Summary Under Article 39 of the proposed Cloud and AI Development Act (CADA), public-sector bodies that acquire cloud computing services, AI systems, or software through the Commission's central purchasing activities are deemed to have fulfilled their obligations under applicable Union public procurement law. This "deemed compliance" applies to contracts awarded by the Commission acting as a central purchasing body, including framework contracts and dynamic purchasing systems, as well as any ancillary support services provided under Article 37. As proposed, this mechanism allows contracting authorities to leverage collective buying power while ensuring legal compliance without running separate, duplicative tender procedures.

Detail

The proposed Cloud and AI Development Act (CADA) introduces a novel procurement architecture designed to overcome the fragmentation, technical complexity, and resource constraints that often hinder public authorities from acquiring advanced digital infrastructure. Central to this architecture is the Commission's expanded role as a central purchasing body. Article 39 establishes the legal framework that validates this collaboration, ensuring that participation in these joint procedures satisfies the rigorous requirements of EU public procurement law.

The Principle of Deemed Compliance

The cornerstone of this framework is Article 39(1), which establishes a powerful legal presumption: a participating entity is deemed to have fulfilled its obligations under applicable Union public procurement law where it acquires supplies or services by means of contracts awarded by the Commission under this Chapter.

This provision is critical for reducing administrative burden. It explicitly covers:

  • Contracts awarded by the Commission acting as a central purchasing body.
  • Framework contracts concluded by the Commission.
  • Dynamic purchasing systems operated by the Commission.
  • Any ancillary support services referred to in Article 37.

As proposed, if a national or regional contracting authority joins a Commission-led framework agreement for cloud services, their subsequent purchase under that framework is legally recognized as compliant with the relevant EU procurement directives (such as Directive 2014/24/EU) and the Financial Regulation (Regulation (EU, Euratom) 2024/2509). This removes the need for individual authorities to re-run the entire tendering process for the same services, provided they adhere to the terms of the central agreement.

Procedural Rules for Specific Contracts

While the initial framework is established by the Commission, the mechanism for selecting specific suppliers within that framework is also standardized. Article 39(2) clarifies that the procedural provisions applicable to Union institutions shall apply to the procedures for the award of specific contracts under framework contracts or dynamic purchasing systems.

This ensures a consistent, transparent, and efficient process for finalizing individual purchases. It means that the rules governing how a specific cloud service is selected from a pre-qualified pool of providers follow the internal procedures of the Commission, rather than the varying national transpositions of procurement law in each Member State. This harmonization is essential for creating a truly single market for sovereign cloud services.

Downstream Obligations for Contracting Authorities

The "deemed compliance" does not absolve contracting authorities of all responsibility. Article 39(3) imposes a specific duty on authorities that acquire services from the Commission. It states that a contracting authority which has acquired data centre services, cloud computing services, software, and AI systems from the Commission as a central purchasing body must ensure, in its agreements with the contracting authorities it serves, compliance with any contractual requirements by which it is itself bound.

In practice, this means that while the authority does not need to run a tender, it must ensure that its internal agreements with end-users, sub-contractors, or other public bodies respect the terms and conditions of the Commission's central contract. This maintains the integrity of the supply chain and ensures that the sovereignty and security standards negotiated by the Commission are not diluted downstream.

Proactive Procurement by the Commission

The framework is designed to be proactive rather than purely reactive. Article 39(4) empowers the Commission to decide to launch a procurement procedure open to participating entities without a prior specific request from them. This allows the Commission to anticipate market needs, identify emerging technologies, and prepare solutions in advance. By acting ahead of individual Member State requests, the Commission can secure better terms and ensure that critical infrastructure is available when needed, rather than waiting for a fragmented, slow-moving national demand to materialize.

Flexibility in Dynamic Purchasing Systems

A key innovation in the CADA proposal is the flexibility introduced for dynamic purchasing systems (DPS). Under standard EU procurement rules, DPS are generally closed to new participants once established. However, Article 39(5) provides a specific derogation from the Financial Regulation to accommodate the evolving needs of the public sector.

It allows participating entities to request permission to join an existing dynamic purchasing system throughout its period of validity. This request is subject to a cap: the cumulative requests for new participation must not exceed 50% of the initial estimated quantities of the envisaged purchases. This ensures that the system remains manageable and that the original economic balance is not disrupted.

The process is designed for speed: the request must be approved by the Commission within 10 working days. Once approved, the participating entity is included in any future invitation to tender issued by the system. This is particularly valuable for authorities that miss the initial launch window but still wish to benefit from the established pool of pre-qualified providers.

However, Article 39(6) places a crucial condition on this flexibility: the possibility to join a DPS after its launch is available only to participating entities that accede to the agreement referred to in Article 38 after the dynamic purchasing system has already been launched. This ensures that all latecomers are bound by the same governance and fee structures as the original participants.

Legal Context and Scope

This framework operates within the broader context of the EU's public procurement rules, specifically acting as a sector-specific supplement to the general directives. By acting as a central purchasing body, the Commission facilitates economies of scale and standardizes technical requirements for cloud and AI services. This is intended to reduce fragmentation across Member States and ensure that public sector bodies can access secure, sovereign, and innovative digital infrastructure.

The provisions in Article 39 work in tandem with Article 37, which outlines the Commission's authority to carry out these procurement activities (including acting as a wholesaler), and Article 38, which sets out the governance arrangements, including the Steering Committee structure, for these joint activities. Together, they create a cohesive ecosystem where the Commission leads the market shaping, and Member States benefit from streamlined access.

What this means for you

For public-sector procurement officers and legal counsel, Article 39 offers a streamlined, legally secure path to acquiring complex cloud and AI services. Instead of navigating the complexities of drafting technical specifications, evaluating bids, and managing tender processes from scratch, you can leverage the Commission's centralized efforts.

  • Simplified Compliance: When you purchase through a Commission-run framework contract or dynamic purchasing system, you are automatically considered compliant with EU public procurement law. This significantly reduces administrative burden and legal risk.
  • Access to Pre-Qualified Providers: The Commission's procedures will have already vetted providers for technical capability, security standards, and sovereignty requirements (such as Union assurance levels). You can focus on selecting the best fit for your specific needs from a pre-approved pool.
  • Flexibility to Join Late: If your authority misses the initial launch of a dynamic purchasing system, you can still request to join later. As long as the total new participation does not exceed 50% of the original estimated volume, the Commission can approve your inclusion, allowing you to participate in future tenders.
  • Responsibility for Contractual Terms: While the Commission handles the procurement, you remain responsible for ensuring that your internal agreements with end-users or sub-contractors respect the terms of the Commission's contract. You must ensure that any downstream usage complies with the conditions set by the central purchasing body.
  • Strategic Planning: The Commission may launch procurement procedures without a specific request from you. Stay informed about Commission-led procurement activities to anticipate available solutions and plan your digital transformation strategies accordingly.

To participate, your authority must be part of the agreement established under Article 38. This agreement outlines the practical arrangements, governance, and fee structures for the common procurement activities. Ensure your organization is registered as a participating entity to access these benefits.

Common misconceptions

"Article 39 replaces all national procurement rules." No. Article 39 does not replace national procurement laws; rather, it provides a mechanism for compliance through participation in Commission-led activities. If you do not participate in the Commission's central purchasing activities, you must still comply with your national transposition of EU procurement directives. The "deemed compliance" only applies to acquisitions made through the Commission's framework contracts, dynamic purchasing systems, or ancillary services.

"The Commission dictates every aspect of the final contract." Not entirely. While the Commission awards the initial framework or DPS contracts, the specific contracts awarded under these frameworks follow procedural provisions applicable to Union institutions (Article 39(2)). Furthermore, contracting authorities retain the responsibility to ensure compliance with contractual requirements in their own agreements with the entities they serve (Article 39(3)). You still have a role in managing the downstream implementation and ensuring end-users adhere to the terms.

"Any authority can join a dynamic purchasing system at any time." No. The ability to join a dynamic purchasing system after its launch is subject to strict conditions. Article 39(5) limits cumulative new participation to 50% of the initial estimated quantities. Additionally, the request must be approved by the Commission. This provision is only available to entities that accede to the Article 38 agreement after the DPS has been launched (Article 39(6)). It is not an open-ended right to join without constraints.

"Ancillary services are optional and separate from procurement compliance." No. Article 39(1) explicitly includes "any ancillary support services referred to in Article 37" in the scope of deemed compliance. This means that if you use ancillary services provided by the Commission (such as technical infrastructure, advice, or invoicing support), your use of these services also fulfills your procurement obligations, provided they are part of the Commission's activities under this Chapter.

Related

This is general information about a draft EU regulation, not legal advice.