A Notified Body is an independent, third-party organization designated and supervised by a national authority within an EU Member State to conduct the conformity assessment for specific categories of high-risk AI systems as required under the EU AI Act.

Acting as an external auditor and validator, a Notified Body provides an objective, authoritative check on a provider's internal compliance claims. Their involvement is mandated for AI systems deemed to pose the highest potential risks, such as those used for remote biometric identification or in critical infrastructure. To ensure impartiality and competence, these bodies undergo a rigorous designation process by a national "notifying authority" and must be accredited to relevant standards (e.g., ISO/IEC 17065). They serve as a key enforcement mechanism of the Act, bridging the gap between legislation and technical reality.

The core responsibilities of a Notified Body include:

Conformity Assessment Execution: Performing the detailed review and evaluation procedures outlined in Annex VII of the EU AI Act, which goes beyond internal checks to include examinations of the AI system's design and quality management system.

Technical Documentation Review: Scrutinizing the provider's comprehensive technical file to verify that all mandatory requirements, from data governance and transparency to accuracy and cybersecurity, are adequately addressed and evidenced.

Quality Management System Audit: Assessing the provider's established processes for design, development, testing, and post-market monitoring to ensure they are capable of guaranteeing ongoing compliance.

Certification Issuance: Granting an EU technical certificate or approval upon successful completion of the assessment, which is a prerequisite for the provider to issue its own Declaration of Conformity and affix the CE marking.

Regulatory Context: The rules for Notified Bodies are detailed in Chapter IV (Articles 30-34) of the EU AI Act. Each Member State designates and notifies these bodies to the European Commission, which maintains a public database (NANDO) listing all designated bodies for the AI Act and other product legislation.

Gatekeeper Role: The Notified Body system is central to the EU's risk-based regulatory approach. By providing independent verification for the highest-risk applications, it aims to prevent "marker's mark" scenarios and build public and regulatory trust in certified AI systems. Providers must factor in the time and cost of engaging with a Notified Body early in their development lifecycle for in-scope products.