EU AI Act Art.35 Notified Bodies Coordination Group: Developer Guide (2026)
EU AI Act Article 35 establishes the Coordination Group of Notified Bodies — a Commission-chaired body that sits at the top of the EU's conformity assessment governance structure for high-risk AI systems. Where Art.33 defines what a notified body must be and Art.34 defines what it must do, Art.35 defines how notified bodies must coordinate their assessment practices across the EU to ensure that a conformity certificate issued by a German notified body reflects the same standards as one issued by a Swedish or Romanian body.
For AI system providers, Art.35 has practical consequence in three scenarios. First, when no harmonised standard covers your system's domain — coordination group guidance fills that gap and functions as the de facto conformity baseline the notified body will apply. Second, when you are evaluating which notified body to engage — a body that participates actively in the coordination group is more likely to apply current, peer-reviewed methodology. Third, when you have received inconsistent guidance from two different notified bodies — Art.35 creates the mechanism by which that inconsistency should be resolved.
Art.35 also introduces an important compliance architecture point: guidance documents issued by the coordination group are not legally binding in the same way as harmonised standards under Art.40 or common specifications under Art.41. But they are practically binding — a notified body that deviates from coordination group guidance must justify the deviation in writing, and such deviations are visible to national competent authorities and the Commission through the group's transparency and reporting mechanisms.
Art.35 in the EU AI Act Architecture
Art.35 occupies a specific layer in the conformity assessment governance stack:
| Article | Scope |
|---|---|
| Art.31 | Which conformity route applies — Annex VI (internal control) or Annex VII (notified body) |
| Art.33 | Who qualifies as a notified body — accreditation, competence, independence, notification |
| Art.34 | How notified bodies conduct assessments — applications, procedures, certificates, surveillance |
| Art.35 | How notified bodies coordinate — harmonised methodology, guidance documents, gap-filling where standards are absent |
| Art.40 | Harmonised standards — presumption of conformity for systems meeting EN standards |
| Art.41 | Common specifications — Commission-issued technical specifications where harmonised standards are absent |
| Art.48 | Provider's Declaration of Conformity (triggered by a successful Art.34/Art.31 conformity procedure) |
Art.35 sits between the procedural layer (Art.34) and the standards layer (Art.40/41). Its coordination group guidance is not a standard — it does not carry the presumption of conformity attached to harmonised standards under Art.40(3). But it represents the consensus view of all notified bodies on how to assess a system against a particular requirement when no standard governs the domain.
Art.35(1): Establishment and Mandate
Art.35(1) requires the Commission to establish a coordination group for all notified bodies designated under the EU AI Act. Key structural features:
| Element | Specification |
|---|---|
| Established by | Commission (not Member States) — a centralised coordination mechanism |
| Composition | One representative per designated notified body |
| Chair | A representative of the Commission |
| Relationship to EAIB | The European AI Office (Art.64) provides secretariat support and coordination with the EAIB |
| Legal basis | Mandatory — "shall establish", not discretionary |
The mandatory nature of Art.35(1) is significant: unlike earlier EU product safety directives where notified body coordination groups were informal or voluntary, the EU AI Act embeds the coordination group as a legal requirement. A notified body that refuses to participate in the group risks its designation status under Art.33 — consistency of assessment methodology is a qualification criterion, not an optional extra.
Developer implication: The existence of a mandatory coordination group means that assessment methodology should converge across the EU over time. Early-stage divergence (where different bodies apply different standards to the same system) is a transitional problem, not a permanent feature.
Art.35(2): Participation Obligations
Art.35(2) establishes the participation obligation for notified bodies. The text specifies that notified bodies shall participate in activities of the group where relevant to the types of conformity assessment for which they were designated.
This scoping qualifier is important:
| Body Type | Participation Scope |
|---|---|
| Notified body designated for Annex III point 1 (biometric) | Full participation — must attend sessions covering biometric AI assessment methodology |
| Notified body designated for Annex III points 2–8 | Participation in sessions covering their specific designation scope |
| Notified body with general Annex III designation | Full participation across all working groups |
The group shall also:
- Coordinate and share information on issues related to conformity assessment under the EU AI Act
- Support consistent application of assessment methodologies across Member States
- Interface with other sector-specific expert groups established under EU law (e.g., MDCG for medical devices, CARS for automotive)
Cross-sector coordination: Art.35(2) explicitly envisions cooperation with bodies like the Medical Device Coordination Group (MDCG) for AI systems that are also medical devices under MDR/IVDR. This matters for providers in the health sector: a notified body applying the Annex VII route to a medical AI system will participate in coordination group activities that cross-reference MDCG guidance — and the resulting assessment methodology will reflect both AI Act and MDR requirements.
Art.35(3): Guidance Documents — The Consensus Mechanism
Art.35(3) is the most operationally significant paragraph for providers. It requires the coordination group to:
"draw up, adopt, and publish guidance to support the consistent application of this Regulation, in particular with regard to the application of harmonised standards or common specifications"
Three Tiers of Guidance
The coordination group issues guidance across three tiers:
| Tier | Scope | Effect |
|---|---|---|
| Tier 1: Standards Guidance | Interpretation of harmonised standards (Art.40) or common specifications (Art.41) for specific AI system types | Notified bodies that follow this guidance benefit from reduced audit scrutiny from national authorities |
| Tier 2: Gap-Filling Guidance | Assessment methodology for domains where no harmonised standard or common specification exists | Functions as the de facto assessment baseline; bodies deviating must justify in writing |
| Tier 3: General Guidance | Application of EU AI Act requirements across all conformity procedures | Persuasive but not binding; relevant for internal control (Annex VI) providers too |
Guidance vs. Harmonised Standards
A common provider confusion is treating coordination group guidance as equivalent to harmonised standards. They are not:
| Document Type | Legal Authority | Presumption of Conformity | Publication Channel |
|---|---|---|---|
| Harmonised standard (Art.40) | Adopted by ESOs (CEN/CENELEC/ETSI), published in OJ | Yes — Art.40(3) presumption | Official Journal of the EU |
| Common specification (Art.41) | Adopted by Commission via implementing act | Yes — Art.41(5) presumption | Official Journal of the EU |
| Coordination group guidance (Art.35) | Adopted by group consensus, endorsed by Commission | No — deviation must be justified | Commission/EAIB website |
| Individual notified body methodology | Body-internal | No | Assessment report only |
The practical consequence: where harmonised standards exist, providers benefit from a presumption of conformity. Where no standards exist and the coordination group has issued guidance, the guidance sets the methodology baseline but does not create a presumption — the assessment still requires substantive review.
Publication Transparency
Art.35(3) requires guidance to be published — unlike individual notified body methodology, which may be treated as proprietary internal documentation. Published guidance creates:
- Predictability for providers: You can review guidance before submitting your application, structure technical documentation to address the guidance criteria, and identify gaps.
- Accountability for notified bodies: Deviations from published guidance are visible to other bodies, national authorities, and the Commission.
- Level playing field: Small notified bodies in newer Member States access the same methodology as large, established bodies — reducing competitive divergence.
Art.35(4): Filling the Standards Gap
Art.35(4) creates a specific mechanism for the coordination group to operate where harmonised standards or common specifications are absent or insufficient:
"The group shall draw up guidelines where harmonised standards or common specifications are absent or insufficient."
This provision is particularly important in the current transitional period, because:
- Harmonised standards under Art.40 are still being developed by CEN/CENELEC and ETSI
- Common specifications under Art.41 require Commission implementing acts that take time to produce
- Meanwhile, notified bodies must conduct assessments NOW using Art.35 guidance as their methodology baseline
Gap-Filling Timeline
The EU AI Act transitional framework creates a phased guidance environment:
| Phase | Period | Guidance Source |
|---|---|---|
| Pre-standards (2024–2025) | August 2024 – mid-2025 | Coordination group gap-filling guidance primary |
| Partial standards (2025–2026) | Mid-2025 – August 2026 | Mixture: harmonised standards where available, coordination group guidance for gaps |
| Full standards (2026+) | Post August 2026 | Harmonised standards primary; coordination group guidance supplementary |
For providers preparing for mandatory compliance from August 2026 (when Annex III high-risk obligations become fully applicable), the coordination group's gap-filling guidance is the operative benchmark for documentation and assessment preparation.
Guidance Adequacy Assessment
Art.35(4) also authorises the group to assess whether existing harmonised standards or common specifications are insufficient — not just absent. Insufficiency determinations can trigger:
- A formal request to the ESO to revise or extend the standard
- A Commission process to update or replace common specifications
- Interim coordination group guidance to bridge the gap until the standard is updated
Art.35 × Art.33/34/40/41 Intersection Matrix
Art.35 interacts with the other conformity assessment articles across four key dimensions:
| Intersection | Art.35 Role | Practical Effect |
|---|---|---|
| Art.35 × Art.33 | Coordination group participation = Art.33 competence indicator | A notified body that fails to participate in the group may be flagged by national authority for competence review. Body selection due diligence should include confirming participation |
| Art.35 × Art.34 | Coordination group guidance governs Art.34(2) assessment methodology | Where the group has issued guidance for your system's domain, the Art.34 assessment will apply that guidance. Providers should review published guidance before preparing Annex IV documentation |
| Art.35 × Art.40 | Coordination group guidance supplements and interprets harmonised standards | Where EN standards exist but are ambiguous on a specific technical point, coordination group guidance provides the authoritative interpretation the notified body will apply |
| Art.35 × Art.41 | Coordination group guidance fills gaps not yet covered by Commission common specifications | Until the Commission issues common specifications for your system's domain, coordination group gap-filling guidance is the operative baseline |
Compliance architecture implication: Your conformity assessment preparation should consult guidance in this priority order:
- Harmonised standards (Art.40) — binding on notified body with presumption of conformity
- Common specifications (Art.41) — binding on notified body with presumption of conformity
- Coordination group guidance (Art.35) — notified body's methodology baseline; no presumption but deviation requires justification
- Individual notified body methodology — fallback where none of the above exists
Practical Implications for Providers
Body Selection Due Diligence
When selecting a notified body under Art.34(1), providers should verify coordination group participation:
- Request confirmation from the body that they are represented in the coordination group
- Ask which coordination group working groups the body participates in (relevant to your system's Annex III category)
- Request copies of any coordination group guidance the body has adopted for your system's domain
A body that cannot produce evidence of coordination group participation is a risk indicator — its assessment methodology may diverge from the EU-wide baseline.
Documentation Alignment
Before submitting an Annex IV documentation package under Art.34(1), review available coordination group guidance:
- Identify your system's Annex III category (point 1–8)
- Search the Commission/EAIB website for coordination group guidance covering that category
- Map your Annex IV documentation to the guidance criteria
- For criteria not covered by harmonised standards, structure your evidence to explicitly address coordination group guidance points
Consistency Disputes
If you receive inconsistent assessment outcomes from two different notified bodies (e.g., one issues a certificate while another refuses for the same system design), Art.35 provides the resolution mechanism:
- Document the specific technical disagreement with reference to the applicable requirements
- Request the refusing body to identify which coordination group guidance it applied
- Compare the refusing body's methodology with published coordination group guidance
- If the refusing body deviates from published guidance without written justification, escalate to the national designating authority
CLOUD Act × Coordination Group Records
The CLOUD Act jurisdiction risk for Art.35 operates at two levels.
Level 1: Provider Documentation in Assessment Records
When a notified body conducts an Art.34 assessment, the assessment records include the provider's Annex IV technical documentation package. If the notified body stores these records on US-provider cloud infrastructure, the CLOUD Act creates parallel US government access rights to that documentation — independent of EU data protection law and without prior notification to the provider.
For AI systems with security-sensitive or trade-secret documentation in the Annex IV package, this risk is material. Assessment records retained for 10 years (Art.34(5)) under a notified body that uses US cloud infrastructure are subject to CLOUD Act compellability for that entire retention period.
Level 2: Coordination Group Working Documents
The coordination group itself produces internal working documents — draft guidance, assessment case studies, technical analyses — before publishing final guidance. If the Commission's secretariat for the coordination group stores these documents on US-cloud infrastructure (common in EU institutions using Microsoft 365 or similar services), the working documents — which may contain detailed technical analysis of specific AI system designs submitted as anonymised case studies — could be subject to CLOUD Act disclosure.
EU-native infrastructure advantage: Providers that deploy AI systems on EU-native PaaS infrastructure (jurisdiction-isolated, no parent entity subject to US law) create a structural CLOUD Act firewall. The notified body may still use US cloud infrastructure for its own records — but the provider's deployed system and production data remain outside CLOUD Act reach.
Python Implementation
1. CoordinationGroupGuidance
Represents a guidance document issued by the Art.35 coordination group, tracking its scope, applicability, and relationship to harmonised standards.
from dataclasses import dataclass, field
from datetime import date
from enum import Enum
from typing import Optional
class GuidanceTier(Enum):
STANDARDS_INTERPRETATION = "standards_interpretation" # Art.35(3) Tier 1
GAP_FILLING = "gap_filling" # Art.35(4) primary
GENERAL_APPLICATION = "general_application" # Art.35(3) Tier 3
class GuidanceStatus(Enum):
DRAFT = "draft"
ADOPTED = "adopted"
PUBLISHED = "published"
SUPERSEDED = "superseded"
@dataclass
class AnnexIIIScope:
point: int # 1-8
sub_point: Optional[str] = None # e.g. "a", "b" for point 1
description: str = ""
@dataclass
class CoordinationGroupGuidance:
document_id: str
title: str
tier: GuidanceTier
status: GuidanceStatus
adoption_date: Optional[date]
publication_date: Optional[date]
annex_iii_scope: list[AnnexIIIScope]
referenced_harmonised_standards: list[str] = field(default_factory=list)
referenced_common_specifications: list[str] = field(default_factory=list)
supersedes_document_id: Optional[str] = None
deviation_requires_written_justification: bool = True
def is_operative(self) -> bool:
"""Guidance is operative if published and not superseded."""
return (
self.status == GuidanceStatus.PUBLISHED
and self.publication_date is not None
and self.publication_date <= date.today()
)
def covers_annex_iii_point(self, point: int, sub_point: Optional[str] = None) -> bool:
for scope in self.annex_iii_scope:
if scope.point == point:
if sub_point is None or scope.sub_point is None:
return True
if scope.sub_point == sub_point:
return True
return False
def fills_standards_gap(self) -> bool:
return (
self.tier == GuidanceTier.GAP_FILLING
and len(self.referenced_harmonised_standards) == 0
and len(self.referenced_common_specifications) == 0
)
def to_assessment_baseline(self) -> dict:
return {
"document_id": self.document_id,
"title": self.title,
"tier": self.tier.value,
"operative": self.is_operative(),
"deviation_requires_justification": self.deviation_requires_written_justification,
"standards_gap_filler": self.fills_standards_gap(),
"annex_iii_scope": [
{"point": s.point, "sub_point": s.sub_point}
for s in self.annex_iii_scope
],
}
2. NotifiedBodyMethodologyTracker
Tracks which coordination group guidance a notified body has adopted, any deviations, and whether deviations were justified in writing — as required when a body departs from the coordination group's consensus methodology.
from dataclasses import dataclass, field
from datetime import date
from enum import Enum
from typing import Optional
class MethodologyAdoptionStatus(Enum):
ADOPTED = "adopted"
ADOPTED_WITH_DEVIATION = "adopted_with_deviation"
DEVIATED_WITHOUT_JUSTIFICATION = "deviated_without_justification"
NOT_APPLICABLE = "not_applicable"
UNDER_REVIEW = "under_review"
@dataclass
class GuidanceAdoption:
guidance_document_id: str
notified_body_nando_id: str
adoption_date: date
status: MethodologyAdoptionStatus
deviation_description: Optional[str] = None
written_justification_filed: bool = False
national_authority_informed: bool = False
@dataclass
class CoordinationGroupParticipation:
notified_body_nando_id: str
working_groups: list[str] = field(default_factory=list)
last_participation_date: Optional[date] = None
participation_confirmed: bool = False
class NotifiedBodyMethodologyTracker:
def __init__(self, notified_body_nando_id: str):
self.nando_id = notified_body_nando_id
self.adoptions: list[GuidanceAdoption] = []
self.participation: Optional[CoordinationGroupParticipation] = None
def record_participation(
self,
working_groups: list[str],
last_participation_date: date,
) -> None:
self.participation = CoordinationGroupParticipation(
notified_body_nando_id=self.nando_id,
working_groups=working_groups,
last_participation_date=last_participation_date,
participation_confirmed=True,
)
def adopt_guidance(
self,
guidance_document_id: str,
adoption_date: date,
deviation_description: Optional[str] = None,
written_justification_filed: bool = False,
) -> GuidanceAdoption:
if deviation_description:
if written_justification_filed:
status = MethodologyAdoptionStatus.ADOPTED_WITH_DEVIATION
else:
status = MethodologyAdoptionStatus.DEVIATED_WITHOUT_JUSTIFICATION
else:
status = MethodologyAdoptionStatus.ADOPTED
adoption = GuidanceAdoption(
guidance_document_id=guidance_document_id,
notified_body_nando_id=self.nando_id,
adoption_date=adoption_date,
status=status,
deviation_description=deviation_description,
written_justification_filed=written_justification_filed,
)
self.adoptions.append(adoption)
return adoption
def unjustified_deviations(self) -> list[GuidanceAdoption]:
return [
a for a in self.adoptions
if a.status == MethodologyAdoptionStatus.DEVIATED_WITHOUT_JUSTIFICATION
]
def participation_risk_assessment(self) -> dict:
"""Assess the risk that this body's methodology diverges from coordination group consensus."""
if not self.participation or not self.participation.participation_confirmed:
participation_risk = "HIGH — no confirmed participation in coordination group"
elif (
self.participation.last_participation_date
and (date.today() - self.participation.last_participation_date).days > 365
):
participation_risk = "MEDIUM — last confirmed participation >12 months ago"
else:
participation_risk = "LOW — active participation confirmed"
unjustified = self.unjustified_deviations()
deviation_risk = (
f"HIGH — {len(unjustified)} unjustified deviation(s) from coordination group guidance"
if unjustified
else "LOW — no unjustified deviations"
)
return {
"nando_id": self.nando_id,
"participation_risk": participation_risk,
"deviation_risk": deviation_risk,
"unjustified_deviation_count": len(unjustified),
"total_guidance_adoptions": len(self.adoptions),
"recommendation": (
"Consider alternative notified body"
if unjustified or not self.participation
else "Body methodology alignment acceptable"
),
}
3. HarmonisedAssessmentVerifier
Verifies that a conformity assessment report follows the correct hierarchy of guidance sources — harmonised standards first, common specifications second, coordination group guidance third — and flags gaps where no applicable guidance exists at any level.
from dataclasses import dataclass, field
from datetime import date
from enum import Enum
from typing import Optional
class GuidanceSourceType(Enum):
HARMONISED_STANDARD = "harmonised_standard" # Art.40 — presumption of conformity
COMMON_SPECIFICATION = "common_specification" # Art.41 — presumption of conformity
COORDINATION_GROUP_GUIDANCE = "coordination_group_guidance" # Art.35 — no presumption
NOTIFIED_BODY_OWN_METHODOLOGY = "notified_body_own_methodology" # fallback
NO_GUIDANCE_AVAILABLE = "no_guidance_available" # gap
@dataclass
class AssessmentRequirementCoverage:
requirement_reference: str # e.g. "Art.9(1) risk management"
guidance_source: GuidanceSourceType
guidance_document_id: Optional[str]
presumption_of_conformity: bool
deviation_from_coordination_group: bool = False
deviation_justification: Optional[str] = None
class HarmonisedAssessmentVerifier:
def __init__(self, system_id: str, notified_body_nando_id: str):
self.system_id = system_id
self.nando_id = notified_body_nando_id
self.coverage: list[AssessmentRequirementCoverage] = []
def add_coverage(self, coverage: AssessmentRequirementCoverage) -> None:
self.coverage.append(coverage)
def verify_guidance_hierarchy(self) -> dict:
"""
Check that assessment follows the Art.35/40/41 guidance hierarchy.
Reports gaps where body fell back to own methodology without coordination group guidance.
"""
gaps: list[str] = []
unjustified_deviations: list[str] = []
own_methodology_count = 0
for c in self.coverage:
if c.guidance_source == GuidanceSourceType.NO_GUIDANCE_AVAILABLE:
gaps.append(c.requirement_reference)
elif c.guidance_source == GuidanceSourceType.NOTIFIED_BODY_OWN_METHODOLOGY:
own_methodology_count += 1
if c.deviation_from_coordination_group and not c.deviation_justification:
unjustified_deviations.append(c.requirement_reference)
return {
"system_id": self.system_id,
"nando_id": self.nando_id,
"total_requirements_assessed": len(self.coverage),
"harmonised_standard_coverage": sum(
1 for c in self.coverage
if c.guidance_source == GuidanceSourceType.HARMONISED_STANDARD
),
"common_specification_coverage": sum(
1 for c in self.coverage
if c.guidance_source == GuidanceSourceType.COMMON_SPECIFICATION
),
"coordination_group_guidance_coverage": sum(
1 for c in self.coverage
if c.guidance_source == GuidanceSourceType.COORDINATION_GROUP_GUIDANCE
),
"own_methodology_coverage": own_methodology_count,
"gaps": gaps,
"unjustified_deviations": unjustified_deviations,
"compliance_status": (
"BREACH_RISK"
if unjustified_deviations
else ("GAP_RISK" if gaps else "COMPLIANT")
),
}
def presumption_coverage_ratio(self) -> float:
"""
Ratio of requirements covered by Art.40/41 guidance (which carry presumption of conformity).
Higher is better — means more of the assessment benefits from legal presumption.
"""
if not self.coverage:
return 0.0
presumption_count = sum(1 for c in self.coverage if c.presumption_of_conformity)
return presumption_count / len(self.coverage)
def methodology_gap_report(self) -> list[dict]:
"""
Full report on requirements with no coordination group guidance —
these are the highest-risk areas for assessment inconsistency across bodies.
"""
return [
{
"requirement": c.requirement_reference,
"source": c.guidance_source.value,
"guidance_document": c.guidance_document_id,
"has_presumption": c.presumption_of_conformity,
"deviation_unjustified": (
c.deviation_from_coordination_group and not c.deviation_justification
),
}
for c in self.coverage
if c.guidance_source in {
GuidanceSourceType.NOTIFIED_BODY_OWN_METHODOLOGY,
GuidanceSourceType.NO_GUIDANCE_AVAILABLE,
}
]
Art.35 40-Item Compliance Checklist for Providers
Pre-Assessment Preparation (Art.35 Guidance Review)
- Search Commission/EAIB website for all published coordination group guidance documents
- Identify which guidance documents apply to your Annex III category (point 1–8)
- Download and read Tier 1 guidance (harmonised standard interpretation) relevant to your domain
- Download and read Tier 2 guidance (gap-filling) for areas where no harmonised standard exists
- Map your Annex IV documentation to the criteria listed in applicable coordination group guidance
- Identify gaps in your documentation relative to guidance criteria — address before submission
- Confirm with your selected notified body which coordination group guidance they apply
- Request the body to confirm their participation in the coordination group working group for your Annex III category
- Ask the body whether they are aware of any pending guidance updates that would affect your assessment
- Set a documentation freeze date at least 30 days before assessment to allow guidance review
Notified Body Selection (Art.35 × Art.33)
- Confirm the body is a designated notified body in the NANDO database for your Annex III scope
- Ask the body for their coordination group participation record (working groups, last attendance date)
- Request evidence that the body has adopted current coordination group guidance for your domain
- Check whether the body has filed written justifications for any deviations from coordination group guidance
- If deviations exist, evaluate whether the deviation strengthens or weakens the assessment for your system
- Prefer bodies with formal participation in the coordination group working group relevant to your Annex III category
- Avoid bodies that cannot produce a documented methodology aligned with coordination group guidance
- For Annex III point 1 (biometric) systems, confirm body participates in the biometric-specific working group
- For health sector AI (Annex III point 5), confirm body coordinates with MDCG per Art.35(2) cross-sector requirement
- Record your due diligence findings in an internal "body selection justification" document
Assessment Scope (Art.35 × Art.34)
- Confirm that the Art.34 assessment plan references the applicable coordination group guidance documents
- Verify that the body's assessment questionnaire aligns with the criteria in published guidance
- Request the body's written methodology for any requirement area not covered by harmonised standards
- Confirm that the body applies coordination group gap-filling guidance (not own methodology) where the group has issued guidance
- For each assessment requirement, confirm which guidance source the body will apply (Art.40/Art.41/Art.35/own)
- Document the guidance source hierarchy for each Annex IV section in your internal compliance log
- Confirm that the body will flag any assessment areas where no guidance exists at any level
- Request advance notice if the body intends to apply own methodology for any requirement — review for deviation risk
- Establish an internal review process to evaluate body methodology against published coordination group guidance before assessment completes
- Maintain records of all coordination group guidance documents consulted during assessment preparation
Post-Assessment (Art.35 Ongoing Obligations)
- Monitor the Commission/EAIB website for new or updated coordination group guidance quarterly
- When new guidance is published: assess whether it affects your certified system's compliance status
- If new guidance introduces requirements your system does not meet: initiate an Art.23 substantial modification assessment
- Inform your notified body of any new coordination group guidance published after your certificate was issued
- Request the body's position on new guidance as part of the Art.34(5) surveillance process
- Maintain a coordination group guidance register alongside your harmonised standards register
- Include coordination group guidance document IDs in your Art.48 Declaration of Conformity supplementary information
- For multi-Member State deployments: verify that notified bodies in different jurisdictions apply consistent coordination group guidance
- If you receive inconsistent assessments from two bodies: document the technical discrepancy with reference to coordination group guidance and escalate to the national designating authority
- Build coordination group guidance review into your annual AI governance review cycle
Art.35 Enforcement Exposure
| Scenario | Risk |
|---|---|
| Notified body applies own methodology where coordination group guidance exists without written justification | Certificate may be challenged as procedurally defective — provider at risk of market surveillance action |
| Provider selects notified body that does not participate in coordination group | Assessment methodology may diverge from EU baseline — certificate validity contestable by national authority |
| Assessment does not reference coordination group guidance for a gap-filling area | Assessment report may be deemed insufficient under Art.34(2), triggering re-assessment obligation |
| New coordination group guidance issued post-certificate contradicts assessment findings | Provider must assess Art.23 substantial modification implications — failing to do so = Art.99 exposure |
| Inconsistent certifications across Member States (same system, different outcomes) | National authority escalation to Commission; coordination group consulted to resolve divergence |
See Also
- EU AI Act Art.34: Procedural Obligations of Notified Bodies — the assessment procedure that Art.35 coordination group guidance governs
- EU AI Act Art.33: Obligations for Notified Bodies — how coordination group participation interacts with notified body qualification requirements
- EU AI Act Art.40: Harmonised Standards for High-Risk AI — the first-tier guidance source that Art.35 coordination group interprets and supplements
- EU AI Act Art.31: Conformity Assessment Procedure — route selection: when the Annex VII path (governed by Art.35 methodology) is required
- EU AI Act Art.17: Quality Management System Requirements — the QMS that coordination group guidance on Annex VII Appendix 2 assessments governs