EU AI Act Art.79: AI System Risk Procedure at National Level — Developer Response Runbook and Investigation Management Guide (2026)
EU AI Act Article 79 is the procedural spine of national-level enforcement. It prescribes the exact sequence a market surveillance authority (MSA) must follow when it believes an AI system presents a risk to health, safety, or fundamental rights — and it creates mirror obligations on the other side: what providers, deployers, and distributors must do, how they can defend themselves, and how a national-level measure can escalate to EU-wide enforcement.
For developers, Art.79 is not a remote abstract threat — it is the formal procedure triggered by the very monitoring systems they are required to build under Art.72 (post-market monitoring) and Art.73 (deployer incident reporting). A serious incident flag, a PMM drift alert, a third-party complaint — any of these can become an Art.79 evaluation. The question is not whether an MSA will ever examine your AI system, but whether your organisation has built the response infrastructure to handle that examination effectively when it comes.
This guide covers Art.79 from the provider's side: what signals precede a formal evaluation, what due process rights exist once an evaluation is opened, how to prepare for and respond to corrective measure orders, when the Art.79 procedure escalates to the Commission, and how the Art.79 vs Art.82 procedural fork determines which enforcement track applies.
Art.79 became applicable on 2 August 2026 as part of the Chapter IX market surveillance enforcement framework.
Art.79 in the Chapter VIII–IX Enforcement Architecture
Art.79 sits at the transition point between MSA investigative powers (Art.74) and EU-level enforcement escalation (Art.80). Understanding its position in the sequence is essential for knowing when Art.79 applies:
| Article | Role | Art.79 Interface |
|---|---|---|
| Art.72 | Post-market monitoring | PMM data may generate Art.79(4) proactive notification trigger; MSA may reference PMM in Art.79(1) grounds |
| Art.73 | Deployer obligations | Serious incident reports are a primary Art.79(1) evaluation trigger |
| Art.74 | MSA investigative powers | Art.74(2) documentary/technical investigation precedes Art.79 formal evaluation; Art.74(9) provisional measures may run in parallel |
| Art.75 | Mutual assistance | MSA investigation data shared under Art.79(5) notification may trigger Art.75 cross-MSA coordination |
| Art.76 | Real-world testing supervision | Art.76 evaluation of test-phase systems may trigger Art.79 if risk found during testing |
| Art.77 | Scientific research supervision | Art.77-registered research exposing systemic risk may generate Art.79 grounds |
| Art.78 | Confidentiality | Art.78 protects provider data submitted during Art.79 investigation; authority obligations mirror Art.79 investigation data flow |
| Art.79 | Risk procedure at national level | This guide |
| Art.80 | Union safeguard procedure | Art.79(5) MSA notification → Art.80 Commission evaluation; Art.79 national measure may become EU-wide |
| Art.81 | Compliant systems presenting risk | Art.81 handles the edge case: Art.79 confirmed risk + full compliance → different measure pathway |
| Art.82 | Non-compliance notification | Art.82 handles non-compliance without risk (Art.79 handles risk regardless of compliance status) |
The Art.79 vs Art.82 fork is the most operationally important distinction for developers:
| Dimension | Art.79 | Art.82 |
|---|---|---|
| Trigger | AI system presents risk (whether compliant or not) | AI system is formally non-compliant (whether or not risk is confirmed) |
| Example | Compliant AI system causes unforeseen serious harm | Missing CE marking, no DoC, no EUAIDB registration |
| MSA burden | Must establish risk to health/safety/fundamental rights | Need only demonstrate formal non-compliance |
| Corrective measure | Risk-proportionate — corrective action, restriction, withdrawal, recall | Must address non-compliance — corrective action mandatory |
| Cross-border trigger | Art.79(5) notification → Art.80 Commission consultation | Art.82 direct notification to Commission and Member States |
| Commission role | Art.79(6) Commission consults before deciding | Commission receives Art.82 notification, may open Art.80 |
Art.79(1): Recognising Pre-Evaluation Signals — What Triggers an MSA Evaluation
Art.79(1) gives the MSA authority to initiate a formal evaluation when it has reasonable grounds to consider that an AI system presents a risk. This is a lower threshold than confirmed non-compliance. Providers should treat the following as Art.79 pre-signals — early warning that an evaluation may be opening:
Regulatory intelligence signals:
- Formal MSA request for documentation under Art.74(2)(a) that specifically references risk assessment
- MSA request for source code access under Art.74(6) beyond routine conformity check
- MSA inquiry about specific incidents reported under Art.73 or Art.72 PMM
Operational signals from your own systems:
- PMM drift alert crossing a performance threshold that approaches harmful outcomes
- Serious incident report that required Art.73 notification — MSAs may use these as Art.79(1) grounds
- Internal finding that an AI system is operating outside its intended purpose (Art.9 risk management deviation)
External signals:
- Art.79(5) notification received from another Member State's MSA indicating cross-border investigation
- Scientific Panel (Art.66) assessment flagging a GPAI component of your system as systemically risky
- Art.76 or Art.77 supervisory findings that remain unresolved after testing period
Response when signals appear (pre-formal evaluation):
The period between signal and formal Art.79 opening is the best time for voluntary remediation. MSAs have discretion under Art.79(1) — they may accept voluntary corrective action that forestalls formal investigation. Providers who proactively fix a flagged issue and document the fix in their QMS reduce the probability of a formal Art.79 evaluation.
Once the MSA formally opens an Art.79 evaluation, the cooperation obligation under Art.79(1) applies. Non-cooperation is a separate infringement (Art.99(5): fine up to €15 million or 3% of global annual turnover). Cooperation does not mean abandoning hearing rights — it means facilitating the evaluation while asserting procedural protections.
Art.79(2): Responding to a Corrective Measure Order
When an Art.79 evaluation confirms a risk or non-compliance, the MSA issues a corrective measure order. The measure must be proportionate to the severity of risk. The spectrum of Art.79(2) measures:
Art.79(2) Corrective Measure Spectrum
│
├── Level 1 — Corrective Action Order
│ Implement specific technical, organisational, or documentation fixes
│ within a specified deadline. Least restrictive measure.
│
├── Level 2 — Use Restriction
│ Restrict deployment to specific contexts, geographies, or
│ user populations within the Member State.
│
├── Level 3 — Market Withdrawal
│ Prohibit new placements on the market. Existing deployments
│ may continue under monitoring. Notify downstream deployers.
│
└── Level 4 — Recall
Remove all deployed instances. Notify end users.
Most severe measure — requires proportionality justification.
Mandatory Content of Art.79(2) Orders — Your Due Process Floor
Art.79(2) specifies four mandatory elements in any corrective measure order. The absence of any of these is grounds for challenge:
| Element | What to Check | Challenge Basis |
|---|---|---|
| Legal basis | Specific EU AI Act provision(s) and any referenced Annex | Order without legal basis is ultra vires — national administrative court challenge |
| Compliance timeline | "Reasonable period" commensurate with severity | Unreasonably short deadlines challengeable on proportionality grounds |
| Hearing right | Provider must have opportunity to respond before measures take effect | Order without hearing right violates Art.79(2) due process |
| Appeal information | Available remedies, competent courts, appeal deadlines | Non-disclosure of appeal routes is a procedural defect |
Hearing rights in practice:
The hearing right is the most valuable procedural protection in Art.79(2). It gives providers the opportunity to:
- Present counter-evidence challenging the MSA's risk assessment
- Propose alternative corrective measures (less restrictive than the MSA's proposed order)
- Demonstrate existing remediation steps already taken
- Challenge the MSA's technical methodology (request for independent expert review if disputed)
Hearing submissions should be technically precise. A response that simply says "we disagree with the risk finding" carries less weight than one that provides PMM data, conformity assessment evidence, and a specific remediation timeline with milestone dates.
Art.79(3)-(4): NCA Notification and Proactive Risk Disclosure
Art.79(3): MSA Informs the NCA
When an MSA takes Art.79(2) measures, it notifies the national competent authority (NCA). In many Member States the MSA and NCA are the same body; in sectoral contexts they are distinct. This matters to providers because:
- NCA notification may trigger coordination with other sectoral regulators (healthcare AI: NCA + health authority)
- NCA may escalate to the AI Board under Art.65 for horizontal consistency
- NCA notification creates a formal record that will inform future Art.74 surveillance intensity
Provider action: Ensure your response addresses not just the immediate MSA measure but potential follow-on NCA interest. Build consistency between Art.79 investigation responses and existing NCA-submitted compliance documentation.
Art.79(4): The Proactive Risk Notification Obligation
Art.79(4) is a frequently overlooked provider obligation: you must notify the MSA immediately if you become aware that your AI system presents a risk — without waiting for MSA initiation.
This obligation is distinct from Art.73 serious incident reporting (which triggers after a specific incident). Art.79(4) applies to systemic risk awareness from any source:
| Risk Discovery Scenario | Art.73 Report Required? | Art.79(4) Notification Required? |
|---|---|---|
| Specific user injury from AI output | Yes | Yes |
| PMM data showing bias trend approaching harm threshold | No (no incident yet) | Yes |
| New research demonstrating GPAI component risk | No | Yes, if reasonable grounds of risk exist |
| Internal red team finding before any harm | No | Yes |
| Deployer report indicating misuse pattern causing near-misses | Depends on severity | Yes |
Art.79(4) notification content requirements:
- Description of the identified risk (nature, scope, affected populations)
- AI system identifier (EUAIDB registration number if applicable)
- Steps already taken or planned to address the risk
- Relevant PMM data or incident data supporting the risk assessment
- Contact details for follow-up investigation
Proactive Art.79(4) notification is both a legal obligation and a strategic asset: MSAs treat voluntary disclosure more favourably than discovered risk. A provider who notifies under Art.79(4) and simultaneously submits a remediation plan is significantly better positioned than one whose risk was discovered through external Art.73 reports.
Art.79(5)-(7): Commission Notification Chain — When a National Measure Goes EU-Wide
Art.79(5): MSA Notifies Commission and All Member States
When an MSA takes Art.79(2) measures, it must immediately notify the Commission and all other Member States. This notification includes:
- Nature of the risk and corrective measures taken
- AI system identification and provider details
- Compliance status and any non-compliance found
- Results of any testing or technical evaluation
This Art.79(5) notification is the trigger for EU-wide escalation. Once the Commission receives the notification, it enters the Art.79(6) consultation process.
Provider strategy for the notification phase:
Providers have no direct right to participate in Art.79(5) notification itself — that is an MSA obligation. However, providers should:
- Ensure their Art.79(2) response record is complete before notification goes out
- Prepare a factual summary of the investigation and corrective steps taken — the Commission may request this during Art.79(6) consultation
- Engage legal counsel with EU administrative law expertise if the Art.80 escalation path opens
Art.79(6): Commission Consultation
The Commission consults Member States and relevant operators (which includes providers) to assess whether the national measure is justified. Provider input matters here: the Commission's assessment can go in three directions.
Art.79(7): Commission Decision — Three Outcomes
| Commission Finding | Outcome | Developer Impact |
|---|---|---|
| National measure is justified | Other Member States may adopt equivalent measures; harmonised EU-wide action possible | Art.79 measure becomes potentially EU-wide; provider must address compliance at EU level |
| National measure is unjustified | Member State must withdraw the measure | Provider can challenge national measure and seek withdrawal with Commission decision as support |
| No Commission decision within timeline | Member State's measure stands; Art.80 Union safeguard may open | Prolonged investigation period; monitor Art.80 developments |
CLOUD Act Risk for Art.79 Investigation Data
Art.79 investigations require providers to share documentation categories that may be stored on US-jurisdiction infrastructure. This creates dual-compellability risk:
| Data Category | Art.79 Requirement | CLOUD Act Risk | Mitigation |
|---|---|---|---|
| Annex IV technical documentation | MSA access under Art.74(2)(a) via Art.79 | If stored on US cloud (AWS/Azure/GCP), compellable under 18 U.S.C. § 2713 | EU-sovereign infrastructure for compliance documentation |
| PMM data and incident logs | Core evidence for Art.79(1) grounds and Art.79(2) proportionality | US cloud PMM data compellable without Art.78 override | EU-resident log storage; data residency contractual commitments |
| QMS records and training data documentation | Art.17 QMS review during Art.79 evaluation | US cloud QMS (Jira/Confluence) compellable; Art.78 does not override CLOUD Act | EU-native QMS infrastructure or end-to-end encryption with EU key control |
| Source code and model architecture | Art.74(6) access request within Art.79 procedure | Source code on US cloud compellable; Art.78(1)(a) IP protection does not override CLOUD Act | EU-resident code repositories; air-gapped training environments |
| Hearing submissions and legal strategy | Provider's Art.79(2) hearing response | Attorney-client privilege applies under EU/national law but may not extend under CLOUD Act | EU-incorporated legal counsel; EU-resident document management |
The structural mitigation is consistent: EU-sovereign infrastructure for data generated under EU AI Act obligations creates a single-regime legal environment where Art.78 confidentiality protections operate without CLOUD Act override risk.
Python Implementation: Art79InvestigationTracker
from dataclasses import dataclass, field
from datetime import date, timedelta
from enum import Enum
from typing import Optional
class Art79InvestigationPhase(Enum):
PRE_SIGNAL = "pre_signal"
FORMAL_EVALUATION = "formal_evaluation_opened"
CORRECTIVE_MEASURE_ISSUED = "corrective_measure_issued"
HEARING_SUBMITTED = "hearing_submitted"
MEASURE_FINALISED = "measure_finalised"
COMMISSION_NOTIFIED = "commission_art79_5_notified"
COMMISSION_CONSULTATION = "commission_art79_6_consultation"
RESOLVED = "resolved"
class Art79MeasureLevel(Enum):
CORRECTIVE_ACTION = 1
USE_RESTRICTION = 2
MARKET_WITHDRAWAL = 3
RECALL = 4
@dataclass
class Art79EvaluationSignal:
signal_date: date
signal_type: str # "art74_document_request" | "art73_incident" | "pmm_drift" | "external"
description: str
responded_to: bool = False
voluntary_remediation_taken: bool = False
@dataclass
class Art79CorrectiveMeasureOrder:
issued_date: date
measure_level: Art79MeasureLevel
legal_basis: str
compliance_deadline: date
hearing_right_stated: bool
appeal_info_stated: bool
provider_response_deadline: date = field(init=False)
def __post_init__(self):
# 10 working days for provider hearing response (standard administrative practice)
self.provider_response_deadline = self.issued_date + timedelta(days=14)
def has_mandatory_content(self) -> bool:
return bool(
self.legal_basis
and self.compliance_deadline
and self.hearing_right_stated
and self.appeal_info_stated
)
def can_challenge_procedurally(self) -> list[str]:
challenges = []
if not self.legal_basis:
challenges.append("Missing legal basis — ultra vires challenge viable")
if not self.hearing_right_stated:
challenges.append("Hearing right not stated — Art.79(2) due process violation")
if not self.appeal_info_stated:
challenges.append("Appeal information absent — procedural defect")
days_to_comply = (self.compliance_deadline - self.issued_date).days
if days_to_comply < 10:
challenges.append(
f"Compliance deadline {days_to_comply} days — may be disproportionate"
)
return challenges
@dataclass
class Art79ProactiveNotification:
discovery_date: date
risk_description: str
affected_populations: str
pmm_evidence_available: bool
notification_submitted_date: Optional[date] = None
remediation_plan_submitted: bool = False
def is_overdue(self) -> bool:
# Art.79(4) requires "immediate" notification
if self.notification_submitted_date is None:
return (date.today() - self.discovery_date).days > 1
return False
def notification_lag_days(self) -> Optional[int]:
if self.notification_submitted_date:
return (self.notification_submitted_date - self.discovery_date).days
return None
@dataclass
class Art79InvestigationTracker:
system_id: str
msa_member_state: str
investigation_opened_date: Optional[date] = None
current_phase: Art79InvestigationPhase = Art79InvestigationPhase.PRE_SIGNAL
signals: list[Art79EvaluationSignal] = field(default_factory=list)
corrective_measure: Optional[Art79CorrectiveMeasureOrder] = None
proactive_notification: Optional[Art79ProactiveNotification] = None
commission_notified_date: Optional[date] = None
cloud_act_risk_assessed: bool = False
def add_signal(self, signal: Art79EvaluationSignal) -> None:
self.signals.append(signal)
def open_formal_evaluation(self, opened_date: date) -> None:
self.investigation_opened_date = opened_date
self.current_phase = Art79InvestigationPhase.FORMAL_EVALUATION
def record_corrective_measure(self, order: Art79CorrectiveMeasureOrder) -> None:
self.corrective_measure = order
self.current_phase = Art79InvestigationPhase.CORRECTIVE_MEASURE_ISSUED
def procedural_challenges_available(self) -> list[str]:
if not self.corrective_measure:
return []
return self.corrective_measure.can_challenge_procedurally()
def hearing_deadline(self) -> Optional[date]:
if self.corrective_measure:
return self.corrective_measure.provider_response_deadline
return None
def days_until_hearing_deadline(self) -> Optional[int]:
deadline = self.hearing_deadline()
if deadline:
return (deadline - date.today()).days
return None
def is_art79_vs_art82_fork(self, is_formally_non_compliant: bool, risk_confirmed: bool) -> str:
if risk_confirmed and is_formally_non_compliant:
return "BOTH Art.79 (risk) and Art.82 (non-compliance) apply — parallel tracks"
elif risk_confirmed and not is_formally_non_compliant:
return "Art.79 only — Art.81 compliant-but-risky pathway if confirmed compliant"
elif not risk_confirmed and is_formally_non_compliant:
return "Art.82 only — formal non-compliance without confirmed risk"
else:
return "Neither Art.79 nor Art.82 triggered — no risk, no non-compliance"
def investigation_summary(self) -> dict:
return {
"system_id": self.system_id,
"msa": self.msa_member_state,
"phase": self.current_phase.value,
"signals_count": len(self.signals),
"corrective_measure_level": (
self.corrective_measure.measure_level.name
if self.corrective_measure else None
),
"hearing_deadline": str(self.hearing_deadline()) if self.hearing_deadline() else None,
"days_until_hearing": self.days_until_hearing_deadline(),
"procedural_challenges": self.procedural_challenges_available(),
"commission_notified": self.commission_notified_date is not None,
"cloud_act_risk_assessed": self.cloud_act_risk_assessed,
}
Usage example:
tracker = Art79InvestigationTracker(
system_id="EUID-2026-HR-AI-00142",
msa_member_state="Germany"
)
# Record a PMM drift signal
tracker.add_signal(Art79EvaluationSignal(
signal_date=date(2026, 5, 15),
signal_type="pmm_drift",
description="Bias metric crossing 0.15 threshold in high-risk Annex III hiring context",
voluntary_remediation_taken=True
))
# MSA opens formal evaluation
tracker.open_formal_evaluation(date(2026, 5, 28))
# MSA issues corrective measure order
order = Art79CorrectiveMeasureOrder(
issued_date=date(2026, 6, 3),
measure_level=Art79MeasureLevel.CORRECTIVE_ACTION,
legal_basis="Art.10(2)(f) training data representativeness — Annex III para.4",
compliance_deadline=date(2026, 7, 3),
hearing_right_stated=True,
appeal_info_stated=True
)
tracker.record_corrective_measure(order)
summary = tracker.investigation_summary()
print(f"Hearing deadline: {summary['hearing_deadline']}")
print(f"Days remaining: {summary['days_until_hearing']}")
print(f"Challenges available: {summary['procedural_challenges']}")
print(f"Art.79 vs Art.82: {tracker.is_art79_vs_art82_fork(False, True)}")
Art.79 Investigation Readiness Checklist
| # | Readiness Item | Evidence Required |
|---|---|---|
| 1 | PMM system generates Art.79(4)-triggering risk alerts above defined thresholds | PMM alert configuration + Art.79(4) notification SOP |
| 2 | Art.79(4) proactive notification procedure documented with "immediate" (≤1 business day) response obligation | Internal compliance SOP signed by DPO/CCO |
| 3 | MSA contact directory maintained for all deployment Member States | Current NCA/MSA contacts per Art.74(1) designation |
| 4 | Annex IV technical documentation reviewable and producible within 10 working days | Document management system audit trail |
| 5 | Hearing right strategy prepared: counter-evidence package, expert contacts, proportionality arguments | Legal team briefed; template hearing submission prepared |
| 6 | Art.79(2) order review process: checklist for mandatory content (legal basis, timeline, hearing right, appeal info) | Internal review SOP + escalation path to legal counsel |
| 7 | Art.79 vs Art.82 fork decision matrix integrated into incident response playbook | Incident classification flowchart with Art.79/Art.82 trigger criteria |
| 8 | CLOUD Act risk assessment for documentation categories stored on non-EU infrastructure | Infrastructure inventory + data residency mapping |
| 9 | Art.80 Commission escalation monitoring: register for RAPEX/ICSMS notifications relevant to your AI system | RAPEX subscription + Art.79(5) notification monitoring |
| 10 | Post-investigation QMS update procedure: Art.79 findings integrated into Art.9 risk management and Art.17 QMS | CAPA (Corrective and Preventive Action) template for Art.79 outcomes |