CE marking and notified bodies for high-risk AI
Adopted 2026-06-22 · ≈ 2 min read · 
edited by Dirk Baaijen
High-risk AI receives a CE marking after a successful conformity assessment. Sometimes the provider assesses itself; sometimes an independent notified body must be involved. This guide explains when each route applies and what the CE marking means.
Short answer: The CE marking on a high-risk AI system is the visible sign that the provider has completed the conformity assessment and declares that the system meets the AI Act. For most high-risk AI the provider may assess this itself; in certain cases an independent notified body must carry out or verify the assessment. Only then may the system enter the EU market.
What the CE marking means
CE stands for Conformité Européenne. It is not a quality label but a declaration that the product meets the applicable EU legislation and may circulate freely in the internal market. For AI the marking follows a successful conformity assessment and the drawing-up of an EU declaration of conformity. The provider affixes the marking visibly, legibly and indelibly — for digital systems this may also be digital.
Two routes: self-assessment or notified body
The AI Act has broadly two paths:
- Internal control (self-assessment). For the majority of high-risk systems (the Annex III use cases) the provider assesses itself, based on its quality and risk management system and technical documentation.
- Involvement of a notified body. For certain cases — including some biometric systems, and AI that is a safety component under existing product legislation — an independent third party must perform or verify the assessment.
Which route applies depends on the type of system; see the conformity assessment for the decision.
What a notified body is
A notified body is an independent organisation that a Member State has designated and notified to the Commission to carry out conformity assessments under the AI Act. It assesses whether the quality system and technical documentation are adequate, and may issue a certificate. The provider remains ultimately responsible; the body gives an independent opinion, not a guarantee.
What to do
- Determine your route early: do you fall under self-assessment, or is a notified body required?
- Build the technical documentation and quality system around the high-risk requirements (oversight, logging, accuracy, instructions for use).
- Draw up the EU declaration of conformity and keep it; only then affix the CE marking.
- Register the system in the EU database where required.
- Plan ahead for the availability of notified bodies and the timeline of obligations; embed this in your AI governance framework.
CE marking closes the chain from the overview of high-risk obligations: no successful assessment, no marking; no marking, no market access.
Sources
- https://eur-lex.europa.eu/eli/reg/2024/1689/oj
Regulation (EU) 2024/1689 (AI Act), Article 48 (CE marking) and Chapter III, Section 4 (notified bodies). - https://artificialintelligenceact.eu/article/48/
Consolidated text and commentary on Article 48 (CE marking).
Read next
Conformity assessment and CE marking for high-risk AI: how does it work?
Before placing a high-risk AI system on the market you run a conformity assessment (Art. 43), draw up technical documentation, issue an EU declaration, affix the CE marking and register in the EU database.
AI as a medical device: the dual conformity (MDR + AI Act)
If your AI is a medical device, it must meet both the MDR (clinical evaluation, CE) and the AI Act (high-risk requirements). The regulations are meant to run together through a single conformity assessment and one notified body — not two separate tracks.
The EU declaration of conformity under the AI Act (Article 47)
The EU declaration of conformity is the written statement by which the provider itself confirms that a high-risk AI system meets the AI Act. Article 47 sets out its content, language and retention; the provider bears full responsibility for it.