v2.4.0 | Report Errata
docs governance docs governance

Eight Mandatory Content Points

Annex V specifies eight mandatory content points for the Declaration of Conformity. Point 1: AI system name, type, and unambiguous identification reference. Point 2: provider name and address (or authorised representative). Point 3: statement that the Declaration is issued under the provider’s sole responsibility. Point 4: statement of conformity with the AI Act and any other applicable Union law. Point 5: where personal data is processed, statement of GDPR, EUDPR, and Law Enforcement Directive compliance. Point 6: references to harmonised standards or other specifications applied. Point 7: where applicable, notified body details and certificate identification. Point 8: place, date, signatory name and function, and signature.

Each point must be populated with accurate, traceable information drawn from the AISDP and the conformity assessment record. The Conformity Assessment Coordinator assembles the Declaration by extracting each field from its documented source; the Legal and Regulatory Advisor reviews for legal accuracy before signature.

Key outputs

  • Eight mandatory content points populated from AISDP evidence
  • Per-point verification against source documentation
  • Legal review before signature
  • Module 10 AISDP evidence

Each Point Traced to AISDP Evidence

Each of the eight Annex V content points is traced to its specific AISDP evidence source and verified by the responsible role. Point 1 traces to Module 1 (System Description) and the model registry; the Conformity Assessment Coordinator cross-checks against the EU database entry. Point 2 traces to corporate records and the authorised representative mandate (for third-country providers). Point 4 traces to the conformity assessment report; the AI System Assessor confirms an unqualified conformity finding. Point 5 traces to the DPIA and data governance documentation; the DPO Liaison confirms currency. Point 6 traces to the standards compliance register. Point 7 traces to the notified body engagement record and Annex VII procedural mapping.

A pre-signature checklist covering all eight fields, with confirmation that the source evidence is current and the field content accurate, is completed and retained as part of the conformity assessment record. This traceability ensures that the Declaration is defensible under regulatory scrutiny.

Key outputs

  • Per-point evidence source identification and verification
  • Pre-signature checklist with currency confirmation
  • Traceability from Declaration fields to underlying evidence
  • Module 10 AISDP evidence

Combined DoC for Multiple Regulations (Art. 47(3))

Where the high-risk AI system is also subject to other Union harmonisation legislation requiring a Declaration of Conformity, Article 47(3) permits the provider to draw up a single combined Declaration. The combined Declaration must contain all information required to identify each applicable regulation and must satisfy the content requirements of each.

The Conformity Assessment Coordinator maintains a mapping from each regulation’s Declaration requirements to the combined Declaration’s content, ensuring no requirement is omitted in the consolidation. For Annex I product systems, this mapping is particularly important: the product legislation’s Declaration requirements and the AI Act’s Annex V requirements must both be fully satisfied.

The combined Declaration should clearly identify which regulatory requirements it addresses. A deployer reading the combined Declaration should understand which regulations have been assessed and can refer to the corresponding conformity assessment records for details.

Key outputs

  • Single combined Declaration covering all applicable regulations
  • Cross-regulation requirement mapping maintained by Conformity Assessment Coordinator
  • Clear identification of each regulation addressed
  • Module 10 AISDP evidence
On This Page