What CADA compliance burden do AI startups face?

Summary Under the proposed Cloud and AI Development Act (CADA), AI startups face no direct horizontal compliance obligations unless they also act as cloud computing service providers (CSPs). If an AI startup merely develops models or software, CADA does not apply to them directly. However, if a startup hosts its own infrastructure and offers it as a service, it must pursue recognition under the Union cloud computing sovereignty framework. This involves a self-assessment for Union assurance level 1 (Articles 17 and 19), which is free and automatic for SMEs, or costly independent third-party audits for levels 2–4 (Article 20), which are mandatory for public-sector contracts involving public-order relevance.

Detail

The Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, is designed to strengthen the European cloud and AI ecosystem by addressing infrastructure sovereignty, data-centre capacity, and supply-chain resilience. A primary concern for emerging AI companies is whether this new legislative framework imposes a heavy compliance burden on innovation. The text of the proposal clarifies that CADA's regulatory scope is narrowly targeted at cloud computing service providers and data centre operators, not at AI system developers in isolation.

The Critical Distinction: AI Systems vs. Cloud Services

To determine the compliance burden, one must strictly distinguish between the AI system itself and the infrastructure delivering it. CADA defines a 'cloud computing service' in Article 2(1) by referencing the definition in Directive (EU) 2022/2555 (NIS2). Crucially, Recital 10 explicitly states: "The AI system itself and its underlying model are excluded from the scope of this definition."

Consequently, an AI startup that develops and licenses an AI model, or sells a software application that runs on third-party infrastructure, is not directly subject to CADA's sovereignty, data-centre, or procurement rules. Their compliance obligations remain governed by the EU AI Act (Regulation (EU) 2024/1689), which regulates the safety, transparency, and risk management of the AI system.

The regulatory landscape shifts only if the AI startup also operates as a cloud computing service provider. If a startup hosts its AI models on its own infrastructure and offers that infrastructure (compute, storage, networking) as a service to third parties, or if it offers the AI model via an API hosted on its own servers in a manner that constitutes a cloud service, it falls within the scope of CADA. In this scenario, the startup must navigate the Union cloud computing sovereignty framework established in Title IV, Chapter I.

The Sovereignty Framework and Assurance Levels

For startups that qualify as cloud providers, the core compliance burden is the Union cloud computing sovereignty framework (Article 16). This framework establishes four Union assurance levels (1 to 4) that determine the degree of sovereignty, security, and data localisation required.

• Union Assurance Level 1: This is the baseline. It is intended for general public sector procurement where the activity does not contribute to the preservation of public order.
• Union Assurance Levels 2, 3, and 4: These higher levels are required for activities identified as contributing to the preservation of public order (e.g., defence, justice, law enforcement, critical infrastructure) under Article 30(3). These levels impose stricter cumulative criteria regarding data localisation, personnel citizenship, and the absence of third-country control.

Recognition Procedures and Associated Costs

The practical burden for a startup manifests in the recognition procedure required to prove compliance with these assurance levels. The costs and administrative effort vary drastically between Level 1 and Levels 2–4.

1. Self-Assessment for Level 1 (Articles 17 and 19)

For startups seeking to offer services to the public sector for non-critical tasks, the burden is minimal. Article 19 mandates that providers seeking Level 1 recognition carry out a conformity self-assessment. The provider must issue an EU statement of conformity declaring compliance with the criteria in Annex II (e.g., establishment in the Union, data remaining in the Union, state-of-the-art cybersecurity standards).

Article 17(3) outlines the submission process. Crucially, it includes a specific derogation for SMEs: "the EU statement of conformity issued under Article 19(2) by cloud computing service providers that are SMEs shall be directly and automatically recognised in all Member States without the need for prior recognition by the evaluating national competent authority."

This provision is a significant relief for startups. It means an AI startup classified as an SME can self-certify its Level 1 status and immediately market its services across the entire EU without waiting for national authority approval or paying administrative fees. The only cost is the internal effort to ensure the criteria in Annex II are met.

2. Third-Party Audits for Levels 2–4 (Article 20)

The burden increases substantially for startups aiming to serve public-sector bodies with public-order relevance. Article 30(3) requires that contracting authorities in these sectors procure only services recognised at Union assurance levels 2, 3, or 4.

To achieve this recognition, Article 20(1) mandates that providers undergo independent third-party audits. The text is explicit regarding the financial responsibility: "Cloud computing service providers seeking recognition... shall undergo at their own expense, independent third-party audits."

• Audit Costs: The startup must contract an auditing organisation (defined in Article 2(17)) to assess compliance. This involves direct fees for the audit, potential costs for remediation of gaps found during the audit, and the cost of preparing extensive evidence.
• Evidence Requirements: Under Annex III, auditing organisations must request specific evidence, including a complete Software Bill of Materials (SBOM), proof of data localisation, documentation of legal separation from third-country entities, and evidence of cybersecurity certifications.
• Ongoing Burden: Article 20(8) requires an annual review by the auditing organisation to confirm continued compliance. This creates a recurring operational and financial obligation that startups must budget for annually.

The Third-Country Derogation (Article 18)

A specific complexity arises for startups that are established in the EU but are subject to the control of a third country (e.g., a US-owned startup with an EU subsidiary). Article 18 provides a mechanism for the Commission to identify third countries where providers subject to their control may be audited for Union assurance level 3.

However, this is a discretionary power. The Commission may only adopt such a decision if the third country meets strict cumulative criteria, including having an adequacy decision under the GDPR and no laws enabling extraterritorial data access that conflicts with EU law. Startups cannot assume this pathway is available. For Levels 2 and 4, the criteria in Annex II generally require that the provider is not subject to the control of a third country, effectively barring many international startups from serving the most critical public sector use cases unless they restructure to ensure full EU control.

What this means for you

For AI startups, the strategic implication of CADA is to clearly delineate your business model to manage compliance costs effectively.

1. If you are purely an AI developer:

   • You face no direct CADA obligations. Your compliance focus remains on the EU AI Act.
   • Ensure your contracts with cloud providers (e.g., AWS, Azure, or EU-based CSPs) clarify that they bear the CADA compliance burden for the underlying infrastructure you use.

2. If you provide AI via your own cloud infrastructure (you are a CSP):

   • Target Level 1: If your target market is general public sector or private sector, leverage the SME exemption in Article 17(3). Perform a self-assessment under Article 19, issue your EU statement of conformity, and gain automatic EU-wide recognition. This is the most cost-effective route.
   • Target Levels 2–4: If you aim to win contracts for defence, justice, or critical infrastructure, you must budget for independent third-party audits under Article 20. Engage with auditing organisations early to understand the evidence requirements in Annex III. Be prepared to demonstrate strict data localisation, Union citizenship for personnel (where required), and the absence of third-country control.

3. Public Sector Sales Strategy:

   • Understand that public procurement is tiered. Contracting authorities will only buy Level 1 services for non-critical tasks (Article 30(2)) and Levels 2–4 for critical tasks (Article 30(3)).
   • Your ability to compete for high-value, high-security contracts depends entirely on your willingness to bear the audit costs for higher assurance levels.

Common misconceptions

• "CADA replaces the AI Act for startups."

  • Incorrect. CADA regulates the cloud infrastructure and data sovereignty, while the AI Act regulates the AI system's safety and fundamental rights impact. They are complementary. A startup providing both the model and the cloud service must comply with both.

• "All cloud services need expensive audits."

  • Incorrect. Only services aiming for Union assurance levels 2, 3, or 4 require independent third-party audits (Article 20). Level 1 relies on self-assessment, and SMEs benefit from automatic recognition without national authority intervention (Article 17(3)).

• "Startups are exempt from all CADA rules."

  • Incorrect. While not subject to horizontal AI-specific rules, if a startup operates its own data centres or cloud infrastructure, it falls under the data-centre deployment and cloud sovereignty chapters. Even small providers must meet the baseline criteria for Level 1 if they wish to sell to the public sector.

• "Third-country control is always a dealbreaker."

  • Not necessarily for Level 3. While Levels 2 and 4 generally exclude third-country control, Article 18 allows for a derogation for Level 3 if the Commission adopts an implementing act for the specific third country. However, this is not guaranteed and depends on the third country's legal framework.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)
• GDPR (Regulation (EU) 2016/679)

Related

• When can AI startups start benefiting from CADA support?
• What sovereign-cloud market opportunity does CADA create for startups?
• How does CADA reduce cloud costs and lock-in for startups?
• How CADA opens public procurement to AI startups: Article 32 explained
• How does CADA help startups access funding and state aid?

This is general information about a draft EU regulation, not legal advice.