EU AI Act 2028 Full Enforcement: Market Surveillance Maturity & NCA Inspection Patterns

Post #4 in the EU AI Act Enforcement Timeline 2026-2028 Series

Most compliance planning for the EU AI Act stops at August 2, 2026. That is where the core obligations for high-risk AI systems under Annex III become enforceable — but it is not where the enforcement story ends. By 2028, the regulation moves into a materially different phase: one where national competent authorities (NCAs) have completed their first full operational cycle, where the EU AI Office has run its first full year of GPAI model supervision, and where market surveillance authorities (MSAs) have moved from building infrastructure to exercising it.

This guide maps the 2028 enforcement environment: what the institutional machinery looks like after two years of operation, what inspection patterns are emerging, what documentation market surveillance authorities will request, and how SaaS and AI providers should position their compliance programs to withstand systematic scrutiny rather than one-off checks.

What Changes Between 2026 and 2028

The August 2, 2026 deadline brought the bulk of the EU AI Act's substantive obligations into force for providers and deployers of high-risk AI systems covered by Annex III — the broad list encompassing AI in biometric identification, critical infrastructure, education, employment, essential services, law enforcement, migration management, and administration of justice.

Two years later, in 2028, several additional transitions have completed or matured:

The August 2, 2027 cohort is now twelve months into compliance. As covered in Post #3 of this series, AI systems embedded in Annex I Section A products — medical devices, machinery, radio equipment, and related product categories requiring third-party conformity assessment under Union harmonisation legislation — had until August 2, 2027 to complete their compliance programs. By 2028, these providers are no longer in a transition phase; they are in the same enforcement envelope as the Annex III cohort that went live in 2026.

The EU database of high-risk AI systems is populated and operational. The regulation requires providers of high-risk AI systems listed in Annex III (with the exception of AI systems in Annex III points 1, 6, and 7 intended for law enforcement and migration purposes, which use a separate secure infrastructure) to register their systems before placing them on the market. By 2028, this database has accumulated two years of registration data. MSAs can cross-reference registered systems against market observations, identify unregistered deployments, and initiate targeted enforcement actions against providers who failed to register.

Post-market monitoring data is accumulating. Article 72 requires providers of high-risk AI systems to implement post-market monitoring plans that collect and analyse data on system performance after deployment. By 2028, providers who deployed AI systems in August 2026 have generated approximately 24 months of post-market monitoring data. MSAs will request these records during inspections as evidence that providers are actively tracking performance against the metrics established in their risk management systems under Article 9.

Serious incident logs have operational history. Article 73 requires providers to report serious incidents — defined as incidents resulting in death or serious harm, unintended breaches of applicable law, or systemic failures of high-risk AI systems — to the relevant market surveillance authority. By 2028, NCAs have two years of serious incident records for their market, enabling pattern analysis and systemic risk identification.

The GPAI model registry is in its second full year. Providers of GPAI models falling under the general-purpose AI provisions (Title V, Articles 51-56) were required to register with the EU AI Office from August 2025. By 2028, the registry reflects three years of GPAI model submissions, including updated technical summaries, copyright compliance documentation, and — for systemic-risk GPAI models — the results of adversarial testing and ongoing monitoring.

The Institutional Enforcement Architecture in 2028

Understanding who does what in 2028 EU AI Act enforcement requires distinguishing between three levels of the institutional structure.

National Competent Authorities

Each member state was required to designate at least one national competent authority responsible for the application and implementation of the EU AI Act. For most member states, this is either an existing data protection authority (as in Ireland, Luxembourg, or Germany) or a newly designated AI regulatory body. By 2028, these authorities have operational supervisory programs, trained inspection staff, and — in the more active jurisdictions — completed at least one cycle of market surveillance across the high-risk AI categories most relevant to their national economic profile.

NCAs in larger member states (Germany, France, Italy, the Netherlands) are likely to be more resource-intensive and to have developed specialised inspection methodologies by 2028. NCA in smaller member states may focus on a narrower set of sectors — typically those with significant national economic activity — and rely more on EU-level coordination through the European Artificial Intelligence Board (AI Board) and the EU AI Office for cross-border cases.

The governance chapter of the AI Act (Articles 57-68) establishes the AI Board as the coordination body for NCAs. By 2028, the AI Board has published opinions, guidelines, and at minimum one cycle of supervisory priorities — the equivalent of the thematic enforcement priorities that sector regulators in banking (EBA), insurance (EIOPA), and securities (ESMA) publish annually.

Market Surveillance Authorities

Not every NCA is a market surveillance authority. For AI systems in high-risk product categories covered by Union harmonisation legislation (the Annex I, Section A cohort), the MSA is typically the same authority responsible for market surveillance under that product legislation — for example, the national notified body supervisory authority for medical devices, or the national enforcement authority for machinery regulation.

For AI systems in the Annex III categories, the designated market surveillance authority is the NCA or a body it has designated. MSAs have the powers set out in the EU AI Act's market surveillance chapter, including the power to:

• Request technical documentation, post-market monitoring records, and risk management system documentation from providers and deployers
• Conduct audits of AI systems in deployment, including requesting access to training data documentation and model performance records
• Order corrective actions (including withdrawal from the market) for systems found not to conform with the regulation
• Impose provisional restrictions on making an AI system available where a risk to health, safety, or fundamental rights is identified and immediate action is needed
• Refer cross-border cases to the AI Board where enforcement coordination across multiple member states is required

By 2028, MSAs have exercised at least some of these powers. The early cases — whether enforcement actions, corrective action orders, or market withdrawal decisions — will have been published (subject to confidentiality protections) and will inform the inspection approach that other providers should expect.

The EU AI Office

The EU AI Office, established within the European Commission, has a distinct supervisory role from NCAs. Its primary mandate is oversight of GPAI model providers — particularly the systemic-risk tier — and cross-border coordination.

By 2028, the EU AI Office has:

• Completed its first full annual review cycle for GPAI model providers
• Published enforcement guidance on the technical documentation requirements for GPAI models, including copyright compliance summaries under Article 53
• Initiated at least one formal supervisory process for a systemic-risk GPAI model, either a self-initiated review or in response to a member state referral
• Contributed to the AI Board's opinion on at least one sector-specific high-risk AI category

For GPAI model providers — which includes any SaaS or AI company whose foundational model is made available via API and can be used for a wide range of downstream tasks — the EU AI Office is the primary enforcement counterpart, not the member state NCA.

What a 2028 NCA Inspection Looks Like

Based on the regulatory framework and the operational trajectory of comparable EU enforcement programs (GDPR, NIS2, DORA), a 2028 EU AI Act NCA inspection of a high-risk AI provider follows a predictable structure.

Stage 1: Documentary Intake

The inspection begins with a formal request for documentation. The NCA will issue a list of required documents, typically including:

Technical documentation under Article 11. The full technical file: system description, intended purpose and reasonably foreseeable misuse, performance metrics, training data description, design choices, and applicable standards compliance. This is the core compliance artifact, and its completeness, consistency, and accuracy are the primary inspection target.

Risk management system records under Article 9. Evidence that a risk management system has been established, implemented, and maintained throughout the AI system's lifecycle. This includes records of risk identification, risk analysis, risk evaluation, and the residual risk assessment after mitigation measures were applied.

Conformity assessment documentation. For systems requiring third-party assessment (Annex I, Section A), the assessment report from the notified body and the resulting EU declaration of conformity. For systems using the internal conformity assessment procedure, the provider's own assessment records.

Post-market monitoring data under Article 72. Records from the post-market monitoring plan: performance data collected from deployers (if applicable), any issues identified through post-deployment monitoring, updates made to the risk management system based on post-market data, and the connection between incident reports and technical documentation updates.

Serious incident records under Article 73. Log of all serious incidents reported to the MSA (or lack thereof), including root cause analysis and corrective action records where incidents occurred.

EU database registration confirmation. Evidence that the system was registered in the EU database for high-risk AI systems before being placed on the market.

Stage 2: Technical Audit

Following documentary review, the NCA (or a designated technical auditor acting on its behalf) may request a technical demonstration of the AI system and access to its operational environment. This is more common for systems where the documentary record raises questions or where the system operates in a particularly sensitive context (law enforcement AI, medical AI, employment screening AI).

The technical audit focuses on consistency between the documented system and the system in deployment — whether the training data description in the technical documentation matches the actual training pipeline, whether the risk controls documented in the risk management system are actually implemented, and whether the monitoring and logging mechanisms described in the post-market monitoring plan are operational.

Stage 3: Deployer Coordination

In cases where the provider is not the deployer — the typical SaaS architecture where a developer deploys an AI model through an API into an application operated by a third party — the NCA may coordinate with both the provider and the deployer.

Deployer obligations under Article 26 require deployers to implement the provider's instructions for use, monitor the AI system's operation, inform the provider of any serious incidents, and maintain records of use. A 2028 inspection may begin with the deployer (for example, following a complaint or incident) and work back to the provider, or it may target the provider directly where the NCA has independent information about the system.

For SaaS companies operating as both provider and deployer — developing and operating their own high-risk AI system without third-party API intermediation — the inspection covers both roles simultaneously.

The GPAI Model Audit in 2028

For GPAI model providers, the EU AI Office's 2028 audit cycle differs structurally from the NCA inspection described above.

The EU AI Office operates under a continuous monitoring model rather than a periodic inspection model. GPAI model providers subject to Article 53 obligations — all GPAI providers, not just systemic-risk tier — must maintain and update their technical documentation and make summaries available to the EU AI Office on request.

Systemic-risk GPAI model providers face additional obligations: they must notify the EU AI Office of GPAI models reaching the systemic-risk threshold (currently defined in terms of training compute), conduct model evaluations including adversarial testing, implement cybersecurity and physical security measures for the model weights and training infrastructure, and report serious incidents to the EU AI Office.

A 2028 GPAI audit will typically involve:

Technical summary verification. The EU AI Office will review the technical summary published by the provider against the capabilities and limitations of the deployed model. Significant divergence between documented capabilities and observed real-world capabilities may trigger a deeper investigation.

Copyright compliance documentation review. Article 53 requires GPAI model providers to publish a sufficiently detailed summary of the content used for training. By 2028, this requirement has been in force for three years. The EU AI Office will review whether the published summaries are adequately detailed and whether the copyright compliance policies described are actually implemented.

Adversarial testing records for systemic-risk models. Providers of systemic-risk GPAI models are required to perform adversarial testing — sometimes called "red-teaming" — before and after significant updates. The EU AI Office will request records of these exercises, including the scope of testing, findings, and remediation actions taken.

Downstream incident correlation. The EU AI Office will cross-reference serious incidents reported by GPAI model providers with incidents reported by NCA-supervised deployers who use those models. Providers whose models appear in multiple downstream incident reports without corresponding upstream corrective action will receive heightened scrutiny.

High-Risk AI Compliance Gaps Most Likely to Surface in 2028 Inspections

Based on the structure of the compliance requirements and the operational patterns of comparable EU regulatory programs, the following categories of compliance gap are most likely to surface in 2028 inspections:

Stale technical documentation. The Article 11 technical file must be kept up to date for the lifetime of the AI system. Providers who completed their initial technical documentation in 2026 but have not updated it to reflect significant system changes — new training data, updated model versions, expanded intended use — will face non-compliance findings. This is the most predictable source of enforcement action in mature EU regulatory frameworks: initial compliance is achieved, but ongoing maintenance is neglected.

Post-market monitoring programs that exist on paper but not in practice. The Article 72 post-market monitoring obligation requires active data collection and analysis, not merely a policy document stating that monitoring will occur. MSAs will request actual monitoring data, and providers who cannot demonstrate that data has been collected and reviewed will face corrective action.

Missing or inadequate EU database registrations. Systems placed on the market after the registration obligation became effective but not registered in the EU database are straightforward enforcement targets. The database provides MSAs with a list of what should be present; gaps indicate either non-registration or market placement before the database was established (which requires its own documentary record).

Deployer instruction deficiencies. Article 13 requires providers to supply deployers with sufficiently detailed instructions for use, including the intended purpose, known limitations, performance levels across different population groups, and measures that deployers must take to maintain compliance. Instructions that are vague, incomplete, or inconsistent with the technical documentation in the Article 11 file are a common NCA inspection finding.

Serious incident reporting backlogs. Article 73 sets specific notification timelines for serious incidents — the timelines are measured in days, not weeks. Providers who have experienced serious incidents but delayed reporting (or misclassified incidents to avoid reporting) will face findings both on the substantive incident and on the procedural non-compliance with the notification obligation.

Preparing for 2028: A SaaS Provider Readiness Checklist

The gap between a 2026 compliance program and a 2028 inspection-ready compliance program is primarily a gap in ongoing maintenance rather than initial setup. The following checklist addresses the most common deficiencies:

Technical documentation lifecycle management. Establish a formal change management process that triggers a technical documentation review whenever the AI system undergoes a significant modification — model retraining, expansion of the intended use, changes to the deployment environment, or updated performance benchmarks. Document who is responsible for the review, what the review covers, and how findings are recorded. This process is what an NCA will request first.

Post-market monitoring operationalisation. Move from a post-market monitoring plan to an active post-market monitoring program. Define specific performance metrics to be tracked, the data sources for those metrics (deployer feedback mechanisms, API usage logs, incident reports), the frequency of review, and the thresholds that trigger a risk management system update. Document each review cycle with date, findings, and actions taken.

EU database registration maintenance. Confirm registration status for all high-risk AI systems in scope. For multi-product organisations, map each product's AI components to the applicable Annex III category or Annex I Section A legislation, and verify that all systems requiring registration are registered with current information.

Incident management integration with reporting obligations. Integrate the Article 73 serious incident reporting obligation into your existing incident management process. Define what constitutes a serious incident under the regulation (as distinct from a security incident under NIS2 or DORA, or a medical device serious incident under MDR), and ensure that your incident response process includes a regulatory reporting decision within the required timeframe.

Deployer program review. Review the instructions for use provided to all deployers of your high-risk AI systems. Verify that they are consistent with the current technical documentation and risk management system, that they cover the specific information required under Article 13, and that they have been updated to reflect any changes to the system since initial compliance.

GPAI-specific: Technical summary currency. For GPAI model providers, review the published technical summary for currency. The summary must reflect the current state of the model — significant updates to training data, model architecture, or capability profile require a corresponding update to the summary. Stale summaries are a predictable EU AI Office audit finding.

The Cross-Border Dimension: AI Board Coordination and Joint Investigations

One structural feature of 2028 EU AI Act enforcement that differs from 2026 is the maturation of cross-border coordination mechanisms.

Many SaaS and AI providers operate across multiple EU member states simultaneously. A cloud-native SaaS company with customers in Germany, France, the Netherlands, and Poland may be subject to oversight from four different NCAs for the same AI system. The AI Board is designed to coordinate these overlapping jurisdictions, but coordination mechanisms take time to become operational.

By 2028, the AI Board has established procedures for:

• Designating a lead NCA for multi-jurisdiction AI systems, analogous to the lead supervisory authority concept in GDPR
• Conducting joint investigations where multiple NCAs have concurrent interest in the same AI system or provider
• Handling cases referred from member states to the EU-level where the AI system has significant cross-border effects

For SaaS providers with substantial EU footprints, the 2028 enforcement landscape includes the possibility of a coordinated multi-NCA investigation, not just individual NCA inquiries. Compliance programs that are designed around a single member state jurisdiction may encounter unexpected gaps when cross-border coordination begins.

What the First Wave of EU AI Act Enforcement Actions Tells You

By 2028, the EU AI Act enforcement record will include at minimum several formal non-compliance decisions, corrective action orders, and — almost certainly — at least one significant penalty case. These early cases provide the clearest signal of NCA priorities and inspection methodology.

The enforcement pattern from comparable EU regulatory programs suggests that early cases will cluster around:

• Clear procedural non-compliance (failure to register, failure to report incidents)
• Technical documentation deficiencies in high-visibility sectors (medical AI, employment AI)
• GPAI model providers with significant market presence and inadequate technical summaries

Providers who track the enforcement record — the AI Board's published opinions, NCA enforcement decisions, and EU AI Office supervisory communications — will have advance notice of the specific compliance gaps that are attracting enforcement attention and can adjust their programs accordingly before they become the subject of an inspection.

Conclusion: From Compliance Event to Compliance Program

The EU AI Act was designed to be enforced. The governance architecture — NCAs in every member state, an EU AI Office with direct supervisory authority over GPAI models, an AI Board with cross-border coordination powers, and a market surveillance framework adapted from the EU's decades-long experience with product regulation — is substantial. By 2028, this architecture is not being built; it is being operated.

For SaaS and AI providers, the transition from 2026 to 2028 represents a transition from treating compliance as an event (meeting the August 2, 2026 deadline) to treating it as a program (maintaining compliance through ongoing documentation management, post-market monitoring, and incident reporting). The providers best positioned for 2028 inspections are not those with the most elaborate initial compliance projects — they are those with the most reliable ongoing compliance operations.

The final post in this series, Post #5, maps the complete 2026-2028 compliance roadmap: a consolidated timeline of every enforcement milestone, every NCA supervisory cycle, and every documentation maintenance trigger across the full three-year arc of EU AI Act enforcement maturity.

This post is part of the EU AI Act Enforcement Timeline 2026-2028 Series. Post #1 covers the core obligations activating on August 2, 2026. Post #2 maps Q4 2026 obligations. Post #3 covers the 2027 Annex I Section A deadline and GPAI audit cycle.