Trusq

factual analysis · traceable to primary sources

Topics Opportunities Take the check Work with us LinkedIn NLยทEN
Guide

The authorised representative for non-EU providers (Article 22)

Adopted 2026-06-22 ยท ≈ 2 min read ยท Dirk Baaijen

A provider established outside the EU must appoint a written authorised representative in the Union before placing a high-risk AI system on the market. Article 22 makes that person the European point of contact for authorities, with its own duties and power to end the mandate.

Short answer: A provider established outside the EU must, before making a high-risk AI system available on the Union market, appoint in writing an authorised representative established in the Union. Article 22 makes that representative the legal point of contact for the market surveillance authorities, with its own mandate, documentation duty and the power to terminate the mandate where the provider fails to comply.

Why an authorised representative?

Authorities need a reachable party inside the EU, even where the provider is far away. The authorised representative bridges that gap: it formally represents the provider and is contactable for requests for information and evidence. For the importer and distributor, the presence of an authorised representative is one of the points they verify before import or supply.

The written mandate

The appointment is made by a written mandate. That mandate must at least empower the representative to:

  • keep the EU declaration of conformity and the technical documentation available to the authorities;
  • provide that documentation and all information needed to demonstrate conformity;
  • cooperate with any measure an authority takes regarding the high-risk system;
  • comply with the registration obligations where applicable.

The representative keeps a copy of the mandate available for the authorities.

The representative's own duties

The representative verifies that the provider has carried out the conformity assessment and drawn up the technical documentation. It retains the provider's contact details and keeps โ€” for ten years โ€” the declaration of conformity, documentation and any certificates available. On a reasoned request it supplies these to the authority in an understandable language.

Power to stop where there is non-compliance

If the representative has reason to believe the provider is acting contrary to the regulation, it terminates the mandate. It immediately informs the market surveillance authority and, where relevant, the notified body, stating its reasons. The representative is thus not a mere conduit but a genuine gatekeeper.

What to do

  • Non-EU provider: appoint a representative before market entry and set out the mandate in writing.
  • Representative: verify conformity and set up ten-year retention before accepting a mandate.
  • Describe the stop procedure: who terminates the mandate, and who is informed?
  • Put it in a contract between provider and representative โ€” see AI in contracts.
  • Tie it to governance: include the role in your AI governance framework.

The authorised representative is the European face of a far-away provider โ€” and may withdraw that face as soon as the provider stops following the rules.

Sources

  1. https://artificialintelligenceact.eu/article/22/
    AI Act Article 22: authorised representatives of providers of high-risk AI systems.
  2. https://eur-lex.europa.eu/eli/reg/2024/1689/oj
    Regulation (EU) 2024/1689 (AI Act), Article 22 on the authorised representative in the Union.

Share on LinkedIn

Read next

U

Right to explanation of an AI decision: what Article 86 of the AI Act gives you

If you are affected by a decision based (in part) on a high-risk AI system, Article 86 of the AI Act gives you the right to a clear explanation of the AI system's role and the main elements of the decision โ€” from the deployer, on top of your GDPR rights.

A

DPIA for HR AI: when is it mandatory and how do you combine it with the FRIA?

A DPIA (Art. 35 GDPR) is mandatory for large-scale, systematic monitoring and for high-risk AI in HR. This article explains what it must contain and how to combine the DPIA with the FRIA (fundamental rights assessment, Art. 27 AI Act) into one process. With a practical step plan.

A

AI for strategic workforce planning: usually not high-risk, as long as it does not become individual

AI for strategic workforce planning and skills forecasting at organisation level is usually not high-risk under the AI Act. But once it steers individual decisions, it can tip over. Data quality, governance and transparency remain crucial.

Dirk Baaijen

About this knowledge base

Compiled and maintained by YRproject โ€” programme and project direction at the intersection of digital transformation, AI and regulation. Every factual claim is traceable to its primary source. YRproject is led by Dirk Baaijen About & method โ†’

A project or programme? Work with YRproject โ†’

The monthly briefing

AI regulation in five minutes: what changed, what is coming and what it means. No spam, unsubscribe anytime.

Your address is used for this only and stored on our own servers.