What penalties apply under the Cloud and AI Development Act (CADA)?

Summary The Cloud and AI Development Act (CADA) is a proposal (COM(2026) 502 final), not yet in force. As proposed, it would not set EU-wide fine ceilings. Instead, Article 24(1) would require each Member State to lay down its own rules on penalties for cloud computing service providers that infringe the cloud computing sovereignty framework (Title IV, Chapter I). Those penalties would have to be "effective, proportionate and dissuasive", and Member States would have to notify the Commission of the rules they adopt. Article 24(2) would set a non-exhaustive list of criteria to guide penalty-setting, and Article 24(3) would give recipients of the service a separate right to seek compensation. The result, as drafted, would be a patchwork of national penalty regimes rather than a single harmonised fine.

Detail

CADA's enforcement provisions sit in Title IV ("Autonomy"), Chapter I ("Cloud computing sovereignty framework"). That chapter establishes four Union assurance levels and the recognition, audit and transparency machinery around them. Article 24 ("Penalties and compensation") is the provision that backs those obligations with sanctions.

Counsel used to the GDPR or the EU AI Act should note a structural difference at the outset. Those instruments fix harmonised maximum fines in the text itself — the AI Act, for example, provides for fines up to EUR 35 million or 7% of total worldwide annual turnover for the most serious breaches (AI Act Article 99). CADA, as proposed, does the opposite: it delegates the level of penalties to national law and only constrains that discretion with a qualitative standard and a list of factors.

The Member State obligation to set penalties (Article 24(1))

As proposed, Article 24(1) would provide that "Member States shall lay down the rules on penalties applicable to infringements of this Chapter by cloud computing service providers within their competence and shall take all measures necessary to ensure that they are implemented." Two points follow from the words "this Chapter":

• The penalties would attach to infringements of Title IV, Chapter I — the sovereignty framework — not to CADA as a whole.
• The duty would fall on providers "within their competence", which ties penalties to the establishment-based enforcement model in Article 25(4) (the Member State of the provider's main establishment).

Article 24(1) would also require that the penalties be "effective, proportionate and dissuasive", and that Member States notify the Commission of the rules and measures adopted "as soon as possible", together with any subsequent amendment. The obligations these penalties would back up include, in summary:

• meeting and maintaining the criteria for a claimed Union assurance level (Levels 1-4), set out in Annex II;
• undergoing a conformity self-assessment for Level 1 (Article 19) or an independent third-party audit for Levels 2-4 (Articles 20-21);
• the transparency duties in Article 23, including reporting material changes that may affect a recognition; and
• the recognition procedure itself under Article 17, including the eligibility conditions for third-country-controlled services that bear on Level 3 (Article 18).

The criteria for imposing penalties (Article 24(2))

Article 24(2) would require Member States to "take into account the following non-exhaustive criteria for the imposition of penalties for infringements of this Regulation":

1. Nature, gravity, scale and duration of the infringement (point (a)).
2. Mitigation or remedy — any action the infringing party took to mitigate or remedy the damage caused (point (b)).
3. Previous infringements by the infringing party (point (c)).
4. Financial benefits gained or losses avoided by the infringing party because of the infringement, "insofar as such benefits or losses can be reliably established" (point (d)).
5. Any other aggravating or mitigating factor applicable to the circumstances of the case (point (e)).
6. Annual turnover of the infringing party in the preceding financial year in the Union (point (f)).

Two features deserve emphasis. First, the list is expressly "non-exhaustive", so national authorities could weigh further factors. Second, the turnover criterion in point (f) is keyed to Union turnover, not worldwide turnover — a narrower reference base than the AI Act's worldwide-turnover ceiling.

The right to compensation (Article 24(3))

Article 24(3) would add a civil-liability track. As proposed, "Recipients of the cloud computing services shall have the right to seek, in accordance with Union and national law, compensation from cloud computing service providers for any damage or loss suffered due to an infringement by those providers of their obligations under this Chapter." This is distinct from the administrative penalties in Article 24(1)-(2): a provider could face both a national fine and a compensation claim from an affected recipient (for example, a public sector body that relied on a sovereignty claim that turned out to be unfounded). A dedicated companion article covers this right in more detail.

Who would impose penalties

CADA, as proposed, would not give the Commission power to fine providers directly. Article 24(1) places the rule-making duty on Member States, and the national competent authorities designated under Article 25 — the authority of the provider's main establishment — would carry out enforcement, using the investigative and enforcement powers in Article 26 (which include the power to impose fines, or to ask a judicial authority to do so).

What this means for you

For in-house counsel and compliance leads at cloud providers, the absence of a fixed EU-wide ceiling is the headline practical point. You cannot model a single worst-case figure the way you can for the AI Act or GDPR; exposure would depend on the national regime of your main establishment and of any Member State whose rules reach your conduct.

• Track national transposition. Because each Member State would set its own "effective, proportionate and dissuasive" penalties, caps and methodologies could diverge. Some may anchor to GDPR-style turnover percentages; others may not. Identify the Member State of your main establishment (Article 25(4)) as the primary regime to watch, then monitor others where you seek recognition.
• Protect assurance-level integrity. Penalties would track the sovereignty framework, so the highest-risk areas are inaccurate assurance-level claims. If you hold out a service as meeting, say, Level 3 but cannot substantiate the Annex II criteria (including the Article 18 conditions on third-country control), you risk both a penalty and a compensation claim. Keep your Level 1 self-assessment (Article 19) or Level 2-4 audit evidence (Articles 20-21) robust and current.
• Document remediation. Article 24(2)(b) would make mitigation a relevant factor. A documented incident-response and remediation process — and prompt notification of material changes under Article 23 — could reduce exposure.
• Allocate risk in contracts. Article 24(3) would let recipients claim compensation. Review SLAs and indemnities for public-sector clients, bearing in mind that liability caps may be constrained by mandatory rules and public-procurement law.

Common misconceptions

"CADA sets fixed fines like the GDPR or the AI Act." As proposed, Article 24 contains no monetary ceiling or fixed percentage. It requires Member States to set the rules and to weigh the Article 24(2) criteria. The actual amount would depend on national law.

"The penalties cover the whole of CADA." Article 24 would attach to infringements of "this Chapter" — Title IV, Chapter I, the sovereignty framework. It would not, by its own terms, penalise, for example, delays in data-centre deployment under Title III; those sit under different rules.

"The Commission imposes the fines." No. Article 24(1) places the duty on Member States, and enforcement would run through the national competent authorities designated under Article 25 (and, where relevant, judicial authorities). The Commission's role is coordination, the public register of authorities, and the central repository of recognised services (Article 22).

"Only EU providers can be penalised." The sovereignty framework applies to any provider seeking to serve Union entities and public sector bodies, including third-country-controlled providers that pursue recognition (Levels 3 and 4 carry the strictest criteria, with Level 3 eligibility governed by Article 18). A non-EU provider that infringes its obligations would be exposed in the same way.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)
• GDPR (Regulation (EU) 2016/679)

Related

• Who enforces CADA (the Cloud and AI Development Act)?
• CADA vs AI Act: How Enforcement and Penalties Differ
• CADA Penalties: Do They Apply to AI Model Providers?
• Which CADA obligations can lead to penalties?
• What should a startup cloud provider know about CADA penalties?

This is general information about a draft EU regulation, not legal advice.