2026-04-24·12 min read·sota.io team

EU AI Act Art.66: Market Surveillance, Information Exchange, and Cross-Border NCA Enforcement Coordination (2026)

EU AI Act Article 66 is the operational engine of the Chapter IX enforcement framework. Where Articles 57–65 establish the institutional architecture — designating authorities (Art.57), granting investigation powers (Art.58), creating coordination bodies (Art.59–63), enabling data access (Art.64), and mandating incident notification (Art.65) — Art.66 specifies how those authorities work together in practice: how they share information about non-compliant AI systems, how they coordinate corrective actions across Member State borders, and how joint surveillance activities are organised when a single non-compliant system affects multiple jurisdictions.

The practical significance of Art.66 for developers and deployers cannot be overstated. A high-risk AI system placed on the market in Germany that triggers a market surveillance action by the German NCA does not stop at the German border. Art.66 requires that information about the non-compliant system flows through the RAPEX and ICSMS information exchange networks to every other Member State where the system is deployed. A corrective measure ordered in one Member State can trigger parallel simultaneous enforcement actions in others, coordinated through the AI Board. A provider facing a national enforcement action may, without realising it, be facing a pan-European enforcement event.

For providers of AI systems that are placed on the market across multiple EU Member States — which describes essentially any cloud-delivered AI service — understanding Art.66 means understanding that market surveillance is a networked activity, not a jurisdiction-bounded one. The 27 national enforcement regimes operate in parallel and share information in real time. This guide covers Art.66(1)–(8) in full: the market surveillance mandate, RAPEX/ICSMS information exchange, AI Board coordination of joint activities, simultaneous cross-border corrective measures, third-country system controls, enforcement proportionality, CLOUD Act conflicts, Python implementation, and a 10-item compliance checklist.

Art.66 became applicable on 2 August 2025 as part of the phased entry into force of Regulation (EU) 2024/1689.

Art.66 in the Chapter IX Enforcement Architecture

Art.66 occupies the coordination and information-sharing layer of the Chapter IX framework — connecting the investigation powers granted to individual NCAs with the multi-jurisdictional reality of AI system deployment:

Article	Function	Relationship to Art.66
Art.57	NCA designation — the authorities that conduct Art.66 market surveillance	NCAs use Art.66 coordination mechanisms in their market surveillance activities
Art.58	NCA investigation powers — the toolkit applied during Art.66 surveillance	Art.66 determines how Art.58 powers are exercised in cross-border situations
Art.59	AI Board — the coordination body for Art.66 joint surveillance activities	AI Board organises common market surveillance activities and coordinates simultaneous actions
Art.60	EU AI database — the registry that market surveillance activities check compliance against	Art.66 surveillance checks against EU AI database registration status
Art.61	Scientific Panel — provides technical support for complex surveillance investigations	Scientific Panel may be engaged for technical assessment during coordinated investigations
Art.62	AI Office corrective measures for GPAI models — parallel enforcement track	AI Office and NCAs coordinate their enforcement activities under Art.66 where GPAI models are involved
Art.63	Advisory Forum — shapes market surveillance guidance	Advisory Forum input to NCA surveillance priorities and methodologies
Art.64	Data access powers — exercised during Art.66 surveillance investigations	NCAs use Art.64 powers to access data during market surveillance actions
Art.65	Incident reporting — the primary trigger for Art.66 coordinated surveillance	Art.65 incident notifications to one NCA trigger Art.66 information exchange to other affected NCAs
Art.66	Market surveillance, information exchange, coordination	The operational framework connecting all Chapter IX actors
Art.67	Union safeguard procedure — escalation when NCAs disagree on enforcement	Art.67 applies when Art.66 coordinated enforcement produces conflicting national measures

Art.66(1): The Market Surveillance Mandate

Art.66(1) establishes the foundational obligation: national competent authorities designated as market surveillance authorities under Art.57 shall conduct market surveillance activities within their territory in accordance with the framework established by Regulation (EU) 2019/1020 (the EU Market Surveillance Regulation, "MSR"), as adapted by the specific requirements of the AI Act.

The scope of Art.66 market surveillance encompasses all high-risk AI systems:

Placed on the market or put into service in the Member State's territory
Whether produced by EU-based providers or imported from third countries
Whether sold directly to end users or embedded in other products or services
Whether provided as standalone systems or as components of larger AI-enabled products

The MSR framework that Art.66(1) incorporates brings with it established enforcement tools: product sampling and testing, document requests, on-site inspections, customs cooperation, and — crucially for cross-border cases — the RAPEX and ICSMS rapid information exchange systems that Art.66 builds upon.

For developers, Art.66(1) means that market surveillance is active, not passive. NCAs do not wait for Art.65 incident reports alone. They conduct proactive surveillance: sampling AI systems from the market, commissioning technical tests against the Art.9-17 requirements for high-risk systems, checking EU AI database registration status under Art.49, and reviewing conformity documentation. An Art.65 incident report accelerates this process, but Art.66 surveillance can and does occur independently.

Art.66(2): RAPEX and ICSMS Information Exchange

Art.66(2) establishes the information exchange architecture: when a market surveillance authority finds that a high-risk AI system presents a risk — defined as a risk to health, safety, or the fundamental rights of persons, or to other public interests protected by the Regulation — it must make the information available to all other Member State NCAs and the Commission through the designated rapid information exchange systems.

RAPEX (Rapid Exchange of Information System) — the EU's primary product safety information exchange mechanism — applies where a high-risk AI system presents a serious risk. Originally designed for physical consumer products, RAPEX was extended to cover AI systems through the MSR framework that Art.66(2) incorporates. A RAPEX notification by one NCA:

Triggers review obligations in all other Member States: every NCA that receives a RAPEX notification must investigate whether the notified system is present in its territory and take appropriate measures.
Creates a presumption of risk: NCAs in other Member States are entitled to take preliminary corrective measures pending their own investigation, based on the RAPEX notification alone.
Is publicly accessible: RAPEX notifications are published in the European Commission's Safety Gate database, providing market transparency — and public disclosure of compliance failures.

ICSMS (Information and Communication System for Market Surveillance) handles information exchange about AI systems that present risks but where those risks do not meet the "serious risk" threshold required for RAPEX. ICSMS notifications reach NCAs across the EU but are not publicly disclosed in the same way as RAPEX, allowing for information sharing during ongoing investigations without premature market disclosure.

Which system applies to AI systems? The distinction matters:

High-risk AI system that has caused or could cause death, serious injury, or a serious and irreversible fundamental rights violation → RAPEX
High-risk AI system that is non-compliant but does not present a serious risk to persons → ICSMS
GPAI model with systemic risk presenting a serious risk → AI Office notification (Art.62) + possible AI Board escalation, with RAPEX for downstream high-risk AI systems

For providers, the consequence is clear: a finding of non-compliance by a single NCA does not remain in one Member State. Art.66(2) builds the mechanism by which a national enforcement finding becomes a pan-European enforcement event within days.

Art.66(3): AI Board Coordination of Common Market Surveillance Activities

Art.66(3) empowers the AI Board to organise and coordinate common market surveillance activities: joint market surveillance campaigns targeting specific categories of high-risk AI systems, coordinated technical assessments of AI systems deployed across multiple Member States, and cross-border enforcement operations where multiple NCAs take simultaneous action.

Common market surveillance activities under Art.66(3) allow:

Coordinated sweeps: The AI Board can designate a category of high-risk AI system — for example, AI-powered recruitment tools in the Annex III category — for simultaneous assessment across multiple Member States. Each participating NCA samples systems in its territory and shares findings through ICSMS. The coordinated sweep produces a comprehensive picture of compliance across the EU that no single NCA could develop alone.

Resource pooling: NCAs with limited technical capacity can leverage Art.66(3) to access the results of more technically sophisticated assessments conducted by better-resourced NCAs. The German NCA's assessment of a specific model architecture benefits the Estonian NCA operating in the same market.

Consistent enforcement outcomes: Where systems are deployed identically across Member States, Art.66(3) coordination ensures that findings are consistent. A system compliant in one Member State and non-compliant in another creates legal uncertainty; AI Board coordination under Art.66(3) resolves this by establishing common assessment criteria and shared findings.

Timeline coordination: For enforcement actions against cross-border providers, Art.66(3) enables NCAs to coordinate their actions so that the provider cannot comply in one jurisdiction while maintaining non-compliance in others.

Art.66(4): Simultaneous Cross-Border Corrective Measures

Art.66(4) addresses the scenario where an AI system presents a risk in multiple Member States simultaneously and requires coordinated corrective action. Where a market surveillance authority finds that a high-risk AI system requires corrective measures — withdrawal, recall, restriction, or prohibition — and other Member States are also affected, Art.66(4) enables NCAs to adopt those measures simultaneously, coordinated through the AI Board.

The practical mechanism:

Lead authority identification: The NCA of the Member State where the provider has its principal place of business, or where the system was first placed on the market, typically acts as lead authority.
Notification to AI Board: The lead NCA notifies the AI Board of its intended corrective measure, including the risk assessment basis and the proposed measure.
Simultaneous adoption: Other affected NCAs are invited to adopt equivalent measures simultaneously, preventing regulatory arbitrage.
RAPEX publication: Where the simultaneous measure meets the serious risk threshold, the lead NCA publishes a RAPEX notification covering all affected Member States.

For providers of cloud-delivered AI services, simultaneous corrective measures can mean that a suspension order reached in one Member State is replicated across the entire EU within hours. The 27-jurisdiction enforcement network created by Art.66(4) makes treating EU compliance as a single obligation — not 27 separate bilateral compliance exercises — both the legally correct and the operationally necessary approach.

Art.66(5): Third-Country AI Systems and Import Controls

Art.66(5) addresses the market surveillance challenges posed by high-risk AI systems provided by operators established in third countries — a significant practical issue given that many foundation models, AI APIs, and AI-enabled SaaS products originate outside the EU.

Where a high-risk AI system is placed on the EU market by a provider established in a third country, Art.66(5) establishes that:

Importers carry primary enforcement accountability: The importer — any natural or legal person established in the EU who places a third-country provider's AI system on the EU market — is the primary enforcement contact for market surveillance authorities. The importer must:

Verify that the third-country provider has completed the required conformity assessment procedures
Ensure the EU AI database registration required under Art.49 is complete
Maintain documentation sufficient to enable NCA access under Art.64
Be reachable by NCAs for enforcement purposes

Distributor fallback obligations: Where the importer cannot be identified or contacted, distributors take on equivalent obligations.

Authorised representative as enforcement contact: Third-country providers who appoint an authorised representative under Art.22 are using that representative as the Art.66(5) enforcement contact. This is why the authorised representative appointment is not merely an administrative formality — it is the mechanism by which third-country providers integrate into the Art.66 market surveillance network.

Customs cooperation: Art.66(5) enables market surveillance authorities to coordinate with customs authorities to identify high-risk AI systems being imported into the EU that lack required documentation or registrations. For software-delivered AI systems, this applies at the point of commercial availability (first commercial offer to EU customers) rather than at a physical customs border.

Art.66(6): Proportionality and Provisional Measures

Art.66(6) requires that corrective measures adopted following Art.66 market surveillance are proportionate to the nature and degree of non-compliance and the level of risk. This proportionality requirement operates at two levels:

The measure must be proportionate to the risk: An AI system that is non-compliant on a documentation requirement but presents no actual risk to users may warrant a formal compliance order without suspension. An AI system that has caused actual harm to fundamental rights warrants immediate withdrawal. The NCA must calibrate the corrective measure to the risk finding.

Provisional measures are available for urgent situations: Where an AI system presents an imminent serious risk and full investigation would cause unacceptable delay, Art.66(6) enables NCAs to adopt provisional corrective measures — including immediate market suspension — pending a full proportionality assessment. Provisional measures are time-limited and subject to challenge, but they can be adopted and implemented before the Art.66(4) simultaneous coordination mechanism is completed.

For providers, proportionality means that the first enforcement contact is not necessarily the end of the road. NCAs are required to calibrate their initial measures to the risk finding. A provider who identifies a documentation gap and remedies it promptly is in a materially different position from a provider whose system has caused actual harm. The Art.66(6) proportionality framework creates space for compliance remediation as part of the enforcement response.

Art.66(7): AI Board Reporting and Commission Oversight

Art.66(7) establishes a reporting and oversight loop connecting Art.66 market surveillance activities back to the Commission and the AI Board:

NCAs report completed market surveillance activities to the AI Board, including findings, corrective measures adopted, and provider responses
The AI Board aggregates this reporting to identify systemic compliance patterns across the EU market
The Commission uses AI Board reports to assess whether additional legislative or implementing measures are required — including potential updates to Annexes I–III (prohibited practices, high-risk categories, AI systems subject to transparency obligations)
The AI Board's aggregated findings inform the Commission's annual reporting on AI Act implementation

The Art.66(7) reporting loop creates a systemic learning mechanism: enforcement findings from individual NCAs feed into the AI Board's systemic picture, which feeds into Commission legislative review. Compliance failures that are widespread enough to appear in AI Board reports can trigger regulatory updates — making the Art.66(7) reporting chain a driver of future regulatory evolution, not just a record of past enforcement.

Art.66(8): Coordination with Other Union Legislation

Art.66(8) addresses the intersection between AI Act market surveillance and other Union legislation that may apply to the same AI systems — including the General Product Safety Regulation (GPSR), the Machinery Regulation, the Medical Device Regulation (MDR), NIS2, and sectoral AI-relevant legislation.

Where a high-risk AI system falls within the scope of both the AI Act and other Union harmonisation legislation:

The AI Act market surveillance authorities coordinate with the competent authorities under the other legislation
Where the other legislation provides for more specific conformity assessment or market surveillance requirements that address the AI-specific risks, those requirements may take precedence
Information exchange mechanisms established by other legislation (e.g., EUDAMED for medical devices) coordinate with Art.66 RAPEX/ICSMS exchange

For developers of high-risk AI systems that are embedded in regulated products — medical device AI, automotive AI, aviation AI — multi-regulation compliance means multi-authority surveillance. The Art.66(8) coordination requirement means that an NCA finding under the AI Act may trigger parallel investigation by the MDR notified body or the type-approval authority for vehicles.

CLOUD Act Jurisdiction Conflicts in Multi-NCA Investigations

Multi-NCA investigations under Art.66 create specific CLOUD Act jurisdiction conflicts that providers of US-incorporated origin must understand:

Multi-NCA data requests: Where NCAs in Germany, France, and the Netherlands coordinate a joint investigation under Art.66 and each independently issues an Art.64 data access request, the provider may be simultaneously subject to EU data disclosure obligations and US government data access requests under the CLOUD Act if the underlying data is held by or accessible to the US-incorporated entity.

Confidentiality limits in coordinated proceedings: Art.66 information sharing through RAPEX/ICSMS is subject to confidentiality requirements — but those requirements apply to EU authorities sharing information with each other. They do not create a shield against US government access to the same information if the provider is subject to CLOUD Act obligations.

Simultaneous corrective measure enforcement: Where Art.66(4) simultaneous corrective measures are adopted across multiple Member States, the provider's US parent may be subject to conflicting obligations if the US government has a concurrent interest in the AI system's operation (e.g., government contracts, export-controlled technology).

The EU-incorporation structural solution: For providers operating AI infrastructure in the EU market, EU-incorporation of the data processing entity creates a structural firewall. An EU GmbH, EU SRL, or EU AB that holds the AI system data and conducts the conformity assessment is not a CLOUD Act subject — eliminating the cross-jurisdictional conflict that Art.66 multi-NCA investigations can otherwise create. This is a core architectural consideration for EU-sovereign AI infrastructure.

Art.66 vs Art.65: How Incident Reports Trigger Coordination

The operational flow from Art.65 incident reporting to Art.66 coordinated enforcement:

Step	Article	What Happens
1. Incident occurs	—	High-risk AI system causes or could cause serious harm
2. Provider notification	Art.65(1)	Provider notifies NCA of Member State where incident occurred within 15 days
3. NCA receives notification	Art.65	Receiving NCA opens an investigation using Art.58 powers
4. Risk assessment	Art.58	NCA assesses whether system presents a risk requiring corrective action
5. RAPEX/ICSMS notification	Art.66(2)	If risk confirmed, NCA notifies other Member States via RAPEX (serious risk) or ICSMS
6. Other NCAs investigate	Art.66(2)	NCAs in other Member States where system is deployed assess the same system
7. Coordinated response	Art.66(3)-(4)	AI Board coordinates simultaneous corrective measures across affected Member States
8. Provider response	Art.66(6)	Provider implements corrective measures (proportionate to risk finding) in all affected MSs
9. RAPEX public notification	Art.66(2)	For serious risks: public RAPEX Safety Gate notification disclosing non-compliance
10. AI Board report	Art.66(7)	AI Board aggregates findings for Commission systemic review

The Art.65 → Art.66 pipeline means that a single incident in one Member State can become a pan-European enforcement event within days. For providers with EU-wide deployments, the 15-day Art.65 reporting window is also the window within which to implement corrective measures proactively, before the Art.66 coordination machinery amplifies a national enforcement finding into a multi-jurisdictional simultaneous action.

Python Implementation: Market Surveillance Action Tracker

from dataclasses import dataclass, field
from datetime import datetime, timedelta
from enum import Enum
from typing import Optional

class SurveillanceType(Enum):
    RAPEX = "rapex"
    ICSMS = "icsms"
    AI_BOARD_COORDINATED = "ai_board_coordinated"
    NATIONAL_ONLY = "national_only"

class RiskLevel(Enum):
    SERIOUS_RISK = "serious_risk"
    NON_COMPLIANT_NO_SERIOUS_RISK = "non_compliant_no_serious_risk"
    UNDER_INVESTIGATION = "under_investigation"

class CorrectiveMeasureType(Enum):
    WITHDRAWAL = "withdrawal"
    RECALL = "recall"
    RESTRICTION = "restriction"
    PROHIBITION = "prohibition"
    COMPLIANCE_ORDER = "compliance_order"
    PROVISIONAL = "provisional"

@dataclass
class MarketSurveillanceAction:
    """Tracks Art.66 market surveillance actions across Member States."""
    action_id: str
    system_euid: str
    lead_nca_member_state: str
    affected_member_states: list[str]
    risk_level: RiskLevel
    surveillance_type: SurveillanceType
    nca_finding_date: datetime
    corrective_measure: Optional[CorrectiveMeasureType] = None
    corrective_measure_date: Optional[datetime] = None
    rapex_notification_date: Optional[datetime] = None
    rapex_case_number: Optional[str] = None
    ai_board_coordination_engaged: bool = False
    simultaneous_measures_count: int = 0
    third_country_provider: bool = False
    importer_identified: bool = True
    cloud_act_conflict_assessed: bool = False
    provider_response_date: Optional[datetime] = None
    provider_corrective_action: Optional[str] = None

    @property
    def days_since_finding(self) -> int:
        return (datetime.now() - self.nca_finding_date).days

    @property
    def rapex_required(self) -> bool:
        return self.risk_level == RiskLevel.SERIOUS_RISK

    @property
    def ai_board_coordination_required(self) -> bool:
        return len(self.affected_member_states) > 2

    @property
    def simultaneous_measure_coordination_required(self) -> bool:
        return (
            self.corrective_measure in {
                CorrectiveMeasureType.WITHDRAWAL,
                CorrectiveMeasureType.RECALL,
                CorrectiveMeasureType.PROHIBITION,
            }
            and len(self.affected_member_states) > 1
        )

    def compliance_gaps(self) -> list[str]:
        gaps = []
        if self.rapex_required and not self.rapex_notification_date:
            gaps.append("Art.66(2): RAPEX notification required for serious risk — not yet submitted")
        if self.ai_board_coordination_required and not self.ai_board_coordination_engaged:
            gaps.append("Art.66(3): AI Board coordination required (>2 affected MSs) — not yet engaged")
        if self.simultaneous_measure_coordination_required and self.simultaneous_measures_count < len(self.affected_member_states):
            gaps.append(f"Art.66(4): Simultaneous measures required in {len(self.affected_member_states)} MSs — only {self.simultaneous_measures_count} adopted")
        if self.third_country_provider and not self.importer_identified:
            gaps.append("Art.66(5): Third-country provider — importer not identified for enforcement contact")
        if not self.cloud_act_conflict_assessed:
            gaps.append("Art.66: CLOUD Act conflict assessment not documented for cross-border enforcement")
        return gaps

    def enforcement_timeline(self) -> list[tuple[str, datetime]]:
        timeline = [(f"NCA finding — {self.lead_nca_member_state}", self.nca_finding_date)]
        if self.rapex_notification_date:
            timeline.append(("RAPEX notification", self.rapex_notification_date))
        if self.corrective_measure_date:
            timeline.append((f"Corrective measure: {self.corrective_measure.value}", self.corrective_measure_date))
        if self.provider_response_date:
            timeline.append(("Provider response", self.provider_response_date))
        return sorted(timeline, key=lambda x: x[1])

    def summary(self) -> str:
        lines = [
            f"Market Surveillance Action {self.action_id}",
            f"System EUID: {self.system_euid}",
            f"Lead NCA: {self.lead_nca_member_state} | Affected MSs: {', '.join(self.affected_member_states)}",
            f"Risk level: {self.risk_level.value} | Surveillance type: {self.surveillance_type.value}",
            f"Days since NCA finding: {self.days_since_finding}",
            f"RAPEX required: {self.rapex_required} | RAPEX notified: {bool(self.rapex_notification_date)}",
            f"AI Board engaged: {self.ai_board_coordination_engaged}",
        ]
        gaps = self.compliance_gaps()
        if gaps:
            lines.append("GAPS:")
            lines.extend(f"  ⚠ {g}" for g in gaps)
        return "\n".join(lines)

Art.66 Compliance Readiness Checklist

#	Item	Who	Timing
1	Map all Member States where your high-risk AI system is placed on the market or put into service — this is your Art.66 enforcement footprint	Provider	Before market placement
2	Identify the market surveillance authority in each Member State of deployment — the entity that will receive Art.65 notifications and conduct Art.66 surveillance	Provider	Before market placement
3	Build Art.65 incident notification workflow that simultaneously notifies all affected NCAs (or is designed to trigger Art.66 coordination immediately upon NCA receipt)	Provider	Before market placement
4	Register in the EU AI database under Art.49 for all deployed Member States — RAPEX and ICSMS checks will verify registration status during market surveillance activities	Provider	Before market placement
5	If provider is established in a third country: designate an EU-established authorised representative under Art.22 who can act as the Art.66(5) enforcement contact for all Member State NCAs	Third-country providers	Before market placement
6	Prepare a RAPEX response protocol: if a RAPEX notification is issued against your system, you have days (not weeks) to engage with all affected NCAs simultaneously	Provider	Before market placement
7	Conduct CLOUD Act conflict assessment: map which elements of your AI system infrastructure and training data are held by or accessible to US-incorporated entities — document the assessment	Provider	Before market placement
8	Establish an AI Board monitoring capability: track AI Board common market surveillance activities targeting your AI system category (Annex III) and participate proactively in any sweeps	Provider	Ongoing
9	Train your legal and compliance team on Art.66(4) simultaneous corrective measures: a corrective measure in one Member State may be simultaneously adopted in all others within 48–72 hours	Provider	Before market placement
10	Include Art.66 information exchange scope in your conformity assessment documentation: demonstrate awareness that market surveillance findings will be shared across all 27 Member States and factor this into your risk management system under Art.9	Provider	Conformity assessment

Series Context: Chapter IX Governance and Enforcement Framework

Article	Coverage	Post
Art.57	National Competent Authorities — designation, tasks, independence	Art.57 guide
Art.58	NCA enforcement powers — investigation, access, corrective measures	Art.58 guide
Art.59	AI Board — composition, independence, NCA coordination	Art.59 guide
Art.60	EU AI database — public registry, EUID governance, Commission management	Art.60 guide
Art.61	Scientific Panel — independent experts, model evaluation, AI Office advisory	Art.61 guide
Art.62	AI Office enforcement powers — corrective measures, market withdrawal, emergency action	Art.62 guide
Art.63	Advisory Forum — multi-stakeholder consultation, composition, tasks, CoP input	Art.63 guide
Art.64	Access to data and documentation — market surveillance authority enforcement powers	Art.64 guide
Art.65	Reporting of serious incidents — provider NCA notification obligations	Art.65 guide
Art.66	Market surveillance, information exchange, enforcement coordination	This guide
Art.67	Union safeguard procedure — escalation when NCAs adopt conflicting measures	Art.67 guide

EU AI Act Art.66 analysis based on Regulation (EU) 2024/1689 as published in the Official Journal of the European Union. Applicable from 2 August 2025 per Art.113(3). Market surveillance activities by national competent authorities will be conducted pursuant to Member State designation decisions and national administrative procedures; the RAPEX and ICSMS mechanisms described are the EU-level information exchange infrastructure that operates alongside those national procedures. This guide reflects the text of the Regulation as enacted and does not constitute legal advice.