Quick answer

Article 43 requires providers of high-risk AI systems to undergo a conformity assessment before placing their product on the market. This is the vendor's responsibility, not the deployer's. As a business user, you should check whether your AI vendor has completed their conformity assessment.

Updated June 2026 · MmowW AI Compliance

Article 43: Does Your AI System Need Official Approval?

What Is a Conformity Assessment?

A conformity assessment is a process that verifies an AI system meets all the requirements of the EU AI Act before it can be sold or used in the EU. Think of it as a quality check — like how electrical products need a CE marking before they can be sold in Europe. For AI, the assessment confirms that the system meets standards for safety, transparency, accuracy, and other requirements.

This obligation falls on AI providers (the companies that build and sell AI systems), not on deployers (businesses that use them). However, as a deployer, you should make sure your vendor has completed this process.

How It Works

For most high-risk AI systems, the provider can conduct an internal conformity assessment — they evaluate their own system against the requirements and declare it compliant. However, for certain high-risk uses like biometric identification and critical infrastructure, a third-party assessment by a notified body is required.

The provider must document the assessment, issue an EU declaration of conformity, and affix a CE marking to the product. They must keep this documentation for at least 10 years and make it available to authorities on request.

What This Means for Your Business

As a business buying or subscribing to AI tools, your job is to ask the right questions. Before purchasing a high-risk AI system, ask the vendor: have you completed a conformity assessment? Can you provide the EU declaration of conformity? Is your system registered in the EU AI database?

If a vendor can't answer these questions or doesn't know what you're talking about, that's a significant red flag. Using a non-conforming high-risk AI system in your business could expose you to regulatory risk.

After the Assessment

Conformity assessment isn't a one-and-done process. If the AI system is substantially modified, a new assessment may be needed. As a user, stay in touch with your vendor about updates to the system. If they make significant changes to how the AI works, ask whether a new conformity assessment was conducted. This ongoing vigilance is part of your responsibility as a deployer.

Check your AI compliance readiness — free.

Take the Readiness Check 3 minutes · 10 questions · no signup required

This article is for informational purposes only and does not constitute legal advice. Regulatory requirements change frequently — verify current rules with official sources. Built by Sawai Gyoseishoshi Office, Hiroshima, Japan.