Summary Under Article 33 of the proposed Cloud and AI Development Act (CADA), Member States are legally required to monitor and report annually on their use of innovation procurement for cloud computing services and AI systems. This obligation is designed to identify barriers preventing small and medium-sized enterprises (SMEs) from participating in public tenders and to drive the uptake of European technologies. Member States must submit detailed yearly reports to the Commission on SME participation trends and integrate these monitoring efforts into their national cloud and AI strategies under Article 7. The proposal sets a specific objective for Member States to award at least 25% of relevant procurement to innovative SMEs, requiring concrete plans to achieve this target.

Detail

Article 33 of the Cloud and AI Development Act (CADA), as proposed in COM(2026) 502 final, establishes a rigorous framework for the monitoring of procurement of innovation in cloud and AI. Unlike general procurement rules, this provision specifically targets the acquisition of innovative cloud computing services and AI systems, aiming to transform public procurement from a passive purchasing activity into a strategic tool for market shaping and technological sovereignty.

The Core Monitoring Obligation

The foundation of this framework is set out in Article 33(1), which explicitly states that "Member States shall monitor and report on their use of procurement of innovation in cloud computing services and AI systems." This creates a mandatory duty for national authorities to systematically track how public funds are allocated to innovative digital solutions. The provision ensures that the procurement of these critical technologies is not treated as a routine administrative task but as a strategic lever to foster the European cloud and AI ecosystem.

This monitoring is not merely for statistical purposes; it is intended to be an active diagnostic tool. Article 33(2) mandates that Member States ensure this monitoring is "actively used to identify barriers to SMEs participation in procurement procedures." The text specifies that the data gathered must be utilized to:

  • Improve access of SMEs to procurement markets.
  • Support the design of simplified, proportionate, and SME-friendly procurement strategies.
  • Promote the division of contracts into lots where appropriate.
  • Promote the participation of SMEs in innovation procedures foreseen under Directive 2014/24/EU and pre-commercial procurement of cloud computing services and AI systems.

By linking monitoring directly to barrier identification, the proposal ensures that data collection leads to actionable policy adjustments.

Yearly Reporting Requirements

To ensure transparency and enable Union-level oversight, Article 33(3) imposes a strict reporting schedule. Member States must inform the Commission on a yearly basis of specific information. The proposal details the exact data points required in these annual reports:

  • The size of the economic operators participating in such procurement.
  • SME participation trends, specifically including the number of contracts awarded to SMEs and their share of the total contract value, expressed as a percentage.
  • Cross-border participation, where available, the share of cross-border SME participation.
  • Measures taken to improve SMEs' access to public procurement procedures.

This annual cadence allows the Commission to track progress across the Union, identify persistent structural barriers, and compare performance between Member States. It transforms procurement data into a continuous feedback loop for policy improvement.

Link to National Strategies and the 25% Target

The monitoring obligations under Article 33 are deeply integrated with the broader strategic planning requirements of the Regulation. Article 33(4) establishes a clear quantitative objective: Member States shall pursue the goal that "at least 25% of their procurement for cloud computing services and AI systems be awarded to innovative SMEs."

Crucially, this is not an isolated target. Article 33(4) requires that Member States "include, in their national strategies referred to in Article 7, plans on how they intend to achieve this objective." This creates a direct legal link between the annual monitoring data and the long-term national strategies.

  • Article 7 requires Member States to establish national cloud and AI strategies within one year of the Regulation's entry into force.
  • These strategies must include measures to support the development of cloud and AI capabilities, including through public procurement measures.
  • Under Article 33(4), these strategies must now explicitly contain the plans to reach the 25% SME innovation target.

Consequently, the data gathered through Article 33 monitoring feeds directly into the strategic planning required by Article 7. If a Member State's annual report reveals that SME participation is stagnating or falling short of the 25% objective, the national strategy must be updated to include new measures to address these gaps. This ensures that the monitoring is not a "tick-box" exercise but a driver of strategic evolution.

Promoting Innovation-Friendly Practices

Beyond the administrative duties of monitoring and reporting, Article 33(5) imposes proactive obligations on Union entities and contracting authorities to foster an environment conducive to SME innovation. These authorities must promote:

  • Preliminary market consultations: Engaging with the market before launching tenders to understand capabilities and shape requirements.
  • Matchmaking: Facilitating connections between public buyers and innovative solutions provided by European SMEs and start-ups.
  • Favourable contract clauses: Developing public contract clauses that are specifically tailored to be favourable for innovative SMEs, reducing the administrative and financial burdens that often exclude smaller players.

These measures are designed to lower entry barriers and ensure that the procurement process itself is adapted to the realities of the innovative SME sector.

What this means for you

For public-sector procurement officers, digital transformation leads, and national strategy coordinators, Article 33 introduces specific, actionable duties that go beyond traditional procurement compliance.

1. Establishing Data Collection Systems

You must ensure your procurement IT systems and processes can capture the specific metrics required by Article 33(3). This involves:

  • Tagging Contracts: Implementing a mechanism to identify and tag contracts specifically as "innovation procurement" for cloud and AI.
  • SME Verification: Ensuring that the status of winning bidders (SME vs. large enterprise) is accurately recorded and linked to contract values.
  • Cross-Border Tracking: Where possible, capturing data on the geographic origin of the SMEs to report on cross-border participation. If your current systems do not distinguish between standard cloud purchases and innovation-driven purchases, you will need to update your categorization methods immediately to avoid reporting gaps.

2. Active Barrier Identification

Your role extends beyond data entry. Article 33(2) requires you to actively use this data to identify why SMEs are not winning contracts. You must analyze whether barriers stem from:

  • Overly complex tender documentation.
  • Excessive financial guarantee requirements.
  • Unreasonably short payment terms.
  • Lack of lot division. The data you collect must lead to concrete changes in your tender design. For example, if data shows low SME participation in large infrastructure projects, you should proactively consider dividing the contract into smaller, manageable lots.

3. Strategic Alignment with National Plans

Procurement officers must work closely with their national digital strategy teams. The plans you develop to achieve the 25% SME target must be reflected in the national strategy submitted under Article 7.

  • Feedback Loop: Regular internal reviews of your procurement data should inform updates to your national strategy.
  • Plan Updates: If the annual report shows you are missing the target, your national strategy must be revised to include new, more effective measures.
  • Consistency: Ensure that the measures you take at the local or regional level align with the national plan to avoid fragmentation.

4. Proactive Market Engagement

Article 33(5) makes proactive engagement a legal obligation, not just a best practice. You should:

  • Organize preliminary market consultations before issuing tenders to understand the capabilities of European SMEs.
  • Participate in or organize matchmaking events to connect public buyers with innovative start-ups.
  • Review standard contract templates to ensure they include clauses favourable to innovative SMEs, such as flexible payment terms or reduced financial guarantees.

Common misconceptions

"This applies to all public procurement." No. Article 33 specifically targets the procurement of cloud computing services and AI systems. It does not apply to the purchase of office supplies, construction services, or other non-digital goods, unless those goods are explicitly defined as AI systems or cloud services under the Regulation's definitions. The focus is strictly on the digital stack.

"SMEs must win 25% of all cloud contracts." The 25% figure in Article 33(4) is an objective for procurement of innovation in cloud and AI systems, not a blanket quota for all digital spending. Furthermore, it is phrased as an objective to be pursued, supported by plans in national strategies, rather than a rigid legal quota that triggers automatic penalties for missing the target. The emphasis is on the process of planning and monitoring to achieve this goal.

"Reporting is a one-time event." The reporting requirement in Article 33(3) is annual. Member States must inform the Commission yearly, meaning this is a continuous compliance obligation. It is not a one-off submission at the start of the Regulation's application but a recurring duty to track progress over time.

"Innovation procurement is only for research projects." Innovation procurement under CADA covers the purchase of innovative cloud and AI solutions for operational use. It includes pre-commercial procurement and other innovation procedures under Directive 2014/24/EU. It is not limited to pure R&D grants but includes the contracting of new, market-shaping digital services that can be deployed in public administration.

"The 25% target is optional." While the target is an objective, Article 33(4) requires Member States to "pursue" it and, crucially, to include plans in their national strategies on how to achieve it. This makes the planning mandatory, even if the exact outcome is subject to market conditions. Failure to include a plan in the national strategy would be a breach of the Regulation.

Related

This is general information about a draft EU regulation, not legal advice.