Chapter VII — GovernanceArticle 70

Article 70: Designation of National Competent Authorities

Applies from 2 Aug 20266 min readEUR-Lex verified Apr 2026

Article 70 of Regulation (EU) 2024/1689 requires each Member State to designate one or more national competent authorities for the purpose of applying and enforcing the AI Act. Member States must ensure these authorities have adequate technical expertise and sufficient financial and human resources to fulfil their tasks effectively. Each Member State must also identify one authority as the single point of contact and communicate this designation to the Commission, other Member States, and the AI Board. The single point of contact coordinates the Member State's position on the Board.

Start free assessment All articles

Who does this apply to?

-Member States responsible for designating and resourcing national competent authorities
-National single points of contact coordinating AI Act enforcement and representing their Member State on the AI Board
-The Commission, which receives Member State notifications of designated authorities

Scenarios

A Member State designates its existing national data protection authority as the lead AI Act authority and a separate technical standards body as a supporting competent authority. It notifies the Commission that the data protection authority will serve as the single point of contact.

The Commission publishes the notification. The single point of contact represents the Member State on the AI Board and coordinates between the two national authorities on AI Act enforcement.

Ref. Art. 70

A Member State's designated competent authority struggles to evaluate a complex high-risk AI system due to limited in-house machine-learning expertise. The authority recognises its resource gap.

The Member State increases the authority's technical staff and budget, and supplements capacity by invoking Article 68 to access the Union-level pool of experts while building long-term internal capability.

Ref. Art. 70

What Article 70 does (in plain terms)

Article 70 is the foundation of national-level AI Act enforcement. Without designated, resourced authorities, the Regulation cannot be applied on the ground.

Key requirements:

1. Designation: each Member State must designate at least one national competent authority responsible for the AI Act. Member States may designate multiple authorities if they split responsibilities (e.g., one for market surveillance, another for sandboxes). 2. Adequate resources: designated authorities must have sufficient technical expertise, financial resources, and human resources to carry out their tasks. This is not aspirational — it is an obligation on the Member State. 3. Single point of contact: each Member State must identify one authority to serve as the single point of contact for the Commission, other Member States, and the AI Board. 4. Notification: Member States must communicate their designations to the Commission, other Member States, and the AI Board. The Commission publishes a list. 5. AI Board representation: the single point of contact represents the Member State's views on the AI Board and coordinates the national position.

See the full text on EUR-Lex Article 70.

How Article 70 connects to the rest of the Act

Article 64 — AI Board tasks: the single points of contact designated under Article 70 are the Member State voices on the Board.
Article 65 — AI Board establishment: the Board is composed of one representative per Member State — typically the single point of contact from Article 70.
Article 74 — Market surveillance: national competent authorities carry out market surveillance activities for AI systems under their jurisdiction.
Article 68 — Access to the pool of experts: national authorities can supplement their capacity by requesting expert support.
Article 88 — Coordination with other Union authorities: competent authorities may need to cooperate with data protection, consumer, and sector-specific regulators.
Article 113 — Application dates: designation obligations follow the staged timeline.

Practical implications for providers, deployers, and national authorities

For providers and deployers:

Know your authority: identify which national competent authority is responsible for AI Act enforcement in every Member State where you place AI systems on the market or put them into service. The single point of contact is your first reference.
Expect variation in structure: some Member States may centralise AI Act enforcement in one authority; others may split it. Track the Commission's published list of designations.
Engage proactively: early engagement with your national authority (e.g., pre-market consultations, sandbox applications under Article 57) can reduce compliance friction.

For Member States:

Resource adequacy is mandatory: Article 70 does not merely encourage adequate resourcing — it obliges Member States to provide the technical expertise, staff, and budget necessary for effective enforcement.
Avoid institutional fragmentation: while multiple authorities can be designated, the single point of contact must coordinate effectively to prevent gaps and overlaps.
Build AI literacy: invest in training programmes for authority staff, and use Article 68 to bridge expertise gaps in the short term.

Compliance checklist

Providers and deployers: identify the national competent authority and single point of contact in every Member State where you operate.
Monitor the Commission's published list of designated authorities for updates and changes.
National authorities: ensure sufficient technical expertise, financial resources, and human resources to meet Article 70 obligations.
Designate one authority as the single point of contact and communicate this to the Commission, other Member States, and the AI Board.
Establish coordination procedures between multiple designated authorities (if applicable) to prevent enforcement gaps.
Build internal AI literacy and supplement with Article 68 expert access as needed.
Align designation and resourcing timelines with the staged application dates in Article 113.

Read the official text on EUR-Lex

Map your compliance obligations across EU Member States — start the free assessment.

Start Free Assessment

Article 64: European Artificial Intelligence Board

Article 74: Market Surveillance and Control of AI Systems in the Union Market

Article 88: National Competent Authorities

Article 113: Entry into Force and Application Dates

Frequently asked questions

Can a Member State designate its existing data protection authority as the AI Act competent authority?

Yes. Article 70 does not prescribe which national body must be designated. Many Member States may assign AI Act responsibilities to existing regulators (data protection authorities, market surveillance bodies, or sector-specific agencies) depending on their national institutional structure.

What happens if a Member State fails to designate a competent authority?

Article 70 creates a legal obligation to designate. Failure to do so would mean the Member State is not fulfilling its obligations under the Regulation. The Commission may raise this in infringement proceedings, and affected parties may lack a clear enforcement counterpart.

Is the single point of contact the same as the market surveillance authority?

Not necessarily. The single point of contact is the authority that represents the Member State on the AI Board and coordinates nationally. The market surveillance authority (Article 74) may be a different body. In some Member States, both roles may be combined in one institution.

On this page

Key terms

National competent authority: An authority designated by a Member State under Article 70 to carry out the tasks assigned to it under the AI Act, including enforcement, market surveillance, and regulatory oversight of AI systems.
Single point of contact: One designated national authority per Member State that coordinates the Member State's AI Act enforcement, represents it on the AI Board, and serves as the primary liaison with the Commission and other Member States.
Market surveillance: The activities carried out and measures taken by national competent authorities to check that AI systems placed on the market or put into service comply with the requirements of the AI Act (see Article 74 and Regulation (EU) 2019/1020).

At a glance

Article: 70
Status: Upcoming
Timeline: 2 Aug 2026
Updated: 11 Apr 2026

Recommended next step

Run the short assessment to map risk class and obligations to your specific AI use case in minutes.

Start assessment now