the five-step process every public buyer needs before awarding an AI contract.
Public procurement of AI systems has entered a new legal era. When a contracting authority purchases or deploys an AI system classified as high-risk under Annex III of Regulation (EU) 2024/1689, it is not merely a buyer — it is a deployer with direct statutory obligations under Article 26. Those obligations cannot be fully delegated to the vendor. They require contractual architecture, technical verification, and internal governance that most public procurement frameworks have not yet incorporated.
Why Contracting Authorities Are Now Deployers
Article 3(4) defines a deployer as "any natural or legal person, including a public authority or agency, that uses an AI system under its authority." There is no public-sector exemption. A municipality using AI-based benefit eligibility screening, a police service running a facial recognition system, or an employment agency deploying an automated CV ranker — each is a deployer under the Act, regardless of whether the AI system was built in-house, commissioned, or procured off-the-shelf.
The high-risk categories most relevant to public buyers are listed in Annex III, points 1–8:
- Biometric identification and categorisation (point 1)
- Critical infrastructure management (point 2)
- Education and vocational training (point 3)
- Employment, workers management and access to self-employment (point 4)
- Access to and enjoyment of essential private and public services and benefits, including social welfare, benefits assessment, and creditworthiness (point 5)
- Law enforcement (point 6)
- Migration, asylum and border control (point 7)
- Administration of justice and democratic processes (point 8)
Points 5 through 8 cover the core of public sector activity. Any AI system used in these domains by a contracting authority is presumptively high-risk and triggers the full deployer obligation stack.
Deployer Obligations Under Article 26: What the Public Buyer Must Do
Article 26 does not merely instruct deployers to "comply" in the abstract. It specifies operational requirements:
Article 26(1): Deployers must take appropriate technical and organisational measures to use AI systems in accordance with the instructions for use provided by the provider.
Article 26(2): Deployers must assign human oversight to persons who have the necessary competence, training, and authority.
Article 26(3): Deployers must perform a Fundamental Rights Impact Assessment (FRIA) before putting into service any high-risk AI system that affects natural persons (Article 27 specifies this requirement for public bodies and private bodies providing public services).
Article 26(5): Deployers must monitor operation and report serious incidents and malfunctioning to the provider and, where required, to the national competent authority under Article 73.
Article 26(6): Deployers must keep logs automatically generated by the system for a minimum of six months (unless Union or national law requires longer retention).
Article 26(10): Where the deployer is a public authority using a system in an area involving natural persons' rights, additional transparency obligations apply, including informing affected individuals that they are subject to an AI system decision.
Mandatory Contractual Clauses to Require from Suppliers
The AI Act does not prescribe contract language verbatim, but the deployer's statutory obligations make certain contractual protections legally necessary. Contracting authorities should require the following clauses as a minimum in every AI procurement contract covering a high-risk system:
| Clause | What it must require |
|---|---|
| Conformity documentation | Supplier to provide EU declaration of conformity (Art. 47) and full Annex IV technical documentation prior to delivery |
| CE marking verification | Supplier to confirm and evidence valid CE marking and, where applicable, the notified body certificate number |
| Instructions for use | Supplier to provide complete instructions as required by Art. 13, including system capabilities, limitations, performance metrics, and human oversight requirements |
| Incident notification | Supplier to notify the contracting authority of any serious incidents or malfunctioning within 24 hours of becoming aware |
| Audit and access rights | Contracting authority to retain the right to inspect AI system logs, audit trails, and documentation at any time |
| Update and change management | Any modification that changes the risk classification or affects conformity requires prior written consent and re-documentation |
| Post-market monitoring support | Supplier to cooperate with the contracting authority's monitoring obligations under Art. 26(5) and provide data necessary for FRIA reviews |
| Sub-processor transparency | Supplier to disclose all sub-processors or embedded third-party AI components and their conformity status |
| Liability allocation | Clear allocation of who bears responsibility for harms caused by the AI system, with reference to applicable national and EU liability frameworks |
These clauses are not optional enhancements — they are the contractual expression of obligations the contracting authority already has by law. Failing to include them shifts enforcement risk entirely onto the public body.
Verifying CE Marking and the Declaration of Conformity
The CE marking is the visible compliance signal, but it is not self-certifying for high-risk systems. Contracting authorities must verify:
- Is the CE marking legitimate? For high-risk systems under Annex I (harmonised legislation), conformity assessment must be performed by a notified body. For systems relying solely on Annex III classification, providers may self-certify if they comply with harmonised standards — but not all do. Ask for the notified body's identification number if third-party certification was required.
- Is the EU declaration of conformity complete? Article 47 specifies mandatory content: provider name and address, system description, conformity assessment procedure followed, harmonised standards applied, authorised representative (if applicable), and a dated signature.
- Is the technical documentation current? High-risk AI systems that undergo substantial modification must have documentation updated before the modified version is deployed. Verify version numbers match those in the declaration.
- Is the system registered in the EU database? Article 71 requires providers of high-risk systems listed in Annex III (with some exceptions) to register in the EU database before market placement. Contracting authorities should check the database as part of due diligence.
Interaction with EU Public Procurement Directives
Directive 2014/24/EU (public sector procurement) and Directive 2014/25/EU (utilities procurement) do not explicitly address AI Act compliance, but the legal framework is coherent:
- Technical specifications (Art. 42 of Dir. 2014/24): Contracting authorities may already require compliance with technical regulations and standards. AI Act compliance is a legal requirement — it can and should appear in technical specifications, not just as a selection criterion.
- Award criteria (Art. 67): Quality criteria can reward higher levels of transparency, auditability, and human oversight beyond the minimum required by the AI Act.
- Contract performance conditions (Art. 70): Ongoing AI Act compliance, incident reporting, and documentation maintenance can be specified as contract performance conditions, breach of which triggers contractual remedies.
- Exclusion grounds (Art. 57): A supplier that has received a final decision for AI Act violations may trigger discretionary exclusion on grounds of professional misconduct.
Five-Step Process for Public Buyers
Step 1 — Classify Before You Procure
Determine whether the AI system you intend to purchase falls within Annex III high-risk categories before issuing a call for tenders. Engaging DILAIG or a qualified compliance advisor at the specification stage is significantly cheaper than remediation after contract award.
Step 2 — Embed Compliance Requirements in Technical Specifications
Include AI Act conformity (CE marking, declaration of conformity, registration in the EU database) as a mandatory requirement — not a selection criterion that can be traded off against price.
Step 3 — Conduct a Pre-Award Verification
Before signing the contract, verify the CE marking, review the declaration of conformity, and request a summary of the conformity assessment procedure. For systems involving biometrics or law enforcement, request the notified body certificate.
Step 4 — Conduct the FRIA Before Deployment
Article 27 requires public deployers to complete a Fundamental Rights Impact Assessment. This cannot be delegated to the supplier. It must be conducted by the deployer and registered in the EU database where required. Allocate time and budget for this step before the go-live date.
Step 5 — Build Ongoing Oversight Into Operations
Designate the internal persons responsible for human oversight (Art. 26(2)), establish log retention procedures (Art. 26(6)), and create an incident notification workflow before deployment. Post-contract compliance is an operational responsibility, not a one-time checkbox.
Priority Sectors for Public Buyers
Based on Annex III categories and typical public service delivery, the following domains require immediate attention from contracting authorities:
- Justice and administration (point 8): Predictive sentencing tools, risk assessment in criminal proceedings, case management AI
- Law enforcement (point 6): Real-time remote biometric identification (subject to strict conditions under Art. 5), predictive policing, crime analytics
- Immigration and border control (point 7): Automated visa assessment, risk profiling at borders, asylum case prioritisation
- Social welfare and benefits (point 5): Automated eligibility determination, fraud detection in social benefit systems, credit-scoring in public housing
- Employment services (point 4): AI-based job matching in public employment services, automated CV screening in civil service recruitment
DILAIG helps contracting authorities integrate AI Act compliance into their procurement frameworks — from technical specifications and contract clause libraries to FRIA templates and post-market monitoring protocols. Get in touch to adapt your procurement process before your next AI tender.