New research by Cullen International maps the authorities designated to enforce the Data Governance Act, the Data Act and the Artificial Intelligence Act across all the 27 EU member states.
Only the Czech Republic, Denmark, Finland and Latvia have designated or proposed competent authorities for all three of the Data Governance Act, the Data Act and the AI Act.
While the Data Act will apply from 12 September 2025, to date only France and Latvia designated competent authorities responsible for its enforcement.
Regarding the AI Act, Poland and Spain are the only countries that proposed the establishment of a new supervisory body for the oversight of AI.
Cullen International’s Benchmark identifies the authorities designated to enforce these three legislative acts in all 27 EU member states.
For more information and access to the full benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.
more news
25 September 25
Data retention obligations in the Americas
Our new benchmark shows that many countries in the Americas mandate telecommunications companies to retain traffic metadata and to grant competent authorities access to the retained data in the context of criminal investigations or judicial activities.
24 September 25
Cyprus adopts final CSRD transposition law and member states advance efforts on the “stop-the-clock” directive
Cullen International’s updated benchmark tracks the progress made by the 27 EU member states in transposing the CSRD and the related “stop-the-clock” directive.
23 September 25
Seven member states impose essential requirements beyond those in the Postal Services Directive
Our latest research benchmarks the extent to which European countries have included essential requirements within their postal framework, i.e. within the scope of postal regulation. Essential requirements are general non-economic reasons which can induce a country to impose conditions on the supply of postal services.