CADA Union assurance level 1 vs level 2

Summary Under the proposed Cloud and AI Development Act (CADA), Union assurance level 1 and level 2 differ in two connected ways: how compliance is verified, and how strict the criteria are. Level 1 relies on a conformity self-assessment by the provider, who issues its own EU statement of conformity (Article 19, as proposed). Level 2 instead requires an independent third-party audit at the provider's expense, ending in a "positive" audit opinion (Article 20). The criteria are also cumulative: a level 2 service must meet every level 1 criterion plus tougher level 2 requirements in Annex II — personnel located in the Union, a "substantial" cybersecurity certificate, a ban on using customer data to train third-country AI, an SBOM and supply-chain controls, and support performed exclusively within the Union. None of this is in force yet; CADA is a Commission proposal (COM(2026) 502 final).

Detail

As proposed, CADA's Article 16 establishes a "Union cloud computing sovereignty framework" of four assurance levels, with the criteria set out in Annex II. The levels are not in force — they would apply once the Regulation enters into force and starts to apply. Levels 1 and 2 are the entry tiers that public bodies would rely on, but they sit on opposite sides of an important line: self-declaration versus independent verification.

Verification: self-assessment vs independent audit

The most immediate operational difference is the conformity procedure.

Level 1 — conformity self-assessment (Article 19). A provider seeking recognition at level 1 would carry out a conformity self-assessment against the level 1 criteria in Annex II. It would then issue an EU statement of conformity declaring that compliance has been demonstrated, and by issuing that statement it assumes responsibility for the service's compliance (Article 19(2)). The statement must be made publicly available (Article 19(3)). To be recognised, the provider submits the statement and supporting evidence to the national competent authority of establishment (Article 17(3)). By way of derogation, an EU statement of conformity issued by a provider that is an SME would be directly and automatically recognised in all Member States without prior recognition by that authority (Article 17(3)).

Level 2 — independent third-party audit (Article 20). For level 2, self-assessment is not enough. The provider would undergo, at its own expense, an independent third-party audit by an auditing organisation to obtain an audit report and an audit opinion (Article 20(1)). Only a "positive" audit opinion supports recognition; a "negative" opinion comes with operational recommendations and a timeframe to achieve compliance (Article 20(5)). The auditing organisation must be independent and conflict-free — in particular, it must not have provided non-audit services on the audited matters in the 12 months before the audit (and must commit not to for 12 months after), must not have audited the provider in the prior 10 years, and cannot be paid fees contingent on the result (Article 20(4)). The provider must cooperate, give access to all relevant data and premises, answer questions, and not hamper or undermine the audit (Article 20(2)). The report and positive opinion must then be submitted annually for review to the same or a different auditing organisation, which may confirm, update or revoke them (Article 20(8)).

Cumulative criteria: the step-up in assurance

Both levels share a sovereignty baseline: the provider must be established in the Union, infrastructure and assets must be in the Union (unless the public sector body explicitly requires otherwise), and customer data — including metadata and telemetry — must remain exclusively within the Union (Annex II, §§1.1 and 2.1). But Article 20(1) makes the criteria cumulative: a level 2 service must satisfy all level 1 criteria plus the additional level 2 criteria, and failing any lower-level requirement precludes the higher level.

The headline additions for level 2 in Annex II §2.1 are:

1. Personnel located in the Union. At level 2 the personnel of the provider and its subcontractors involved in providing the service must be located in the Union (§2.1(b)). The level 1 criteria require only infrastructure and assets in the Union, not personnel (§1.1(b)). (Note: level 2 does not yet require Union citizenship — that is a level 3 criterion. At level 2, additional screening and Union-citizenship requirements apply only if the public sector body determines they are necessary: §2.1(d).)
2. Cybersecurity certification. The level 2 service must obtain a European cybersecurity certificate of at least assurance level "substantial" under a scheme established under Regulation (EU) 2019/881 (the Cybersecurity Act) — once such a scheme exists and is available. Until then, national schemes apply where they exist, and failing that the provider must demonstrate compliance with the highest cybersecurity standards under applicable Union law (§2.1(e)). Level 1 requires only that the service "complies with the state-of-the-art cybersecurity standards" (§1.1(e)).
3. AI-training restriction. At level 2, data generated by using the service may not be used to train or fine-tune any AI system operated by a third country or a third-country entity, and may not be transferred outside the Union in any case (§2.1(f)). Level 1 has no equivalent restriction.
4. Software supply chain. Level 2 requires a complete, up-to-date software bill of materials (SBOM) and documented dependencies; controls to block remote features that could materially tamper with or disrupt systems; and source-code audits and a migration plan for security-relevant components from third-country software manufacturers (§2.1(i)). Level 1 has no SBOM or supply-chain criterion.
5. Support within the Union. At level 2, technical and operational support must be initiated and performed exclusively within the Union (§2.1(h)). Level 1 allows support to be outsourced outside the Union if legal, technical and organisational measures ensure traceability, security and governance and do not compromise operational autonomy (§1.1(d)).

Procurement: what each level unlocks

The split matters because it drives public-sector procurement. As proposed in Article 30, Union entities and public sector bodies whose activities have not been identified as contributing to the preservation of public order (under the Article 29 risk assessment) shall use services recognised at Union assurance level 1 (Article 30(2)). Where activities are identified as contributing to public order — in sectors falling under Annex I or II of the NIS2 Directive (Directive (EU) 2022/2555) or in national security, internal security, external border management, defence, justice or law enforcement — contracting authorities shall only procure services recognised at level 2, 3 or 4 (Article 30(3)). So level 1 is the default for ordinary public-sector use, while level 2 is the floor for public-order-relevant activities.

What this means for you

For cloud service providers and data centre operators, the jump from level 1 to level 2 is a shift from internal governance to external verification and tighter localisation.

• Cost and cadence. Budget for an initial third-party audit and an annual review (Article 20(8)). Engage an auditing organisation that meets the independence rules in Article 20(4) early, since the 12-month and 10-year look-back periods can disqualify your usual advisers.
• Move support into the Union. If you support customers from outside the EU, level 2 would require support to be initiated and performed exclusively within the Union (Annex II §2.1(h)).
• Locate your people in the Union. Personnel involved in the service must be in the Union for level 2 — but you do not yet need Union citizenship (that arrives at level 3).
• Build AI-data and supply-chain governance. Implement controls so customer-generated data is never used to train third-country AI, and stand up an SBOM with documented dependencies and remote-tampering controls.
• Decide your market. If you target only ordinary public-sector workloads, level 1 may suffice. To reach public-order-relevant buyers — including NIS2-sector and security/defence activities — level 2 is the minimum entry point.

Common misconceptions

• "Level 1 is unverified." No. Level 1 is verified by self-assessment and a public EU statement of conformity, and the provider takes legal responsibility for that statement (Article 19). National competent authorities can still investigate (Article 26). It simply lacks the independent third-party scrutiny that level 2 requires.
• "Level 2 requires Union-citizen staff." No. Mandatory Union citizenship is a level 3 criterion. At level 2, personnel must be located in the Union, and extra screening or citizenship requirements apply only if the public sector body asks for them (Annex II §2.1(d)).
• "I can pick and choose criteria." No. The criteria are cumulative (Article 20(1)): level 2 means all level 1 criteria plus the level 2 additions, and any gap at the lower level blocks the higher one.
• "Level 2 needs a 'high' cybersecurity certificate." No. Levels 2 and 3 both require at least "substantial"; only level 4 requires "high" (Annex II §§2.1(e), 3.1(e), 4.1(e)).

Official sources

• Cybersecurity Act (Regulation (EU) 2019/881)

Related

• CADA Union assurance level 3 vs level 4: what is the highest tier?
• CADA Union assurance level 2 vs level 3: what changes?
• Third-country recognition vs Union assurance level 4 under CADA: what is the ceiling?
• How do I choose a CADA Union assurance level: level 1 vs a higher tier?
• EUCS high level vs CADA Union assurance level 4: are they equivalent?

This is general information about a draft EU regulation, not legal advice.