A National Competent Authority (NCA) is the legally designated public-sector body within a specific European Union member state tasked with the supervision, implementation, and enforcement of the EU Artificial Intelligence Act. This authority serves as the primary national-level interface between AI providers and the regulatory framework, holding the mandate to monitor compliance, conduct investigations, and impose corrective actions on high-risk systems operating within its jurisdiction.
Glossary
National Competent Authority

What is National Competent Authority?
The designated public authority within an EU member state responsible for supervising the implementation and enforcement of AI registration and conformity rules.
The NCA is responsible for managing the registration of high-risk AI systems in the EU database, validating conformity assessments, and coordinating with Notified Bodies. It also acts as the single point of contact for cross-border cooperation with other member states' authorities, ensuring consistent market surveillance and acting as the national representative in the European Artificial Intelligence Board.
Core Powers and Responsibilities
The statutory functions and enforcement toolkit granted to National Competent Authorities (NCAs) under the EU AI Act to ensure market-wide compliance with harmonized rules for artificial intelligence.
Market Surveillance & Enforcement
The NCA acts as the primary market surveillance authority for AI systems within its jurisdiction. It possesses the power to conduct unannounced inspections, request technical documentation, and mandate corrective actions. If a high-risk system presents a serious risk, the NCA can order a market withdrawal or registration suspension without prior notice, effectively removing non-compliant AI from circulation.
Conformity Assessment Oversight
The NCA supervises the integrity of the conformity assessment process. It audits the internal checks performed by providers and monitors the independence of Notified Bodies. The authority can challenge the validity of a Declaration of Conformity if evidence suggests the assessment was flawed, thereby blocking the affixing of the CE Marking and preventing market access.
Serious Incident Investigation
NCAs operate the mandatory incident reporting linkage portal. Upon receiving a report of a malfunction or safety risk, the authority initiates a formal investigation to determine root cause. It has the power to compel the provider to share post-market monitoring data and can issue a registration suspension immediately to freeze the system's legal status during the inquiry.
Regulatory Sandbox Authorization
The NCA is the gatekeeper for innovation. It processes regulatory sandbox notification requests, granting temporary, controlled exemptions from specific registration requirements. This allows providers to test novel AI under direct supervision, with the NCA defining the specific legal waivers and monitoring the test environment to ensure public safety.
Cross-Border Coordination
Under the cross-border registration principle, a single NCA's decision can have Union-wide effect. When a risk spans multiple member states, the NCA leads joint investigations via the European Artificial Intelligence Board. This requires sharing technical documentation files and aligning enforcement actions to prevent regulatory fragmentation across the single market.
Administrative Penalty Imposition
The NCA holds the power to levy significant fines for non-compliance. It can impose penalties for failing to register in the EU AI Act Database, providing false training data provenance records, or ignoring a market withdrawal notification. These fines are designed to be dissuasive and proportionate, often calculated as a percentage of global annual turnover.
Frequently Asked Questions
Clarifying the role, powers, and operational mechanics of the National Competent Authorities designated under the EU AI Act to enforce artificial intelligence governance.
A National Competent Authority (NCA) is the designated public authority within an EU member state responsible for supervising the implementation and enforcement of the EU Artificial Intelligence Act. Each member state must establish or designate at least one NCA to act as the national supervisory body. The NCA serves as the primary interface between AI providers, deployers, and the European Commission, ensuring that high-risk AI systems undergo proper conformity assessment before receiving CE marking. The authority holds the power to access technical documentation files, conduct audits, and issue registration suspension orders for non-compliant systems. NCAs also coordinate with Notified Bodies and participate in the European Artificial Intelligence Board to ensure harmonized enforcement across the Union.
Enabling Efficiency, Speed & Accuracy
Intelligent Analysis, Decision & Execution
We build AI systems for teams that need search across company data, workflow automation across tools, or AI features inside products and internal software.
Talk to Us
Search across company data
Give teams answers from docs, tickets, runbooks, and product data with sources and permissions.
Useful when people spend too long searching or get different answers from different systems.

Automate internal workflows
Use AI to route work, draft outputs, trigger actions, and keep approvals and logs in place.
Useful when repetitive work moves across multiple tools and teams.

Add AI to products and internal tools
Build assistants, guided actions, or decision support into the software your team or customers already use.
Useful when AI needs to be part of the product, not a separate tool.
Related Terms
Understanding the National Competent Authority requires familiarity with the interconnected regulatory mechanisms and entities that enforce the EU AI Act.
Notified Body
An independent third-party organization designated by a member state to conduct conformity assessments for high-risk AI systems requiring external oversight. Unlike the National Competent Authority, which handles market surveillance, the Notified Body performs the technical verification before a product can receive its CE marking.
- Operates under strict accreditation standards
- Audits technical documentation and quality management systems
- Distinct from the general supervisory role of the National Competent Authority
EU AI Act Database
The centralized European Commission repository where providers must register high-risk AI systems before market placement. The National Competent Authority uses this database as the primary source of truth for market surveillance and enforcement actions.
- Assigns a Unique Registration ID for traceability
- Links to incident reporting portals
- Accessible to all member state authorities for cross-border coordination
Market Surveillance Authority
The operational arm of the National Competent Authority responsible for conducting physical and digital inspections of AI systems already on the market. They possess the power to demand technical documentation and issue registration suspensions.
- Conducts unannounced audits of deployers
- Investigates serious incidents and malfunctioning reports
- Coordinates with customs authorities to block non-compliant imports
Conformity Assessment
The mandatory verification process demonstrating that a high-risk AI system meets the essential requirements of the EU AI Act. The National Competent Authority supervises the integrity of this process, whether it is conducted internally by the provider or externally by a Notified Body.
- Based on harmonized standards for presumption of conformity
- Requires a signed Declaration of Conformity
- Must be re-triggered by any Substantial Modification
Regulatory Sandbox Notification
The formal process of informing a National Competent Authority that an AI system is being tested under controlled conditions. The authority may grant temporary derogations from standard registration requirements to foster innovation while maintaining supervisory oversight.
- Facilitates safe experimentation with novel AI architectures
- Requires exit reporting upon sandbox conclusion
- Often involves direct collaboration with the authority's technical staff
Cross-Border Registration
The principle of mutual recognition allowing a single registration in one EU member state to serve as the basis for market access across all other member states. The National Competent Authority of the lead member state coordinates with counterparts via the EU AI Act Database to ensure consistent enforcement.
- Prevents duplicate regulatory burdens
- Requires seamless information exchange between authorities
- The 'country of establishment' rule determines the lead authority

About the author
Prasad Kumkar
CEO & MD, Inference Systems
Prasad Kumkar is the CEO & MD of Inference Systems and writes about AI systems architecture, LLM infrastructure, model serving, evaluation, and production deployment. Over 5+ years, he has worked across computer vision models, L5 autonomous vehicle systems, and LLM research, with a focus on taking complex AI ideas into real-world engineering systems.
His work and writing cover AI systems, large language models, AI agents, multimodal systems, autonomous systems, inference optimization, RAG, evaluation, and production AI engineering.
Partnered with leading AI, data, and software stack.
How We Work
Custom AI workflows for your Business
One-fit-all AI don't work for modern businesses. At Inferensys, we aim to understand your business & custom requirements; which we use to define most efficient agentic workflows, the data, and the tools for your business.
01
Review the use case
We understand the task, the users, and where AI can actually help.
Read more02
Pick the right approach
We define what needs search, automation, or product integration.
Read more03
Build the first useful version
We implement the part that proves the value first.
Read more04
Improve from there
We add the checks and visibility needed to keep it useful.
Read moreThe first call is a practical review of your use case and the right next step.
Talk to Us