EU AI Act in Germany: Enforcement, Authorities, and Business Obligations

Germany is the EU's largest economy and one of the heaviest AI deployers in manufacturing, financial services, and public administration. The EU AI Act — Regulation (EU) 2024/1689 — is directly applicable here without transposition into German law. What Germany does need to do, and what took longer than Brussels would have liked, is designate its enforcement authorities, grant them powers, and embed the Regulation into the existing fabric of German administrative law. That process is now underway.

This article sets out where Germany stands: the authorities designated, the implementing legislation working through the Bundestag, the interaction with GDPR and the BDSG, the corrected timeline following the Digital Omnibus, and what German companies should be doing now.

---

A Regulation, Not a Directive: No German Transposition Required

The EU AI Act is a Regulation. It entered into force on 1 August 2024 and applies directly in every Member State, including Germany, by virtue of Article 288 TFEU. German companies do not wait for a German law before obligations bite — Article 5's prohibited practices have applied since 2 February 2025, and GPAI obligations under Chapter V have applied since 2 August 2025.

What Germany must provide is the national enforcement infrastructure: designated authorities, domestic penalty procedures, and national measures for the areas where the Regulation explicitly leaves room for Member State discretion — such as how sectoral regulators interact, how Works Councils are consulted, and how AI literacy requirements under Article 4 are operationalised for public employers.

---

Germany's Implementing Law: The KI-MIG

Germany missed the 2 August 2025 deadline for designating national competent authorities — the prior coalition's collapse disrupted the legislative calendar. On 10 February 2026, the new Federal Cabinet approved an official government draft of the KI-MIG (Gesetz zur Durchführung der Verordnung über künstliche Intelligenz — Law on the Implementation of the AI Regulation, also described as the AI Market Surveillance and Innovation Promotion Act). As of early June 2026, the KI-MIG has been introduced into the Bundestag but has not yet been enacted. Parliamentary passage is expected before 2 August 2026, when general application of the Act — including the Article 50 limited-risk transparency obligations — commences.

The KI-MIG does three principal things: designates the national competent authorities; creates the domestic legal basis for enforcement powers and penalties; and introduces conforming amendments to other German statutes. Its passage does not change what obligations apply or when — those are set by the Regulation itself. It does determine which German authority can investigate and fine.

---

Who Enforces the EU AI Act in Germany?

Bundesnetzagentur: Central Authority

The KI-MIG designates the Bundesnetzagentur (Federal Network Agency) as Germany's primary market surveillance authority (MSA), notifying authority (NA), and single point of contact (SPoC) for the EU AI Office. The Bundesnetzagentur is already Germany's regulator for energy, telecoms, railways, and postal services — sectors with long experience of complex technical product regulation — and it brings that cross-sectoral coordination capacity to AI Act enforcement.

Within the Bundesnetzagentur, the draft KI-MIG establishes two internal structures:

• The UKIM (Unabhängige KI-Marktüberwachungskammer — Independent AI Market Surveillance Chamber), an operationally independent body within the Agency that conducts market surveillance activities for high-risk AI systems.
• The KoKIVO (Koordinierungs- und Kompetenzzentrum KI-VO — Coordination and Competence Centre for the AI Regulation), which pools expertise, supports federal and Länder authorities in applying the Regulation, and coordinates cross-authority enforcement.

As MSA, the Bundesnetzagentur has authority to audit technical documentation, review conformity assessments and Article 72 post-market monitoring records, issue corrective orders, require withdrawals or recalls, and impose the administrative fines under Article 99.

Sectoral Regulators Retain Domain Authority

The KI-MIG adopts a hybrid model: Bundesnetzagentur as the default central authority, with sectoral competent authorities retaining responsibility within their own regulatory domains.

BaFin (Federal Financial Supervisory Authority) supervises AI systems deployed by financial institutions under its oversight — credit scoring models, insurance risk engines, and algorithmic trading systems. BaFin has already published supervisory expectations for AI in banking and insurance; its AI Act mandate layers on top of those existing expectations. For a German regional lender using an AI credit-scoring tool, BaFin and the Bundesnetzagentur will both be relevant, and early engagement with BaFin's guidance is prudent.

BSI (Bundesamt für Sicherheit in der Informationstechnik) supports enforcement where AI systems intersect with cybersecurity and critical infrastructure (KRITIS). For providers claiming compliance with Article 15's accuracy, robustness, and cybersecurity requirements, BSI's technical guidance — in particular BSI-CS 147 — provides a national reference standard that complements the European harmonised standards being developed under Article 40.

BfDI and Länder DPAs occupy a contested position. The KI-MIG draft gives the Bundesnetzagentur default competence even for AI systems that handle personal data — a choice that drew sharp criticism from Germany's state data protection authorities, who argue that Article 74 of the Regulation assigns supervisory responsibility for high-risk AI in sensitive areas to the authorities already regulating those areas, which for data-protection-intensive deployments means the DPAs. The dispute is live and may be revisited before enactment. What companies should note: wherever a high-risk AI system processes personal data at scale — think recruitment screening, public-benefit eligibility decisions, or biometric categorisation — they should expect both the Bundesnetzagentur's market surveillance function and the relevant DPA to take an interest.

AI Office (Brussels): GPAI Oversight

Germany-based GPAI model providers — companies that develop and place general-purpose AI models on the market — are supervised not by the Bundesnetzagentur but directly by the EU AI Office in Brussels. The AI Office has competence over all GPAI model obligations under Articles 53 and 55, and the Bundesnetzagentur acts as its SPoC for German companies. German firms in the foundation-model or large-language-model space should engage with the AI Office's codes of practice process rather than treating GPAI compliance as a national matter.

---

How Germany's Enforcement Architecture Interacts with the GDPR and BDSG

The GDPR and the EU AI Act run in parallel for AI systems that process personal data — and that covers nearly every Annex III high-risk system. The GDPR, implemented in Germany through the Bundesdatenschutzgesetz (BDSG), does not disappear when the AI Act applies; the obligations stack.

The most practical interaction is between the GDPR's Article 35 Data Protection Impact Assessment (DPIA) and the Article 27 FRIA (Fundamental Rights Impact Assessment) that the AI Act requires of certain deployers. Both are mandatory prior to deployment for the systems they cover, both require an assessment of risks to fundamental rights, and both need to be documented and made available to supervisors. For a German federal agency deploying an AI tool to assess job-seeker eligibility, running both a DPIA under GDPR and a FRIA under Article 27 — and coordinating their findings — is not optional. The BfDI has published DPIA guidance that German public bodies should extend to cover the FRIA requirements; the two assessments can share much of their factual foundation.

A second interaction concerns logs and records. Article 12 of the EU AI Act requires record-keeping systems for high-risk AI; Article 22 of the GDPR governs automated decision-making and the obligation to provide meaningful information about the logic involved. A German company running an AI recruitment screening tool has simultaneous obligations under both instruments on documentation, transparency, and human review. The compliance workload is real — but the documentation built for one framework informs the other.

---

The EU AI Act Timeline as It Applies in Germany

Two points deserve emphasis for German businesses.

First, Article 5 is already live. The Bundesnetzagentur already has authority to act on prohibited practices — biometric categorisation by sensitive characteristics outside the permitted exceptions, real-time remote biometric identification in public spaces (outside the law-enforcement carve-outs), social scoring, and manipulation of persons exploiting vulnerabilities. Any German company or public body whose AI touches those categories should have completed its review months ago.

Second, the high-risk deadline is no longer August 2026. Under the Digital Omnibus — the Commission amendment package for which Parliament and Council reached political agreement on 7 May 2026, with formal adoption expected before 2 August 2026 — stand-alone high-risk Annex III systems now have until 2 December 2027, and high-risk AI embedded in Annex I regulated products have until 2 August 2028. The original August 2026 date has been deferred. That deferral is not a reprieve: building a full Article 9 risk management system, Annex IV technical documentation pack, Article 14 human oversight controls, and passing a conformity assessment under Article 43 takes most well-resourced organisations six to twelve months of focused work. Starting now is the right pace; starting in mid-2027 is not.

---

Penalties: What German Companies Actually Face

The penalty framework is Article 99 of the Regulation, applied by German authorities through the KI-MIG's domestic enforcement powers. There are three tiers:

• €35,000,000 or 7% of total worldwide annual turnover (whichever is higher) — for violations of the Article 5 prohibitions. This is the ceiling for deploying a banned AI practice.
• €15,000,000 or 3% — for non-compliance with most other obligations: high-risk AI requirements (Articles 9–15), provider obligations (Article 16), deployer obligations (Article 26), and Article 50 transparency duties.
• €7,500,000 or 1% — for supplying incorrect, incomplete, or misleading information to notified bodies or competent authorities.

For SMEs and start-ups, Article 99(6) provides a proportionality protection: the fine is capped at the lower of the fixed amount or the percentage. A German company with €20 million turnover cannot face a €15 million fine for a high-risk obligation breach — 3% of €20 million is €600,000, and that is the applicable ceiling.

Fines are maximums, not defaults. The Bundesnetzagentur will apply proportionality factors — duration of the infringement, degree of responsibility, cooperation with the investigation, and prior infringements — before arriving at a figure. But the ceiling is real, and the "€35M/7%" tier has applied since 2 August 2025 for companies persisting with prohibited practices.

One correction the existing German-market literature frequently gets wrong: the third tier is 1%, not 1.5%. There is no 1.5% tier anywhere in the Regulation.

GPAI-specific fines are a separate instrument: up to €15 million or 3%, imposed by the Commission directly on GPAI model providers under Article 101.

---

Germany-Specific Compliance Considerations

Machinery and Industrial AI: The Annex I Intersection

Germany's industrial base — automotive, mechanical engineering, chemicals, automation — means a large share of affected companies build AI into machinery and production systems. Where AI is a safety component of machinery covered by the revised Machinery Regulation (EU) 2023/1230, it falls into the Annex I / high-risk category and faces the longer 2 August 2028 deadline. But it also faces the most demanding conformity assessment pathway under Article 43: third-party assessment by a Notified Body, not self-assessment. German machinery manufacturers embedding AI into safety-critical systems should identify Notified Bodies early — capacity constraints at accredited bodies are already a concern.

Works Councils and Employment AI

Germany's Works Constitution Act (Betriebsverfassungsgesetz) grants Works Councils (Betriebsräte) co-determination rights under § 87(1) No. 6 over technical systems capable of monitoring employee behaviour or performance. AI-driven scheduling, performance scoring, recruitment tools, and task-allocation systems all fall within that scope.

The Article 26 deployer obligations — including human oversight, information to employees, and the Article 27 FRIA for certain deployers — interact with Works Council consultation rights. A German employer that deploys an Annex III employment AI system without completing Works Council co-determination proceedings faces simultaneous exposure under EU AI Act enforcement and German labour law. The practical sequence: initiate BetrVG consultation before EU AI Act FRIA, since the Works Council's questions about the system will generate documentation that feeds both processes.

Public Bodies: Mandatory FRIA and the Bundesagentur für Arbeit

German public bodies — federal agencies (Bundesbehörden), state Landesbehörden, and bodies such as the Bundesagentur für Arbeit — deploy AI in several of the Annex III categories with the highest societal stakes: public-benefit eligibility assessment, law enforcement risk tools, immigration processing, and educational evaluation.

Article 27 requires deployers who are public bodies (or who act in the public interest) to complete a FRIA before putting a high-risk AI system into service. The FRIA must be completed before deployment, documented, available for inspection by the Bundesnetzagentur, and updated when the deployment context changes materially. German public bodies should treat the Bundesnetzagentur's early enforcement focus as likely to land here first — public-sector compliance has high visibility and sets the standard others are expected to follow.

Deployer vs. Provider: The Article 25 Risk for German Customisers

Most German companies deploying third-party AI tools sit firmly in the deployer role under Article 26. But the Mittelstand practice of customising vendor applications — fine-tuning models on proprietary production data, adjusting parameters, integrating third-party AI into bespoke workflows — can push companies across the Article 25 line into provider obligations. Anyone who substantially modifies a high-risk AI system, or who places it on the market under their own name, must re-conduct conformity assessment and take on the full Article 16 provider stack. Many German engineering and software companies are unaware this threshold exists. If your company has adapted an AI procurement tool, a predictive maintenance model, or an HR screening system using your own data or configuration, the Article 25 analysis is not optional.

---

How Confir Helps German Companies

German compliance teams building their EU AI Act programmes face a documentation-heavy obligation set: Article 9 risk management records, Annex IV technical documentation, Article 27 FRIAs, Article 43 conformity preparation, Article 72 post-market monitoring logs, and an AI inventory to underpin all of it.

Confir is an EU-hosted compliance tool built specifically for this work. Its classification engine is rule-based and deterministic — it encodes Articles 5 and 6 with Annex III logic in explicit rules, so the same intake always produces the same finding with a human-readable explanation of which rule fired. It generates the full Annex IV technical documentation pack, the Article 47 / Annex V Declaration of Conformity, and the Article 27 FRIA. The compliance assessment spans four structured areas: risk classification (AIRC), data and technical robustness (AITR), transparency and human oversight (AITO), and governance and post-market monitoring (AIGM). Self-serve from €600 per year, no consulting engagement required.

---

What German Companies Should Do Now

Immediately (Article 5 obligations already apply): Audit any AI system that might involve biometric categorisation, social scoring, subliminal manipulation, exploitation of personal vulnerabilities, or real-time biometric identification in public spaces. If it fits an Article 5 category and no exemption applies, stop using it or restructure it. The prohibition has been enforceable since 2 February 2025.

Before 2 August 2026 (general application, Article 50): Any AI system that interacts with natural persons — chatbots, voice assistants, AI-generated content tools — must comply with Article 50's transparency and labelling requirements. Users must know when they are interacting with AI, when content is synthetically generated, and when emotion recognition is in use. This is not the high-risk deadline, but it is real and it is coming.

2026–2027 (high-risk preparation, Annex III systems): Companies with stand-alone Annex III systems have until 2 December 2027 under the Digital Omnibus deferral. Use 2026 to build the AI inventory and classification, identify which systems actually land in high-risk categories after applying the Article 6(3) filter, assign provider/deployer roles, and begin documentation. For employment AI, Works Council consultation should be initiated in parallel.

Ongoing: Monitor KI-MIG progress through the Bundestag. Watch for the Bundesnetzagentur's first enforcement actions — they will signal which sectors and which obligation types the authority is prioritising. Follow EU AI Office GPAI guidance if your company develops or integrates foundation models.

---

Related guides

• Mittelstand compliance requirements
• EU AI Act fundamentals
• BaFin AI governance alignment
• legal tech AI compliance
• Article 27 FRIA obligations
• extraterritorial AI Act scope