AI Act Conformity Assessment: Self-Assessment vs Notified Body — Which Route Applies?

• Conformity assessment is mandatory before any high-risk AI system can be placed on the EU market or put into service after 2 August 2026.
• Route 1 — self-assessment (Annex VI): Available for most Annex III high-risk systems. The provider verifies compliance internally, draws up the EU declaration of conformity, and affixes CE marking. No external auditor required.
• Route 2 — notified body (Annex VII): Mandatory for remote biometric identification systems (Annex III, point 1) and AI systems that are safety components of products already requiring third-party assessment under EU harmonisation legislation (Annex I, Section A).
• Self-assessment is faster (weeks) and cheaper (EUR 5,000–30,000 in internal costs), but carries credibility and liability risks.
• Notified body assessment takes 6–24 months and costs EUR 15,000–100,000+, but provides external validation and a certificate valid up to five years.
• Substantial modifications to a system after initial assessment trigger re-assessment under Article 43(4).
• Even when self-assessment is permitted, providers may voluntarily engage a notified body for higher-stakes systems.
• After assessment, ongoing obligations continue: quality management, post-market monitoring, incident reporting, and documentation updates.

What is conformity assessment and why does it gate market access?

Conformity assessment is the formal process by which a provider demonstrates that a high-risk AI system meets every requirement set out in Chapter III, Section 2 of the EU AI Act. Without a completed conformity assessment, a provider cannot lawfully issue an EU declaration of conformity, affix CE marking, or place the system on the EU market.

The requirements that must be verified span the full AI lifecycle:

• Risk management (Article 9)
• Data governance (Article 10)
• Technical documentation (Article 11, Annex IV)
• Automatic logging (Article 12)
• Transparency and instructions for use (Article 13)
• Human oversight (Article 14)
• Accuracy, robustness, and cybersecurity (Article 15)

After successful assessment, the provider draws up an EU declaration of conformity (Article 47), affixes CE marking (Article 48), and registers the system in the EU database (Article 49).

The consequence of skipping or failing conformity assessment is straightforward: the system cannot legally enter the EU market. Market surveillance authorities can order withdrawal or recall, and fines for non-compliance with high-risk obligations reach up to EUR 15 million or 3% of global annual turnover. See the penalties guide for the full breakdown.

Route 1: Self-assessment (internal conformity assessment, Annex VI)

Who can use it

The self-assessment route is available for most high-risk AI systems listed in Annex III. This is the default route for standalone high-risk systems that are not subject to existing EU product safety legislation requiring third-party assessment and are not remote biometric identification systems.

Real-world example — HR screening tool: A SaaS company providing an AI-powered candidate screening system (Annex III, point 4(a) — recruitment and selection) can use self-assessment. There is no requirement for a notified body, since the system is neither biometric identification nor a safety component of a regulated product.

Real-world example — credit scoring model: A fintech building a proprietary credit-scoring algorithm (Annex III, point 5(a) — creditworthiness assessment) qualifies for self-assessment. The provider documents compliance internally and issues the declaration of conformity.

The five-step self-assessment process (Annex VI)

Under Annex VI, the provider performs the following steps:

1. Verify the quality management system. Confirm that the QMS documented under Article 17 is compliant — covering regulatory strategy, design controls, testing procedures, data management, post-market monitoring, incident reporting, resource management, and accountability. The QMS must be operational before assessment begins; it is a prerequisite, not a deliverable.

2. Examine the technical documentation. Systematically review the Annex IV documentation against each requirement in Articles 8–15. For each article, identify the specific evidence in the documentation that demonstrates compliance. Where gaps exist, remediate before proceeding.

3. Verify design, development, and monitoring consistency. Confirm that the actual design and development process — not just the documentation — is consistent with the documented procedures. Similarly, verify that post-market monitoring processes described in the documentation are actually implemented and operational.

4. Draw up the EU declaration of conformity. Prepare the formal declaration under Article 47 (contents detailed below).

5. Affix CE marking. Apply CE marking under Article 48 (rules for software-only systems detailed below).

The provider performs all of these steps internally — no external auditor or certification body is involved. However, the assessment must be documented thoroughly. Market surveillance authorities can request and review documentation at any time, and the burden of proof that assessment was properly conducted rests entirely with the provider.

Advantages of self-assessment

• Faster. No scheduling, coordination, or wait time with an external body. A well-prepared provider can complete the assessment in 2–4 weeks.
• Lower direct cost. No third-party assessment fees. Internal costs typically range from EUR 5,000–30,000 depending on system complexity and team rates, covering the time of engineering, compliance, and legal staff.
• Full control. The provider manages the assessment timeline, which is critical when racing toward the 2 August 2026 deadline.

Risks of self-assessment

• No external validation. Errors, blind spots, or generous interpretations in the assessment are the provider's responsibility. There is no second pair of eyes.
• Full liability exposure. If a market surveillance authority later finds deficiencies, the provider cannot point to a notified body's approval. The entire compliance burden falls on the provider.
• Credibility gap. Enterprise customers, procurement bodies, public-sector buyers, and investors may treat a self-assessed system with less confidence than one certified by a notified body — particularly for high-stakes use cases.
• Assessment quality variance. Without experience in conformity assessment, providers risk conducting a superficial review that satisfies the form but not the substance of the requirements.

Route 2: Notified body assessment (Annex VII)

Who must use it

Third-party assessment by a notified body is mandatory in two situations:

1. Remote biometric identification systems (Annex III, point 1)

If your high-risk AI system performs remote biometric identification — meaning it identifies natural persons at a distance by comparing biometric data against a reference database — you must engage a notified body. This covers facial recognition systems used for identity verification in public spaces, law enforcement investigation (post-facto identification), and access control at scale.

Real-world example — identity verification service: A company providing facial recognition for airport border control (post-facto identification, not real-time) must use a notified body. Self-assessment is not permitted regardless of how mature the provider's internal compliance program is.

2. Safety components of products under Annex I, Section A

If your AI system is a safety component of a product regulated by existing EU harmonisation legislation — medical devices (MDR), machinery (Machinery Regulation), toys, motor vehicles, aviation, marine equipment — and that legislation already requires third-party conformity assessment, then the AI Act assessment follows the same route. The notified body already designated under that product legislation performs the AI Act assessment as part of the existing process.

Real-world example — AI-based medical device: A company developing an AI system that analyses radiology images to detect tumours is a medical device under the MDR. Since medical devices above Class I already require notified body assessment under the MDR, the AI Act conformity assessment must also go through a notified body.

The notified body assessment process (Annex VII)

Under Annex VII, the notified body:

1. Examines the quality management system. The notified body evaluates whether the provider's QMS under Article 17 is adequate and properly implemented. This typically involves document review, interviews with key personnel, and on-site or remote audits.

2. Examines the technical documentation. The notified body reviews the Annex IV documentation to verify that the system meets the requirements of Articles 8–15. This is a substantive review, not a checkbox exercise — the notified body may request additional evidence, test results, or clarifications.

3. Issues findings and, if applicable, non-conformity reports. If the notified body identifies gaps, it issues findings that the provider must remediate before certification. Multiple rounds of remediation are common.

4. Issues a certificate. If the assessment is successful, the notified body issues a certificate valid for a maximum of five years, subject to periodic surveillance audits (typically annual).

5. The provider draws up the EU declaration of conformity and affixes CE marking, referencing the notified body's certificate number and identification.

Finding a notified body

Member States designate notified bodies through their notifying authorities (Article 28). Notified bodies must be accredited, independent, and meet the technical competence requirements set out in Articles 31–39. The European Commission publishes designated notified bodies in the NANDO database.

As of April 2026, the designation process is still underway in most Member States. The number of accredited notified bodies specifically for the AI Act remains limited. This creates a capacity bottleneck: providers that require notified body assessment face a first-mover disadvantage if they wait.

Practical steps to find a notified body:

1. Check the NANDO database for bodies designated under the AI Act.
2. Contact national accreditation bodies (e.g., UKAS in the UK, DAkkS in Germany, COFRAC in France) for the latest designation status.
3. If your AI system is a safety component under existing legislation, contact your existing notified body — they may be extending their scope to cover the AI Act.
4. Engage early. Notified bodies have limited assessment slots, and demand will spike as August 2026 approaches.

Advantages of notified body assessment

• External validation increases credibility with regulators, enterprise customers, public procurement bodies, and investors.
• Gap identification — the notified body may catch compliance gaps the provider missed, reducing enforcement risk.
• Certificate as a commercial asset. A five-year certificate provides a concrete artefact for procurement processes, due diligence, and partnership negotiations.
• Reduced enforcement risk. Market surveillance authorities are less likely to challenge a system certified by a notified body than a self-assessed one.

Risks of notified body assessment

• Timeline. Expect 6–24 months depending on system complexity, provider readiness, and notified body workload. For providers targeting 2 August 2026, this may already be too late.
• Cost. Fees range from EUR 15,000 for straightforward assessments to EUR 100,000+ for complex systems. Annual surveillance fees add EUR 5,000–20,000.
• Capacity constraints. Limited notified body availability means longer queues. Early movers get slots; late movers face delays.
• Remediation cycles. Non-conformity findings require remediation and re-review, adding time and cost beyond initial estimates.

Annex VI vs Annex VII: side-by-side comparison

Decision flowchart: which route applies to your system?

Follow these steps in order:

1. Is your AI system classified as high-risk? If no, conformity assessment does not apply. See the classification guide.

2. Is the system a safety component of a product listed in Annex I, Section A that already requires third-party conformity assessment under existing EU harmonisation legislation? If yes → notified body required (Route 2).

3. Is the system used for remote biometric identification (Annex III, point 1)? If yes → notified body required (Route 2).

4. Does the system fall under any other Annex III high-risk area (points 2–8)? If yes → self-assessment permitted (Route 1).

5. Voluntary choice: Even if self-assessment is permitted, you may voluntarily engage a notified body. Consider this for systems with high commercial sensitivity, public-sector deployment, vulnerable populations as end users, or where B2B customers demand third-party certification.

Cost estimates: budgeting for conformity assessment

These ranges reflect a single system of moderate complexity. Organisations with multiple high-risk systems should budget per system, though economies of scale apply — the QMS and many procedural elements are reusable across systems.

Timeline planning

For self-assessment: Start documentation now if you have not already. A well-prepared team can reach CE marking within 3–6 months from starting documentation.

For notified body assessment: If you have not engaged a notified body by April 2026, meeting the 2 August 2026 deadline for new systems is likely infeasible. Prioritise systems already on the market that need retroactive assessment.

EU declaration of conformity: required contents (Article 47)

The EU declaration of conformity under Article 47 must contain:

1. Provider identification — name, registered address, and contact details.
2. AI system identification — system name, type designation, and any additional unambiguous reference (e.g., version number, model number, unique product identifier).
3. Statement of conformity — an explicit declaration that the AI system conforms with the requirements of Chapter III, Section 2 of the AI Act.
4. Harmonised standards or common specifications applied — if any were used to demonstrate conformity, list them with reference numbers and dates. If none were available or applied, state which requirements were addressed through alternative means.
5. Notified body details (if applicable) — name, identification number, and reference to the certificate issued.
6. Date of issue, signature, and identification of the signatory — the signatory must be a person authorised to bind the provider.

The declaration must be kept for 10 years after the AI system has been placed on the market or put into service. Market surveillance authorities can request it at any time.

CE marking rules for software-only AI systems

Under Article 48, CE marking must be affixed visibly, legibly, and indelibly to the high-risk AI system. For physical products, this typically means a label on the device or packaging.

For software-only AI systems — which includes most SaaS platforms, APIs, and cloud-based AI services — CE marking presents a practical challenge since there is no physical surface. The AI Act addresses this:

• CE marking must appear in the digital documentation accompanying the system.
• Where the system has a user interface, include the CE marking in the interface or accessible documentation (e.g., an "About" or "Compliance" section).
• CE marking must also appear on the packaging or accompanying documents — for software, this means the terms of service, product documentation, or licence agreement.
• If a notified body was involved, the CE marking must be followed by the notified body's identification number.

Real-world example — cloud-based hiring AI: A provider of an AI hiring tool delivered as a SaaS product includes the CE marking in the platform's compliance documentation page, the terms of service, and the footer of the system's admin dashboard. The EU declaration of conformity is linked from the same documentation.

What triggers re-assessment: substantial modifications (Article 43(4))

A completed conformity assessment is not permanent. Under Article 43(4), any substantial modification to the system triggers a new conformity assessment. A modification is substantial if it:

• Changes the intended purpose of the system in a way that was not anticipated in the original risk assessment.
• Affects the system's compliance with any of the requirements in Articles 8–15.
• Involves changes to the system's training data, architecture, or operational parameters that could alter its performance characteristics in ways relevant to compliance.

Examples of modifications that likely trigger re-assessment:

• Retraining the model on a materially different dataset.
• Changing the system's intended purpose (e.g., from candidate screening to employee performance evaluation).
• Modifying the output logic in a way that changes how the system influences decisions.
• Expanding the system to new demographic groups or geographies not covered by the original risk assessment.
• Upgrading from a traditional ML model to a large language model backbone.

Examples of modifications that likely do not trigger re-assessment:

• Bug fixes that do not alter the system's decision-making logic.
• Infrastructure changes (e.g., migrating from one cloud provider to another) that do not affect the model or its outputs.
• UI changes that do not alter the system's functionality or transparency measures.

When in doubt, document the modification, analyse it against Articles 8–15, and retain the analysis. If there is any reasonable argument that compliance could be affected, conduct the re-assessment.

After assessment: ongoing obligations

Conformity assessment is a prerequisite for market access, not the finish line. After assessment, providers must maintain:

• Quality management system (Article 17) — continuously operational, updated as processes evolve.
• Technical documentation (Article 11) — kept current with any system changes. See the Annex IV documentation guide.
• Post-market monitoring (Article 72) — active, proportionate monitoring throughout the system's lifetime. Data feeds back into the risk management system.
• Serious incident reporting (Article 73) — report incidents to market surveillance authorities within 15 days of becoming aware.
• Notified body certificate renewal — certificates expire after five years and require renewal assessment.
• EU database registration updates — keep registration information current when system details change.

Voluntary third-party assessment

Even when self-assessment is legally sufficient, some providers voluntarily engage a notified body or an independent auditor. Reasons include:

• Public-sector customers may require third-party certification as a procurement condition.
• High-stakes use cases affecting vulnerable populations (education, healthcare, social benefits) benefit from external validation.
• Investor due diligence — venture capital and private equity investors increasingly ask about AI governance maturity.
• Pre-emptive risk reduction — external review catches blind spots that internal teams miss through familiarity bias.

Voluntary assessment follows the same Annex VII process and produces the same certificate. The only difference is that the provider chose to pursue it rather than being required to.

Common mistakes in conformity assessment

Mistake 1: Treating assessment as a documentation exercise

Conformity assessment requires verifying that the system actually meets the requirements — not just that the documentation says it does. Providers who write polished Annex IV documents without testing whether the described risk mitigations actually work in practice fail the substance of assessment.

Mistake 2: Starting assessment before documentation is complete

The assessment reviews the documentation. If the Annex IV technical documentation is incomplete, assessment cannot meaningfully proceed. Complete documentation first, then assess.

Mistake 3: Ignoring the QMS requirement

Conformity assessment evaluates the quality management system alongside the technical documentation. Providers who focus exclusively on the system itself and neglect to establish a documented QMS under Article 17 fail the assessment at the first step.

Mistake 4: Assuming self-assessment means no documentation

Self-assessment does not mean informal or undocumented. The provider must document the assessment process, findings, and conclusions as thoroughly as a notified body would. Market surveillance authorities will request this documentation, and "we assessed it internally" without supporting records is not defensible.

Mistake 5: Forgetting re-assessment triggers

Providers who complete initial assessment and then make substantial modifications without conducting re-assessment fall out of compliance. Build modification tracking into your change management process.

Can I start the conformity assessment before August 2026 for a system already on the market?

Yes. Providers of high-risk AI systems already on the market should aim to complete conformity assessment before 2 August 2026. The regulation does not require you to withdraw the system while assessment is in progress, but the system must be compliant by the deadline. Starting early gives you time to remediate any gaps found during assessment.

What if no notified body has been designated for my type of AI system yet?

This is a real constraint in early 2026. If your system requires notified body assessment and no suitable body is available, you cannot complete the assessment. Contact your national competent authority to understand the designation timeline. In the meantime, complete all other preparation steps — documentation, QMS, risk management — so that you are ready the moment a notified body is available. The Article 99 transition provisions may provide some flexibility, but do not rely on this as a strategy.

Does voluntary notified body assessment give me legal protection?

A notified body certificate does not transfer liability from the provider. Even with a certificate, the provider remains legally responsible for the system's compliance. However, a certificate demonstrates due diligence, which may mitigate enforcement consequences if a gap is later found.

How do harmonised standards affect conformity assessment?

Once published, harmonised standards provide a presumption of conformity — if you meet the standard, you are presumed to meet the corresponding AI Act requirement. As of April 2026, CEN/CENELEC has not yet published all harmonised standards for the AI Act. Providers should not wait for these standards to begin assessment. Use the requirements in Articles 8–15 directly, and update your assessment to reference harmonised standards once they become available.

Can I combine the AI Act conformity assessment with existing certifications (ISO 42001, ISO 27001)?

Yes, partially. ISO 42001 (AI management system) and ISO 27001 (information security) address some overlapping areas. Evidence from these certifications can support your AI Act assessment — for example, ISO 42001's risk management framework may satisfy some Article 9 requirements. However, neither ISO standard fully covers all AI Act requirements. Use them as building blocks, not substitutes.

What happens if my system fails the notified body assessment?

The notified body issues non-conformity findings specifying which requirements are not met. You have the opportunity to remediate — fix the gaps, update documentation, and resubmit. There is no limit on remediation attempts, but each round adds time and cost. If you cannot achieve conformity, the system cannot be placed on the EU market. This makes early preparation and gap analysis critical — do not use the formal assessment as your first compliance check.

Run the free AI Act assessment to determine your classification and conformity assessment pathway.

For article-by-article guidance, see the complete AI Act guide.

Legalithm is an AI-assisted compliance workflow tool — not legal advice. Final compliance decisions should be reviewed by qualified legal counsel.