By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.

Article 21

Cooperation with Competent Authorities

Updated on April 10th 2024 based on the version and article numbering approved by the EU Parliament on March 13th 2024.

1. Providers of high-risk AI systems shall, upon a reasoned request by a competent authority, provide that authority all the information and documentation necessary to demonstrate the conformity of the high-risk AI system with the requirements set out in Section 2, in a language which can be easily understood by the authority in one of the official languages of the institutions of the Union as indicated by the Member State concerned.

2. Upon a reasoned request by a national competent authority, providers shall also give the requesting national competent authority, as applicable, access to the automatically generated logs of the high-risk AI system referred to in Article 12(1), to the extent such logs are under their control.

3. Any information obtained by a national competent authority pursuant to this Article shall be treated in compliance with the confidentiality obligations set out in Article 78.

[Previous version]

Updated on Feb 6th 2024 based on the version endorsed by the Coreper I on Feb 2nd

Corrective Actions and Duty of Information

Providers of high-risk AI systems which consider or have reason to consider that a high- risk AI system which they have placed on the market or put into service is not in conformity with this Regulation shall immediately take the necessary corrective actions to bring that system into conformity, to withdraw it, to disable it, or to recall it, as appropriate. They shall inform the distributors of the high-risk AI system in question and, where applicable, the deployers, the authorised representative and importers accordingly.

Where the high-risk AI system presents a risk within the meaning of Article 65(1) and the provider becomes aware of that risk, they shall immediately investigate the causes, in collaboration with the reporting deployer, where applicable, and inform the market surveillance authorities of the Member States in which they made the high-risk AI system available and, where applicable, the notified body that issued a certificate for the high-risk AI system in accordance with Article 44, in particular, of the nature of the non-compliance and of any relevant corrective action taken.

Report error

Report error

Please keep in mind that this form is only for feedback and suggestions for improvement.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.