Summary No, the proposed Cloud and AI Development Act (CADA) does not impose penalties directly on AI model providers acting solely in that capacity. As proposed, CADA's penalty regime in Article 24 applies exclusively to "cloud computing service providers" who infringe the cloud sovereignty framework. The definition of a cloud computing service explicitly excludes "the AI system itself and its underlying model." AI model providers are regulated under the separate EU AI Act (Regulation (EU) 2024/1689), which carries its own distinct enforcement mechanisms and penalty tiers (up to €35 million or 7% of turnover under Article 99). However, if an entity provides both cloud infrastructure and AI models, it may face dual liability: CADA penalties for the infrastructure service and AI Act penalties for the model.

Detail

The Cloud and AI Development Act (CADA), proposed in COM(2026) 502 final, establishes a framework to strengthen Europe's cloud and AI ecosystem. A critical component of this framework is the Union cloud computing sovereignty framework (Title IV, Chapter I), which defines four "Union assurance levels" for cloud services. The enforcement of these levels, and the penalties for non-compliance, are strictly bounded by the regulation's scope.

The Scope Limitation: Cloud vs. AI Model

The applicability of CADA penalties hinges entirely on the definition of the regulated actor. Article 2(1) defines a "cloud computing service" by reference to Directive (EU) 2022/2555 (NIS2), describing it as a digital service enabling on-demand administration and broad remote access to a scalable and elastic pool of shareable computing resources.

Crucially, Article 2(10) of the CADA proposal clarifies the boundary between cloud services and AI systems:

"This definition of 'cloud computing service' encompasses on-demand access to AI systems as defined in Article 3, point (1), of Regulation (EU) 2024/1689 ('Artificial Intelligence Act')... hosted and operated remotely. Only the delivery and making available of an AI system forms part of the service. The AI system itself and its underlying model are excluded from the scope of this definition."

This exclusion is the decisive factor. An entity that solely develops, trains, and places an AI model on the market (a "provider" under the AI Act) without providing the underlying scalable computing infrastructure or the service interface for on-demand access to computing resources is not a "cloud computing service provider" under CADA. Consequently, such an entity is not subject to the obligations in Title IV, Chapter I, nor the penalties associated with infringing them.

Article 24: The Penalty Regime for Cloud Providers

For entities that do qualify as cloud computing service providers, Article 24 establishes the penalty framework. It is important to note that CADA does not set fixed fine amounts at the EU level; instead, it mandates Member States to create their own enforcement regimes.

Article 24(1) states:

"Member States shall lay down the rules on penalties applicable to infringements of this Chapter by cloud computing service providers within their competence and shall take all measures necessary to ensure that they are implemented. The penalties provided for shall be effective, proportionate and dissuasive."

This provision places the burden of defining specific monetary sanctions on national authorities, while ensuring they meet the EU standard of being "effective, proportionate and dissuasive."

Article 24(2) provides a non-exhaustive list of criteria that Member States must consider when imposing penalties:

  • The nature, gravity, scale, and duration of the infringement.
  • Any action taken by the infringing party to mitigate or remedy the damage.
  • Any previous infringements by the infringing party.
  • The financial benefits gained or losses avoided by the infringing party.
  • The infringing party's annual turnover in the preceding financial year in the Union.

Furthermore, Article 24(3) introduces a civil liability component:

"Recipients of the cloud computing services shall have the right to seek, in accordance with Union and national law, compensation from cloud computing service providers for any damage or loss suffered due to an infringement by those providers of their obligations under this Chapter."

This creates a dual risk for non-compliant cloud providers: regulatory fines set by Member States and direct compensation claims from customers (including public sector bodies) for damages resulting from sovereignty breaches.

Interaction with the AI Act Enforcement

The separation of CADA and the AI Act is intentional. The CADA explanatory memorandum explicitly states that the AI Act "does not cover aspects of sovereignty." Conversely, CADA addresses sovereignty, operational autonomy, and data confidentiality.

  • AI Act Scope: The AI Act regulates the product (the AI system or model). Its penalties are fixed in Article 99 of Regulation (EU) 2024/1689. For breaches of prohibited practices (Article 5), fines can reach €35 million or 7% of total worldwide annual turnover. For other infringements, fines can reach €15 million or 3%.
  • CADA Scope: CADA regulates the infrastructure and service (the cloud environment). It does not penalize the AI model's safety or bias, but rather the sovereignty status of the cloud hosting it.

Therefore, an AI model provider faces enforcement actions and potential fines under the AI Act, but not under CADA. However, a "hyperscaler" or cloud provider that hosts AI models faces a complex dual compliance landscape:

  1. Under CADA: If the cloud provider fails to meet the required Union assurance level (e.g., Level 2, 3, or 4) for a public sector contract involving public order, they face Article 24 penalties.
  2. Under the AI Act: If the AI model hosted on that cloud violates AI Act requirements (e.g., lack of transparency, high-risk classification errors), the model provider faces AI Act penalties.

The two regimes operate in parallel. A cloud provider cannot use AI Act compliance as a defense against CADA sovereignty penalties, nor can an AI model provider use CADA compliance as a defense against AI Act safety penalties.

What this means for you

If you operate in the AI or cloud sector, you must clearly distinguish your role to determine which penalty regime applies.

1. Determine Your Regulatory Status

  • Pure AI Model Provider: If you develop and license AI models (e.g., via API) but do not provide the underlying elastic compute pool, you are not a cloud computing service provider under CADA. You are subject to the AI Act only. You do not face Article 24 penalties.
  • Cloud Service Provider: If you provide scalable, on-demand computing resources (IaaS, PaaS, or SaaS where the infrastructure is the core product), you are a cloud computing service provider. You are subject to CADA's sovereignty framework and Article 24 penalties.
  • Hybrid Provider: If you offer both (e.g., a hyperscaler offering AI models and the cloud infrastructure), you must maintain separate compliance postures. Your infrastructure division must adhere to CADA (Articles 16–24), while your AI division must adhere to the AI Act.

2. Prepare for Article 24 Liability

As a cloud provider, your exposure to penalties is significant but variable:

  • National Fines: Member States will define the specific fine amounts. While the criteria (turnover, gravity) are harmonized, the actual monetary value will vary by jurisdiction.
  • Compensation Claims: Under Article 24(3), your customersβ€”particularly public sector bodiesβ€”can sue you for damages if your failure to meet sovereignty levels causes them loss. This is a direct financial risk beyond regulatory fines.
  • Audit Evidence: Failure to provide accurate audit evidence or report material changes (Article 23) can trigger these penalties.

3. Manage Dual Compliance Risks

If you are a hybrid provider, ensure your legal and compliance teams understand the distinct triggers:

  • CADA Trigger: A breach of sovereignty criteria (e.g., data leaving the Union, third-country control, lack of Union citizenship for personnel where required).
  • AI Act Trigger: A breach of AI safety, transparency, or fundamental rights obligations.
  • Procurement Impact: Under Article 30, public bodies must procure cloud services at specific assurance levels. If you fail to meet these levels, you lose public contracts, regardless of your AI Act compliance.

Common misconceptions

"CADA fines apply to all AI companies." This is incorrect. CADA's penalty regime is tied strictly to the provision of cloud computing services. Pure AI model developers, who do not provide the underlying scalable computing infrastructure, are not subject to CADA penalties. They are regulated exclusively under the AI Act.

"The AI Act covers cloud sovereignty." The AI Act focuses on the safety, fundamental rights, and transparency of AI systems. It does not regulate the geopolitical or operational sovereignty of the cloud infrastructure hosting them. CADA was designed specifically to fill this gap, creating a separate legal basis for sovereignty requirements and penalties.

"Penalties are fixed at the EU level." CADA does not set fixed fine amounts. Article 24(1) requires Member States to lay down their own rules on penalties. While the criteria for imposing penalties are harmonized (Article 24(2)), the actual fines will vary by jurisdiction, though they must be "effective, proportionate and dissuasive."

"AI model providers can be fined under CADA for hosting their own models." If an AI model provider also operates the cloud infrastructure that hosts the model and makes it available on-demand, they are acting as a cloud computing service provider. In that capacity, they would be subject to CADA penalties for the cloud service aspects of their business (e.g., failing to meet assurance levels), not for the AI model itself. The penalty arises from the failure to meet cloud sovereignty criteria, not from the AI model's characteristics.

Official sources

Related

This is general information about a draft EU regulation, not legal advice.