Summary Under the proposed Cloud and AI Development Act (CADA), public buyers must systematically monitor and record specific data regarding their innovation procurement for cloud computing services and AI systems, as mandated by Article 33. You are required to track the size of economic operators, SME participation trends (including contract counts and value shares), and measures taken to improve SME access. This data must be reported to the European Commission annually and should include cross-border SME participation metrics where available, supporting the EU's goal that at least 25% of such procurement goes to innovative SMEs.

Detail

The proposed Cloud and AI Development Act (CADA) places a strong emphasis on leveraging public procurement to drive innovation and support the European cloud and AI ecosystem, particularly for small and medium-sized enterprises (SMEs). Central to this strategy is Article 33, which establishes a rigorous monitoring and reporting framework for Member States and their contracting authorities. For public procurement officers, this means moving beyond simple compliance checks to active data collection and analysis of procurement outcomes.

The Monitoring Obligation

Article 33(1) explicitly states that Member States shall monitor and report on their use of procurement of innovation in cloud computing services and AI systems. This is not a passive obligation; it requires the establishment of mechanisms to capture specific data points during and after the procurement process. The goal is to identify barriers to SME participation and to design simplified, proportionate, and SME-friendly procurement strategies.

Required Records: What Must Be Tracked?

According to Article 33(3), Member States must inform the Commission on a yearly basis of specific information derived from this monitoring. For public buyers, this translates into a clear list of records that must be kept and aggregated. You must track and report:

  1. The size of the economic operators participating: You need to record the size category (e.g., micro, small, medium, large) of all entities that participate in innovation procurement procedures for cloud and AI. This helps assess whether the market is accessible to smaller players or dominated by large incumbents.
  2. SME participation trends: This is a multi-faceted metric. You must record:
    • The number of contracts awarded to SMEs.
    • The share of the total contract value awarded to SMEs, expressed as a percentage.
    • Where available, the share of cross-border SME participation. This specific data point is crucial for understanding the health of the single market for digital services and identifying if non-domestic SMEs face disproportionate barriers.
  3. Measures taken to improve SME access: You must document the specific actions taken to lower barriers. This could include dividing contracts into lots, using framework agreements, or adopting simplified administrative procedures. The record should link these measures to the outcomes observed in the SME participation trends.

The Strategic Objective: The 25% Target

While the recording of data is mandatory, the purpose of this monitoring is tied to a specific strategic objective outlined in Article 33(4). Member States shall pursue as an objective that at least 25% of their procurement for cloud computing services and AI systems be awarded to innovative SMEs.

To support this, Article 33(4) also requires that Member States include plans in their national cloud and AI strategies (established under Article 7) detailing how they intend to achieve this objective. Your local records and reports feed directly into this national planning process. If your procurement office is not hitting the 25% mark, the data you collect will highlight the gap, and the "measures taken" record will need to justify the steps being taken to close it.

Cross-Border Data and Commission Reporting

The requirement to keep data on cross-border SME participation (where available) is significant. It ensures that the CADA's goal of a unified European market is measurable. If your records show low cross-border participation, it may indicate that your procurement documents are too locally tailored or that there are administrative hurdles for foreign SMEs. This data is fed into the yearly Commission reporting, which allows the EU to assess the overall effectiveness of CADA's demand-side measures across all Member States.

Linking to National Strategies

It is important to note that these records do not exist in a vacuum. Article 33(4) mandates that the plans for achieving the 25% SME award objective be included in the national cloud and AI strategies. Therefore, the data you collect as a public buyer contributes to the national strategy's evaluation. If a Member State's strategy is being reviewed, the aggregated procurement data from local authorities will be used to determine if the "AI first" principle and the support for SMEs are being effectively implemented.

Broader Context: Innovation Procurement Measures

Article 33(2) adds context to why these records are kept. The monitoring and reporting must be actively used to:

  • Identify barriers to SME participation.
  • Improve access of SMEs to procurement markets.
  • Support the design of simplified, proportionate, and SME-friendly procurement strategies.
  • Promote the participation of SMEs in innovation procedures foreseen under Directive 2014/24/EU.
  • Facilitate pre-commercial procurement of cloud computing services and AI systems.

This means your records should not just be a static log of who won a contract. They should be part of a feedback loop. If the data shows that SMEs are bidding but not winning, the records should help diagnose whether the issue is price, technical capability, or administrative burden, leading to adjusted measures in the next reporting period.

What this means for you

For public-sector procurement officers, CADA's Article 33 transforms procurement administration from a transactional task into a data-driven strategic function.

  1. Update Your Data Collection Tools: Ensure your procurement software or tracking spreadsheets have fields for "Operator Size" and "SME Status" for every participant, not just the winner. You need to know who tried to bid, not just who succeeded, to calculate accurate participation trends.
  2. Track Cross-Border Metrics: If your procurement system does not currently flag whether an SME is based in another Member State, you need to add this capability. The "where available" clause in Article 33(3) suggests a best-effort approach, but failing to collect this data limits your ability to demonstrate compliance with single market principles.
  3. Document Your SME Measures: Keep a clear audit trail of the steps you take to help SMEs. Did you split a large cloud infrastructure contract into smaller lots? Did you provide a pre-procurement consultation phase for startups? Record these actions. When reporting to the Commission, you must link these measures to the resulting SME participation rates.
  4. Align with National Targets: Check your Member State's national cloud and AI strategy. It should contain a plan for achieving the 25% innovative SME award target. Your local procurement goals should align with this national plan. If your region is underperforming, the records you keep will be the basis for corrective action plans.
  5. Prepare for Annual Reporting: Set an internal deadline before the national reporting deadline. Aggregate your data on operator size, SME contract values, and cross-border participation early. Inconsistent or late data submission can hinder the Member State's ability to report accurately to the Commission, potentially affecting the overall assessment of CADA's implementation in your country.

Common misconceptions

  • "I only need to record the winner's details." Incorrect. Article 33(3) requires data on the "size of the economic operators participating." This implies tracking all bidders, not just the successful one. Understanding the pool of participants is essential for analyzing barriers to entry. If only large companies bid, you have a market failure to address, even if the winner is an SME.

  • "The 25% SME target is a strict legal mandate for every single contract." Incorrect. Article 33(4) states that Member States shall "pursue as objective" that at least 25% of procurement be awarded to innovative SMEs. It is a strategic target for the aggregate procurement volume, not a per-contract quota. However, failing to meet this target over time may trigger scrutiny and require updated mitigation measures in your national strategy.

  • "Cross-border data is optional, so I can ignore it." While Article 33(3) says "where available," ignoring this metric entirely is risky. Cross-border participation is a key indicator of the single market's health. If you do not collect this data, you cannot demonstrate compliance with the spirit of CADA's sovereignty and autonomy goals, which rely on a competitive, pan-European market. "Where available" means you should make a reasonable effort to collect it.

  • "This only applies to high-risk AI systems." Incorrect. Article 33 applies to "procurement of innovation in cloud computing services and AI systems." It is not limited to the high-risk AI systems defined in the AI Act. It covers any innovative procurement in these sectors, including general-purpose AI services, cloud infrastructure, and edge computing solutions.

  • "Reporting is a one-time event." Incorrect. Article 33(3) mandates that Member States inform the Commission "on a yearly basis." This is an ongoing, annual obligation. Your records must be kept continuously and updated regularly to support these annual reports.

Official sources

Related

This is general information about a draft EU regulation, not legal advice.