Summary Under the proposed Cloud and AI Development Act (CADA), Article 32(3)(d) establishes a specific non-price award criterion requiring contracting authorities to evaluate the extent to which critical hardwareβ€”compute, storage, and networkingβ€”is designed or manufactured in the EU. If such EU hardware is not feasible due to market availability or technical requirements, tenderers may use third-country hardware, provided it contributes to "strengthening the security of supply and the development of a European cloud and AI ecosystem." This criterion is ancillary, meaning it cannot be decisive for the award of the contract, and must be balanced against core technical and financial requirements.

Detail

The proposed Cloud and AI Development Act (CADA), COM(2026) 502 final, seeks to rebalance the EU's cloud and AI ecosystem by reducing strategic dependencies on third-country providers. A primary lever for this shift is the reform of public procurement. Article 32 of the proposal introduces "Union added value" as a mandatory non-price award criterion for the procurement of innovative cloud computing services and AI systems.

While Article 32 covers four distinct pillars of Union added value, Article 32(3)(d) specifically targets the physical layer of the technology stack: the hardware.

The Legal Framework: Article 32(2) and (3)

Before addressing the hardware specifics, it is essential to understand the constraints placed on these criteria. Article 32(2) mandates that any non-price award criteria used by contracting authorities must:

  • Be linked to the subject matter of the contract;
  • Not confer unrestricted freedom of choice on the contracting authority;
  • Be expressly set out in the procurement documents or contract notice; and
  • Be ancillary and not decisive in the award of the contract.

This "ancillary" requirement is critical. It ensures that while the EU seeks to promote its industrial base, the primary drivers for awarding a contract remain technical quality and financial offer. The hardware criterion acts as a tie-breaker or a value-add scoring factor, not a gatekeeper that could automatically disqualify a technically superior non-EU solution.

The Specific Hardware Criterion: Article 32(3)(d)

Article 32(3)(d) defines the precise scope of the hardware evaluation. It requires contracting authorities to assess the extent to which the service is delivered through specific categories of hardware components. The text of the provision states:

"(d) the service is delivered, to the greatest extent feasible with regard to market availability and technical requirements, through critical computing, storage and networking hardware components designed and/or manufactured in the Union, or, where this is not feasible, through hardware components from a third country that contributes to strengthening the security of supply and the development of a European cloud and AI ecosystem."

This clause establishes a two-tiered compliance mechanism with a strict hierarchy.

Tier 1: The Primary Preference (EU-Designed or Manufactured)

The default expectation is the use of hardware components that are either designed or manufactured in the Union. The use of "and/or" is legally significant:

  • Designed in the EU: A component qualifies if its architecture, logic, or engineering originates in the EU, even if the physical fabrication occurs elsewhere. This supports European intellectual property and R&D capabilities (e.g., European-designed accelerators or processors).
  • Manufactured in the EU: A component qualifies if the physical production takes place within the Union, even if the design originated elsewhere. This supports European manufacturing capacity and the goals of the Chips Act.

However, this preference is not absolute. It is bounded by the phrase "to the greatest extent feasible with regard to market availability and technical requirements." This creates a dual feasibility test:

  1. Market Availability: Is the EU-designed or manufactured hardware actually available in the necessary quantities and within the required timelines?
  2. Technical Requirements: Does the EU hardware meet the specific performance, latency, energy efficiency, or capacity specifications defined in the tender?

If a tenderer can demonstrate that EU hardware fails either of these tests, they may proceed to Tier 2.

Tier 2: The Exception (Third-Country Hardware)

Recognizing that the EU currently does not possess full self-sufficiency across all critical hardware segments, Article 32(3)(d) provides a conditional fallback. If EU hardware is not feasible, the tenderer may utilize hardware from a third country.

Crucially, this is not a free pass for any non-EU hardware. The provision imposes a positive qualitative obligation: the third-country hardware must contribute to "strengthening the security of supply and the development of a European cloud and AI ecosystem."

This requirement shifts the burden of proof to the tenderer. They must demonstrate that their choice of third-country hardware does not exacerbate strategic dependencies. Acceptable justifications might include:

  • Diversification: Using a third-country supplier to avoid over-reliance on a single dominant vendor or region.
  • Supply Guarantees: Demonstrating long-term availability commitments that ensure service continuity.
  • Ecosystem Integration: Showing that the hardware supports European open standards, interoperability, or contributes to the broader European cloud infrastructure (e.g., through open-source firmware or compatibility with EU software stacks).

Conversely, relying on hardware from a third country that is subject to extraterritorial access laws, or that creates a "lock-in" effect detrimental to European sovereignty, would likely fail to meet the "strengthening security of supply" threshold.

Context within the Broader Article 32 Framework

The hardware criterion is one of four pillars under Article 32(3) that collectively define "Union added value":

  • (a) Strengthening the digital technology supply chain in the Union (including software/hardware).
  • (b) Integration of technologies developed in the Union (including R&D results).
  • (c) Innovation that strengthens security of supply and the ecosystem.
  • (d) The specific hardware criterion discussed above.

Recital 67 of the CADA explanatory memorandum provides guidance on the weighting of these criteria. It suggests that contracting authorities could consider a maximum weighting of 15 out of 120 points for European added value within the overall evaluation methodology. This cap ensures the criterion remains proportionate and subordinate to core contract award criteria, preventing it from becoming a de facto trade barrier while still signaling a clear market direction toward European industrial capabilities.

What this means for you

For CTOs, procurement officers, and SMEs preparing bids for the European public sector, Article 32(3)(d) requires a strategic audit of your hardware supply chain and tender documentation.

1. Map Your Hardware Bill of Materials (BOM) You must be able to trace the origin of your critical compute, storage, and networking components. Identify which components are designed in the EU and which are manufactured in the EU. If you rely on third-country hardware, document explicitly why EU alternatives are not feasible due to market availability (e.g., supply shortages) or technical constraints (e.g., performance gaps).

2. Prepare a "Security of Supply" Narrative If you cannot use EU hardware, you must prepare a robust justification for your third-country components. This narrative should explain how your chosen hardware strengthens the security of supply. Consider factors such as:

  • Diversification of suppliers to avoid single points of failure.
  • Long-term availability guarantees and supply chain resilience.
  • Alignment with European open standards and interoperability requirements.
  • Contributions to the broader European cloud ecosystem (e.g., open-source firmware support, compatibility with EU software).

3. Engage Early with Contracting Authorities The feasibility of EU hardware varies by sector and use case. Early market consultations can help clarify whether specific EU-designed components (e.g., European AI accelerators) are mature enough for your specific workload. This dialogue can also help refine technical requirements to ensure they are not artificially restricted to exclude viable European solutions, while remaining realistic about current market capabilities.

4. Leverage Union-Funded R&D Article 32(3)(b) complements the hardware criterion by rewarding the integration of technologies developed in the Union, including those stemming from Union-funded research (e.g., Horizon Europe, Digital Europe). If your hardware or software stack incorporates results from these programs, highlight this in your tender. This strengthens your overall "Union added value" score, potentially offsetting lower scores on the hardware criterion.

5. Monitor Market Availability The EU hardware market is evolving rapidly. As the Chips Act and other initiatives bear fruit, the availability of EU-designed and manufactured components will increase. Stay informed about new European hardware offerings that may soon meet the technical requirements of your clients, allowing you to transition from Tier 2 to Tier 1 compliance.

Common misconceptions

Misconception 1: Article 32(3)(d) bans non-EU hardware. False. The provision explicitly allows for the use of third-country hardware where EU hardware is not feasible. The key is demonstrating that the third-country hardware contributes to strengthening the security of supply. It is a preference with a justification requirement, not a ban.

Misconception 2: The hardware criterion is decisive for the award. False. Article 32(2)(d) clearly states that non-price award criteria, including the hardware criterion, must be "ancillary and not decisive." Contracting authorities must prioritize technical quality and financial offer. The hardware criterion is a scoring factor, not a gatekeeper.

Misconception 3: Only manufacturing location matters. False. The criterion specifies "designed and/or manufactured in the Union." A component designed in the EU but manufactured elsewhere, or manufactured in the EU but designed elsewhere, can qualify. This reflects the reality of global semiconductor supply chains and encourages European design capabilities.

Misconception 4: SMEs are exempt from this criterion. False. Article 32 applies to all tenderers for innovative cloud computing services and AI systems. However, the CADA emphasizes supporting SMEs. Article 33 encourages Member States to ensure that at least 25% of procurement for cloud computing services and AI systems is awarded to innovative SMEs. While SMEs must comply with Article 32, they may benefit from simplified reporting and support mechanisms to help them navigate these requirements.

Misconception 5: "Feasibility" is defined solely by the tenderer. False. Feasibility is assessed in the context of market availability and technical requirements. Contracting authorities will evaluate whether the tenderer's claim that EU hardware is not feasible is reasonable. If a viable EU alternative exists and meets the technical specs, the tenderer may be penalized for not considering it.

Related

This is general information about a draft EU regulation, not legal advice.