EU AI Act Article 23: Importer Obligations for High-Risk AI Systems
Article 23 EU AI Act: pre-market verification duties for importers of high-risk AI, 10-year record retention, and €15M/3% penalties from 2 Dec 2027.
You buy a high-risk AI system from a provider outside the EU — a workforce-screening tool developed in the United States, a credit-scoring model built in Singapore — and you place it on the Union market. At that moment you are an importer under Regulation (EU) 2024/1689, and Article 23 sets out exactly what you must verify, document, and do if something is wrong.
This guide explains every obligation, how the importer role differs from distributor (Article 24) and when it can shift entirely to provider (Article 25), and what a breach costs.
What Article 23 Actually Covers
The EU AI Act divides supply-chain accountability across four roles: provider, importer, distributor, and deployer. Importers sit between a non-EU provider and the Union market. Article 23 is designed to ensure that a system produced outside the EU arrives on the market only if it meets the same standards as a domestically built one.
The importer's obligations are front-loaded: most of them must be satisfied before the system is placed on the market, not after. If a system arrives non-conforming, the importer is the last line of defence before it reaches deployers.
Who Counts as an Importer Under Article 23?
An importer is any natural or legal person established in the EU that places a high-risk AI system on the Union market where the provider is established outside the EU.
Three conditions must all be true:
- The provider is not established in the EU (or, in practice, has not appointed an EU-based authorised representative under Article 22 who takes on provider-equivalent liability).
- You are placing the system on the market — meaning you are making it available for the first time in the EU, typically as the entity that enters into the commercial relationship with the non-EU provider and then supplies it onward.
- You are EU-established — a company or individual with a registered address in an EU Member State.
If you only distribute a system already placed on the market by someone else, you are a distributor (Article 24), not an importer. The distinction matters: importers must carry out pre-market verification; distributors perform a lighter gate-check on documentation that should already exist.
When the Role Shifts to Provider (Article 25)
Article 25 overrides the importer classification entirely if:
- You put your own name or trademark on the system as if you were the provider.
- You make a substantial modification to a high-risk system (changing its intended purpose or materially altering its outputs or safety behaviour).
- You place on the market or put into service a general-purpose AI system that has been modified for a high-risk intended purpose.
In any of those cases, you become a provider and inherit the full provider obligation stack under Article 16 — conformity assessment, technical documentation, quality management system, post-market monitoring, and incident reporting. That is a significantly heavier burden. White-labelling or deep customisation of a third-party high-risk AI system is therefore a decision with major compliance consequences.
Pre-Market Verification: What Article 23 Requires
Before placing a high-risk AI system on the Union market, the importer must verify that the provider has fulfilled its obligations. This is not a formality. Article 23 specifies five things to check.
1. Conformity assessment completed (Article 43)
The provider must have carried out the conformity assessment — the EU's term for the structured procedure that demonstrates, before market placement, that a system meets the high-risk requirements in Articles 9 through 15. For most Annex III systems this is an internal control procedure (Annex VI); for systems in Annex I product-safety categories (e.g., machinery, medical devices), a notified body may be involved (Annex VII). You cannot place the system on the market if this step is absent.
2. Technical documentation drawn up (Article 11, Annex IV)
The provider must have prepared the Article 11 technical documentation — the Annex IV package covering system description, development process, training data governance, risk management records, accuracy and robustness metrics, and instructions for use. As importer you are not expected to audit every page for technical accuracy; you must confirm it exists and is accessible.
3. CE marking affixed (Article 48)
The CE marking signals the provider's declaration that the system conforms to the Act. It must appear on the system, or where that is not possible, on the packaging or accompanying documentation. No CE marking, no market placement.
4. EU declaration of conformity accompanied (Article 47) and instructions for use provided (Article 13)
The system must be accompanied by a signed Article 47 declaration of conformity — a formal document naming the system, the provider, and the conformity assessment procedure relied upon. It must also come with Article 13 instructions for use: clear information enabling deployers to understand the system's capabilities, limitations, intended purpose, and human oversight requirements. Both must be in a language easily understood by deployers in the target Member States.
5. Authorised representative appointed where required (Article 22)
If the non-EU provider has not themselves taken steps to ensure EU-market compliance directly, they must appoint an EU-established authorised representative (Article 22) to act on their behalf with respect to the obligations in Article 16. As importer you should confirm this appointment exists and who holds it — the representative is the contact point for market surveillance authorities.
During and After Placement: Ongoing Importer Duties
Verification before market placement is necessary but not sufficient. Article 23 also imposes obligations that continue through the system's lifecycle.
Indicate Your Details on the System
The importer must indicate on the high-risk AI system — or, where that is not practicable, on the packaging or in the accompanying documentation — their name, registered trade name or trademark, and a contact address. This creates a traceable EU point of contact for market surveillance authorities and deployers. It is a simple obligation that is easy to overlook if the system arrives with only the provider's branding.
Ensure Compliant Storage and Transport
The importer must ensure that, while the system is under their responsibility, storage and transport conditions do not jeopardise its compliance with the high-risk requirements. In practice this is most relevant for AI systems embedded in physical hardware (sensors, medical devices, industrial equipment), but the obligation applies equally to software distributions — for example, ensuring that software packages are not tampered with in transit or that access controls on distribution channels preserve system integrity.
Keep Records for Ten Years
The importer must keep a copy of the Article 43 certificate of conformity (where a notified body was involved), the Article 47 declaration of conformity, and the Article 13 instructions for use, for ten years after the system has been placed on the market. Ten years is a long retention window. A regional medical-device importer, for example, that places an AI-assisted diagnostic system in 2027 needs to be able to produce that documentation through 2037. Build this into your records-management policy now.
Provide Documentation to Authorities on Request
Market surveillance authorities (national competent authorities designated under Article 74 et seq.) may request documentation and information to demonstrate the system's conformity. The importer must cooperate fully and provide access to records. Refusing or delaying is itself a breach.
Cooperate with Corrective Actions
If authorities determine that a system on the market presents a risk or is non-conforming, the importer must cooperate with any corrective measures they require — including recall, withdrawal, or modification.
If You Believe the System Is Non-Conforming
This is where Article 23 has real teeth. If the importer considers or has reason to believe that a high-risk AI system is not in conformity with the requirements of the Act, they must not place it on the market until it has been brought into conformity. The threshold is low: "reason to believe" does not require certainty. A red flag in the documentation, an absent CE marking, or a provider's inability to produce the declaration of conformity is enough.
Where the system presents a risk, the importer must also:
- Inform the provider immediately.
- Inform the market surveillance authorities in the Member States where the system was or would be made available, providing details of the non-conformity and any corrective steps taken.
The obligation to inform authorities is separate from and additional to stopping the placement. Importers who discover a risk after market placement must act without delay — passive notification to the provider is not sufficient.
Worked Example: Importing an HR Screening Tool
A 60-person recruitment agency in the Netherlands enters a contract with a US-based software company to distribute a CV-screening and candidate-ranking AI system across the Benelux market. The tool falls within Annex III category 4 (employment, workers management and access to self-employment). The Dutch agency is the importer.
Before placing the system on the market, the agency checks:
- The US provider's Article 43 conformity assessment record — present, internal-control procedure (Annex VI).
- The Annex IV technical documentation pack — present, accessible via a shared data room.
- CE marking — affixed to the software distribution medium and confirmed in the accompanying PDF.
- Article 47 declaration of conformity — signed by the US provider's EU-appointed authorised representative.
- Article 13 instructions — provided in English and Dutch.
- Article 22 authorised representative — a Dutch law firm holds the mandate; contact details confirmed.
The agency adds its own company name and Dutch contact address to the system's accompanying documentation. It stores copies of all conformity records under a ten-year retention policy.
Three months post-placement, the agency receives a complaint from a deployer that the system is producing anomalous results for candidates with non-Latin-script names. The agency has reason to believe the system may not meet Article 15 accuracy and robustness requirements. It suspends distribution of new licences, notifies the US provider, and reports the potential non-conformity to the Dutch Autoriteit Persoonsgegevens (the designated national competent authority). It does not distribute further until the provider issues a corrected version and a revised declaration of conformity.
That sequence — stop, notify provider, notify authority — is exactly what Article 23 requires.
Importer vs. Distributor: Key Differences
Article 23 (importer) and Article 24 (distributor) look similar on the surface — both require pre-market verification — but the obligations diverge in important ways.
| Obligation | Importer (Art 23) | Distributor (Art 24) |
|---|---|---|
| Who they are | EU entity placing system on market for the first time from a non-EU provider | Any supply-chain entity making system available, other than provider or importer |
| Pre-market verification | Conformity assessment, technical docs, CE marking, DoC, instructions, authorised rep | CE marking, DoC, instructions — lighter check on existing compliance |
| Must indicate own contact details | Yes — on system, packaging, or docs | No specific requirement |
| Storage and transport | Yes — must not jeopardise compliance | Yes — same duty |
| Record retention | 10 years (certificate + DoC + instructions) | Copy of DoC; cooperate with authorities |
| Non-conformity duty | Not place on market; inform provider and authorities if risk present | Not make available; inform provider and authorities |
The practical takeaway: if you are the first EU entity in the chain from a non-EU provider, you are an importer, and your obligations are heavier. Assuming you are a distributor when you are actually an importer is one of the most common structural misclassifications in cross-border AI supply chains.
Penalties for Importers
Breaches of Article 23 obligations fall under Article 99(4) of the Act. The maximum fine is €15,000,000 or 3% of total worldwide annual turnover for the preceding financial year, whichever is higher.
For companies that qualify as SMEs or start-ups under Article 99(6), the fine is capped at the lower of the two amounts — the fixed-sum ceiling replaces the percentage if turnover is modest. A company with €2M annual turnover would face a maximum of €60,000 (3% of €2M) rather than €15M. That is a genuine proportionality protection, but it does not eliminate the obligation.
The operative deadline for importers of stand-alone high-risk AI systems (Annex III) is 2 December 2027, under the Digital Omnibus political agreement reached in May 2026, which pushed back the original 2 August 2026 high-risk date. For high-risk AI embedded in Annex I regulated products (machinery, medical devices, etc.), the date is 2 August 2028. Fines under Article 99 became applicable from 2 August 2025 — so the enforcement machinery is already live.
How Confir Helps Importers
When you answer Confir's intake questions, it derives your role in the supply chain — including the importer classification under Article 23 — using rule-based, deterministic logic. Same intake, same finding, every time. No hallucination, no ambiguity about which obligations apply.
For importers, Confir records the pre-market verification checklist as a structured compliance task: conformity assessment confirmed, technical documentation reviewed, CE marking verified, declaration of conformity stored, authorised representative identified. Each item is logged in the immutable audit record. If a market surveillance authority requests evidence of your pre-placement due diligence, you have a timestamped paper trail, not a spreadsheet assembled after the fact.
The ten-year record-retention obligation is tracked automatically against each registered system, so you are not relying on a calendar reminder set in 2027 to surface in 2037.
Article 23 in the Broader Supply-Chain Picture
Article 23 does not sit in isolation. It connects to a web of adjacent obligations that importers must understand:
- Article 11 / Annex IV — the technical documentation you must confirm exists.
- Article 13 — the instructions for use you must verify are present and linguistically appropriate.
- Article 22 — the authorised representative you must confirm has been appointed.
- Article 43 — the conformity assessment the provider must have completed.
- Article 47 — the declaration of conformity you must retain for ten years.
- Article 48 — the CE marking you must verify before market placement.
- Article 24 — the lighter obligations of distributors downstream of you.
- Article 25 — the role-shift rules that could make you a provider if you rebrand or substantially modify the system.
- Article 72 — post-market monitoring obligations that sit with the provider, not with you — but which you may need to support by flagging performance issues you observe.
- Article 73 — serious-incident reporting, which the provider handles but which you may trigger by surfacing incidents.
Understanding where your obligations stop — and where the provider's begin — is the first step. Article 23 draws a clear line.
Related guides
- SMB compliance guide for Article 23
- importer role and scope definition
- Article 3 key definitions
- Article 49 EU database registration
- Article 13 transparency requirements
- risk management system implementation
- Article 26 deployer obligations
- provider versus deployer distinctions
Manage your EU AI Act compliance in one place
Confir automates risk classification, technical documentation, and audit trails for any company. No consultants. No 6-month projects. 7-day free trial.
Start free trial →