Only a few EU countries have designated competent authorities to enforce the AI Act.

Key takeaways

• Only Denmark, Finland and Italy have a national AI law in place, while proposals for AI laws were tabled in another nine EU countries

• Most of the surveyed countries with proposed or designated market surveillance authorities would implement a decentralised model, distributing enforcement tasks among several authorities

• Belgium, the Czech Republic, Finland, Germany, Ireland, Luxembourg, the Netherlands, Romania and Sweden have tasked their telecoms regulators with enforcement powers

Why it matters

The AI Act entrusts key implementation choices to national supervisory authorities, and differences across countries can significantly affect how consistently and effectively the rules are enforced across the EU.

Background

The Artificial Intelligence Act (AI Act) is the EU’s pioneering legislation on the use of AI which entered into force on 1 August 2024. While some core provisions have not started applying yet (e.g rules on high-risk AI systems), by 2 August 2025 member states should have designated national competent authorities and laid down rules on penalties and fines. If adopted, the AI Omnibus will delay the AI rulebook implementation timeline for high-risk AI systems.

Cullen International's latest benchmark provides an overview of the national laws (proposed or adopted) to implement the AI Act, including measures such as the designation of competent authorities, the set-up of regulatory sandboxes and the establishment of a framework on penalties.

Scope
Region: Europe
Countries covered: 19
Policy area: AI, data-related technologies
Last updated: April 2026

For more information and access to the full benchmark, please click on “Access the full content” - or on “Request Access”, in case you are not subscribed to our European Digital Economy service.