Why does CADA borrow the AI Act's definition of 'AI system'?

Summary The proposed Cloud and AI Development Act (CADA) explicitly adopts the definition of an 'AI system' from the EU AI Act (Regulation (EU) 2024/1689) to ensure a single, coherent legal framework across the EU's digital ecosystem. Article 2(3) of CADA references Article 3(1) of the AI Act, preventing divergent classifications that could create regulatory arbitrage or compliance confusion. This alignment clarifies that while CADA regulates the cloud service delivering the AI, the AI system itself remains under the AI Act's product-safety regime. The result is a unified taxonomy where an AI system is an AI system everywhere in the EU, regardless of whether the regulator is assessing its safety or the sovereignty of the cloud hosting it.

Detail

The legislative architecture of the EU's digital strategy relies heavily on interoperability between regulations. The proposed Cloud and AI Development Act (CADA), as set out in COM(2026) 502 final, is no exception. Its approach to defining core concepts is not to create new, isolated definitions, but to anchor itself in the existing, robust framework of the AI Act.

The Mechanism: Article 2(3) and the Cross-Reference

The technical mechanism for this alignment is found in Article 2(3) of the CADA proposal. This article states:

"'AI system' means an AI system as defined in Article 3, point (1), of Regulation (EU) 2024/1689."

This is a direct, verbatim incorporation by reference. It does not attempt to redefine what an AI system is, nor does it add qualifiers specific to the cloud context. By doing so, CADA ensures that the term carries the exact same legal weight and technical scope as it does under the AI Act. This includes the AI Act's specific criteria regarding machine learning, logic-based systems, and statistical approaches that generate outputs such as content, predictions, recommendations, or decisions.

This cross-reference serves a critical legislative purpose: it creates a "single coherent definition" across EU digital law. Without this, the EU risked a fragmented landscape where a specific algorithm might be classified as an 'AI system' under the AI Act (triggering high-risk obligations) but fall outside the scope of CADA (or vice versa), simply because the definitions differed. Such divergence would complicate compliance for providers operating across both regimes and create enforcement gaps for national competent authorities.

Delineating the Layers: Service vs. System

The borrowing of the definition is essential for understanding the distinct regulatory layers CADA and the AI Act govern. While CADA adopts the AI Act's definition of the system, its primary regulatory target is the cloud computing service.

Recital 10 of the CADA proposal provides the necessary context for this distinction:

"This definition of 'cloud computing service' encompasses on-demand access to AI systems as defined in Article 3, point (1), of Regulation (EU) 2024/1689 ('Artificial Intelligence Act') ... Only the delivery and making available of an AI system forms part of the service. The AI system itself and its underlying model are excluded from the scope of this definition."

This clarification is vital for technical architects and legal teams. It establishes a clear boundary:

1. The AI Act regulates the AI system itself—its design, development, training data, risk management, and fundamental rights impact.
2. CADA regulates the cloud computing service that hosts, delivers, or provides on-demand access to that system.

By using the same definition for 'AI system', CADA can precisely identify what is being delivered via the cloud without redefining the object itself. This ensures that the sovereignty and infrastructure rules of CADA apply to the correct technical components. For example, if a public body procures a cloud service to host a high-risk AI system, CADA's procurement rules (Article 30) apply to the service, but the definition of the system being hosted remains consistent with the AI Act's risk classification.

Preventing Regulatory Arbitrage and Divergent Classification

The absence of a unified definition could lead to "regulatory arbitrage," where providers might attempt to classify their offerings differently depending on which regulation imposes stricter obligations.

Consider a scenario where a provider offers a machine-learning tool. Under a divergent definition, they might argue that the tool is an 'AI system' under the AI Act (accepting the burden of conformity assessment) but claim it is not an 'AI system' under CADA to avoid the stringent sovereignty audits required for Union Assurance Levels 2, 3, or 4. Alternatively, they might argue the opposite to avoid AI Act obligations while claiming CADA benefits.

By locking both regulations to the same definitional anchor in Article 3(1) of the AI Act, the EU eliminates this ambiguity. If a system meets the criteria of the AI Act, it is an 'AI system' for the purposes of CADA as well. This ensures that:

• Consistency: The scope of the AI system is identical across both legal instruments.
• Clarity: Auditing organizations and national authorities apply the same technical criteria when assessing compliance.
• Efficiency: Providers do not need to maintain separate taxonomies or compliance strategies for the same underlying technology.

Interaction with the Sovereignty Framework

The alignment of definitions directly impacts the implementation of CADA's sovereignty framework. Article 16 establishes four Union assurance levels, with criteria detailed in Annex II. These criteria include requirements for data localization, personnel location, and the absence of third-country control.

When a cloud provider seeks recognition at Union Assurance Level 2, 3, or 4, the auditing organization must assess whether the service supports an 'AI system'. Because CADA borrows the AI Act's definition, the auditor can rely on the AI Act's established technical documentation and risk classification to identify the scope of the AI system within the cloud offering. This streamlines the audit process:

• The auditor does not need to re-evaluate whether the software qualifies as an AI system.
• The focus remains on the sovereignty of the infrastructure hosting that system.
• The shared definition ensures that the "AI system" identified in the AI Act's technical documentation is the exact same entity subject to CADA's sovereignty criteria.

This synergy is particularly important for Article 29 risk assessments. Member States and Union entities must assess whether public sector activities contribute to public order. If those activities involve an 'AI system', the definition used to trigger the risk assessment is the same one used to determine the appropriate Union assurance level for procurement under Article 30.

What this means for you

For CTOs, compliance officers, and legal teams, the borrowing of the AI Act's definition simplifies the regulatory landscape but reinforces the need for a layered compliance strategy.

1. Unified Taxonomy for Governance

You do not need to maintain two separate definitions of "AI system" within your organization. If your product or service is classified as an 'AI system' under the AI Act, it is automatically an 'AI system' under CADA. This simplifies your internal governance, inventory management, and documentation. Your AI system registry can serve as the single source of truth for both safety compliance (AI Act) and infrastructure sovereignty (CADA).

2. Distinct Compliance Tracks

While the definition is shared, the obligations are distinct.

• AI Act Track: Focus on the system's safety, data governance, transparency, and fundamental rights impact.
• CADA Track: Focus on the cloud service's sovereignty. Even if your AI system is fully compliant with the AI Act, the cloud service hosting it must meet CADA's assurance levels if procured by the public sector.
• Action: Ensure your cloud architecture (data location, personnel citizenship, third-country control) meets CADA's criteria (Annex II) independently of the AI system's safety features.

3. Audit and Recognition Efficiency

For cloud providers, the shared definition reduces the burden of independent audits. When undergoing an audit for Union Assurance Levels 2–4 (Article 20), you can leverage existing AI Act documentation to prove the nature of the AI systems you host. Auditors will use the shared definition to map the AI system's characteristics against CADA's sovereignty criteria without needing to reconcile conflicting terminologies.

4. SME Advantages

For SMEs, Article 17(3) provides a significant relief: the EU statement of conformity for Union Assurance Level 1 is automatically recognized across all Member States without prior national recognition. Because the definition of the 'AI system' is consistent, this automatic recognition applies seamlessly to cloud services hosting AI systems, provided the SME's self-assessment correctly references the AI Act's definition.

Common misconceptions

"CADA redefines what an AI system is." No. CADA explicitly borrows the definition from the AI Act via Article 2(3). There is no separate CADA definition of an AI system. The term means exactly the same thing in both regulations.

"If I comply with the AI Act, I automatically comply with CADA." Incorrect. The AI Act focuses on the safety and fundamental rights of the AI system. CADA focuses on the sovereignty and resilience of the cloud infrastructure. A system can be fully AI Act-compliant (safe, transparent, high-risk assessed) but fail CADA compliance if the cloud hosting it is controlled by a third country or located outside the Union.

"CADA regulates the AI model itself." No. As clarified in Recital 10, the AI system itself and its underlying model are excluded from the scope of CADA's definition of 'cloud computing service'. CADA regulates the delivery and access to the system via the cloud, not the model's internal weights or intellectual property.

"The definition only applies to high-risk AI." The definition applies to all AI systems as defined in the AI Act, regardless of their risk classification. CADA's sovereignty framework applies to the cloud services hosting these systems, particularly when procured by public sector bodies, regardless of whether the AI system is high-risk or minimal-risk.

Official sources

• EU AI Act (Regulation (EU) 2024/1689)
• Cybersecurity Act (Regulation (EU) 2019/881)
• Data Act (Regulation (EU) 2023/2854)

Related

• Why is CADA part of the EU tech sovereignty package with the Chips Act 2.0?
• Why does CADA call the Data Act an 'enabler'?
• Why a Cybersecurity Act certificate cannot prove cloud sovereignty under CADA
• Which CADA obligations stack on top of AI Act obligations?
• CADA and the AI Act: Dual Compliance for Public-Sector AI Buyers

This is general information about a draft EU regulation, not legal advice.