European AI Safety Alliance
Book a Consultation
European AI Safety Alliance
Book a Consultation

Market Surveillance Authority

  • Home
  • Market Surveillance Authority

A Market Surveillance Authority (MSA) is a national body designated by each EU Member State to enforce the EU AI Act, monitor AI systems on the market, and ensure providers and users comply with legal obligations. These authorities are empowered to conduct investigations, request documentation, order corrective actions, and, where necessary, withdraw or prohibit non-compliant AI systems. MSAs are vital to ensuring the accountability, safety, and lawful use of AI across the EU.

Market Surveillance Authority

1. Background and Establishment

As the EU AI Act introduces a sweeping regulatory framework for artificial intelligence, effective enforcement mechanisms are crucial. Enter the Market Surveillance Authorities—national bodies appointed by each Member State under Regulation (EU) 2019/1020 and explicitly tasked under the AI Act to supervise, investigate, and intervene in the AI ecosystem.

These authorities ensure that AI providers, users, and importers respect their legal obligations, particularly concerning high-risk systems, prohibited practices, and post-market monitoring requirements.

2. Purpose and Role in the EU Compliance Architecture

Market Surveillance Authorities are responsible for:

  • Monitoring AI systems already in use or placed on the EU market
  • Verifying the conformity of high-risk AI systems with the AI Act
  • Investigating incidents, complaints, or suspected non-compliance
  • Enforcing corrective actions, including recalls, restrictions, or bans
  • Collaborating with other national and EU bodies for coordinated enforcement

In essence, MSAs are the frontline enforcement mechanism of the EU AI Act.

3. Legal Basis and Powers Under the EU AI Act

Market Surveillance Authorities operate under the following legal provisions:

Article 63 – Establishes the MSA’s authority to take appropriate enforcement action

Article 64 – Grants MSAs powers to:

  • Request documentation (e.g. technical files, risk assessments)
  • Conduct on-site inspections
  • Require test results and algorithmic audits
  • Impose penalties or initiate legal proceedings

Article 65 – Empowers MSAs to order the withdrawal or restriction of AI systems from the market in cases of non-compliance or serious risk

MSAs must also coordinate with the European Commission and other national authorities via the European Artificial Intelligence Board (EAIB).

4. Link to the EU AI Safety Alliance

While MSAs enforce compliance, the EU AI Safety Alliance provides:

  • Pre-market guidance and system readiness assessments
  • Tools for generating Annex IV documentation
  • Compliance scorecards and audit simulations
  • Support for incident response and communication with MSAs

Working with the Alliance does not replace regulatory oversight but prepares organizations to meet MSA expectations proactively and thoroughly.

5. What Market Surveillance Authorities Can Demand

Providers and users of AI systems must be ready to supply:

  • Declarations of Conformity
  • Technical documentation (as per Annex IV)
  • Records of post-market monitoring activities
  • Evidence of risk mitigation and human oversight
  • Data governance protocols and system logs
  • Details of incident reporting and corrective actions taken

Failure to comply with an MSA’s request can result in financial penalties, system bans, or legal liability.

6. Coordinated Enforcement and Cross-Border Oversight

In the event of cross-border AI deployment, MSAs work in cooperation through:

  • The European Artificial Intelligence Board (EAIB)
  • The Internal Market Information System (IMI)
  • Joint actions under the EU’s Market Surveillance Regulation

This ensures that enforcement is uniform, consistent, and not fragmented across Member States—especially critical for AI systems operating in multiple EU jurisdictions.

7. How to Prepare for MSA Audits and Inquiries

To ensure MSA compliance readiness:

  1. Maintain complete and up-to-date technical documentation
  2. Retain all conformity declarations, audit records, and post-market data for 10 years
  3. Implement incident response workflows in line with Article 62
  4. Train your compliance and engineering teams to interface with regulatory authorities
  5. Use EU AI Safety Alliance readiness tools to simulate MSA interactions
  6. Document corrective actions taken in response to any known risks or failures
  7. Establish an internal compliance dashboard for real-time status reporting

Preparedness not only reduces enforcement risk—it signals governance maturity and operational integrity.

x

Let’s Shape a Safe and Ethical AI Future Together!

Partner with ComplianceEU.org Let’s ensure your AI is compliant, responsible, and future-ready. Your success starts here!

Contact Us Today to build trust and unlock opportunities.