CADA Article 33

Summary No, the 25% target for innovative small and medium-sized enterprises (SMEs) in the proposed Cloud and AI Development Act (CADA) is not a strict, legally binding quota that Member States must hit with automatic penalties for non-compliance. Instead, Article 33(4) requires Member States to "pursue as objective" that at least 25% of their procurement for cloud computing services and AI systems be awarded to innovative SMEs. This creates a mandatory duty of conduct to actively aim for the target, supported by binding requirements to include concrete plans in national strategies and submit annual progress reports to the Commission. While missing the percentage itself does not trigger an automatic fine, failing to plan, report, or take measures to improve access would constitute a breach of the Regulation.

Detail

The proposed Cloud and AI Development Act (CADA), COM(2026) 502 final, introduces a specific framework to foster innovation and reduce dependencies by actively encouraging the participation of SMEs in public procurement for cloud and AI. The core provision governing this is Article 33, titled "Monitoring of procurement of innovation in cloud and AI."

The Legal Nature of the Obligation: "Shall Pursue as Objective"

The precise legal phrasing in Article 33(4) is the decisive factor in determining the binding nature of the rule. The text states:

"Member States shall pursue as objective that at least 25% of their procurement for cloud computing services and AI systems be awarded to innovative SMEs."

In EU legislative drafting, the distinction between "shall ensure" (a strict result obligation) and "shall pursue as objective" (a result-oriented obligation with flexibility) is significant. By using the phrase "pursue as objective," the proposal imposes a duty of conduct and a directional goal on Member States, but it does not create an absolute, inflexible quota.

This means Member States are not strictly liable for failing to reach exactly 25% in a specific year if market conditions, lack of qualified bidders, or other justified circumstances prevent it, provided they can demonstrate that they have actively pursued the objective through concrete measures. The obligation is to try to achieve the result, not to guarantee the result regardless of external factors.

Integration into National Strategies: The Binding Planning Requirement

To give this objective operational force and prevent it from being merely aspirational, Article 33(4) explicitly links the target to the broader national planning framework:

"Member States shall include, in their national strategies referred to in Article 7, plans on how they intend to achieve this objective."

This creates a binding legal obligation to produce a concrete, documented strategy. Under Article 7, Member States must establish national cloud and AI strategies within one year of the Regulation's entry into force. These strategies must include:

• Key objectives and priorities for cloud and AI adoption.
• Measures to accelerate development and adoption.
• Specific plans on how the 25% SME objective will be achieved.

Therefore, while the 25% figure itself is a target, the requirement to create a detailed roadmap to reach it is mandatory. Failure to include such a plan in the national strategy would constitute a direct breach of CADA, regardless of whether the 25% target was eventually met.

Monitoring and Reporting: The Transparency Mechanism

To ensure that Member States are genuinely "pursuing" the objective rather than ignoring it, CADA establishes a robust monitoring and reporting framework under Article 33(3). Member States must inform the Commission on a yearly basis regarding:

1. The size of economic operators participating in such procurement.
2. SMEs participation trends, specifically:
   • The number of contracts awarded to SMEs.
   • Their share of the total contract value, expressed as a percentage.
   • Where available, the share of cross-border SMEs participation.
3. Measures taken to improve SMEs' access to public procurement procedures.

This annual reporting creates a transparency mechanism. While there are no immediate automatic fines for missing the 25% target in a given year, consistent failure to pursue the objective without justification, or failure to report, could lead to political scrutiny or infringement proceedings if the Commission determines that a Member State is not acting in good faith to achieve the goal.

Measures to Support SME Participation

Article 33(2) reinforces the objective by requiring Member States to take appropriate measures to ensure that the monitoring and reporting are actively used to:

• Identify barriers to SME participation.
• Improve access of SMEs to procurement markets.
• Support the design of simplified, proportionate, and SME-friendly procurement strategies (e.g., dividing contracts into lots).
• Promote the participation of SMEs in innovation procedures foreseen under Directive 2014/24/EU.

Furthermore, Article 33(5) obliges Union entities and contracting authorities to promote:

• Preliminary market consultations.
• Matchmaking between public buyers and innovative European SMEs/start-ups.
• Development of public contract clauses that are favourable for innovative SMEs.

These provisions ensure that the "pursuit" of the objective is backed by actionable steps, not just statistical tracking.

What this means for you

For in-house counsel, compliance officers, and public procurement specialists, the implications of Article 33 are procedural, strategic, and evidentiary.

1. Strategic Planning is Mandatory

If you are advising a Member State or a central purchasing body, you must ensure that the national cloud and AI strategy (due one year after entry into force) contains a detailed, actionable plan to reach the 25% SME target. Vague aspirations or generic statements will not satisfy the requirement to include "plans on how they intend to achieve this objective." The plan should outline specific mechanisms such as lot division, simplified procedures, and market engagement strategies.

2. Data Collection and Reporting Infrastructure

You must establish internal mechanisms to track the share of cloud and AI procurement awarded to SMEs. Article 33(3) requires annual reporting to the Commission on:

• The number of contracts awarded to SMEs.
• Their share of the total contract value (as a percentage).
• Cross-border SME participation (where available).

Ensure your procurement systems can disaggregate data by company size (SME vs. non-SME) and innovation status. Failure to report this data annually is a breach of the Regulation.

3. Procurement Design and Documentation

Review your procurement strategies for cloud and AI services. Are you dividing large contracts into lots to allow SMEs to bid? Are you using preliminary market consultations to engage with innovative SMEs early? Article 33(2) and 33(5) encourage these practices. Documenting these efforts is crucial. If you fall short of the 25% target, this documentation serves as evidence that you are "pursuing the objective" in good faith, which is the core legal requirement.

4. No Automatic Penalties for Missing the Target

Unlike strict quotas in other EU regulations, there is no automatic fine solely for failing to hit the 25% figure in a given year. However, the penalties under Article 24 (which applies to infringements of the sovereignty framework) do not directly apply here. Instead, the risk lies in infringement proceedings for failing to:

• Include the plan in the national strategy.
• Submit the annual report.
• Take the required measures to improve access.

Common misconceptions

"We will be fined if we don't hit exactly 25%."

• Reality: The obligation is to "pursue as objective." There is no strict liability for missing the numerical target. Penalties under CADA (Article 24) apply to infringements of the sovereignty framework (Title IV), not to the failure to meet the SME procurement objective. However, persistent failure to pursue the objective could lead to broader infringement procedures for non-compliance with the duty of conduct.

"This applies to all public procurement."

• Reality: Article 33 specifically targets the procurement of cloud computing services and AI systems. It does not apply to general public procurement outside this scope (e.g., construction, general IT hardware not classified as cloud/AI).

"SMEs are automatically awarded contracts."

• Reality: The target is for awards to innovative SMEs. Public authorities must still follow standard procurement rules (e.g., Directive 2014/24/EU) regarding technical capability, financial standing, and non-discrimination. The goal is to remove barriers and encourage participation, not to mandate awards to unqualified bidders.

"The target is optional if the market is weak."

• Reality: While the result (25%) is not mandatory, the effort is. Even in a weak market, Member States must still include a plan in their national strategy and report on the situation. They cannot simply ignore the objective; they must demonstrate why the target was not met and what measures were taken to try to achieve it.

Related

• CADA SME Procurement Target: What Share of Cloud Contracts Must Go to SMEs?
• CADA National Strategies: The 25% Innovative SME Procurement Target
• CADA's 25% SME Procurement Target: Objective, Strategy and Reporting
• CADA Article 33: Monitoring Innovation Procurement and SME Targets
• CADA Article 33: Is there a penalty for missing the 25% SME procurement objective?

This is general information about a draft EU regulation, not legal advice.