EU AI Act glossary

Notified Body

A notified body is an independent conformity assessment organisation designated by an EU member state to evaluate whether high-risk AI systems meet the requirements of the EU AI Act.

Last updated 17 June 2026

Definition

A notified body is a third-party conformity assessment body that has been officially designated by a national authority (a member state) and notified to the European Commission to carry out legally binding conformity assessments under EU legislation.

Under the EU AI Act (Article 33), notified bodies assess certain high-risk AI systems where third-party verification is mandatory — primarily systems used as safety components in products already subject to Union harmonisation legislation (e.g., medical devices, machinery).

When is a notified body required?

Most high-risk AI systems under Annex III — including the HR-tech and recruitment category — do not require a notified body. Providers may carry out internal conformity assessment per Annex VI.

Third-party notified body assessment is required for:

  • AI systems that are safety components of products regulated under specific Union harmonisation legislation (e.g., Machinery Regulation, Medical Devices Regulation)
  • AI systems for remote biometric identification in certain cases
  • Any case where the provider voluntarily chooses third-party assessment

What a notified body reviews

Where third-party assessment applies, the notified body examines:

  1. The complete Annex IV technical file
  2. The quality management system documentation
  3. Test reports and validation data
  4. Sample testing or auditing of the AI system itself (depending on the procedure chosen)

A notified body cannot issue a positive conformity assessment if the technical file is incomplete, evidence is missing, or claimed test results cannot be independently verified.

Practical implication for providers

Even when internal conformity assessment is permitted, the standard of evidence required is the same as if a notified body were reviewing the file. Enterprise buyers, particularly in regulated sectors (financial services, healthcare, defence), often conduct due diligence that is as rigorous as a notified body review.

The practical benchmark is: would a notified body accept this file? If the answer is no, the file is not ready for enterprise sales either.

→ Read Evidence-Based vs. Questionnaire Compliance to understand why assertion-based files fail this standard, or run the free Readiness Check.

Check your Annex IV coverage

Nine questions. Two minutes. See exactly which sections of your technical file are missing evidence.

Run the free readiness check