— Edition 1.247 33 verified trackers
ES EN
Politics · Technology · Digital regulation  ·  where data speaks before headlines
Snapshot data
AML/OFAC enforcement against banks and fintech — 455 penalties documented 455 AML/OFAC penalties documented across 177 countries and 401 regula… CNMC Spain · the Digital Services Coordinator g… — 6 documented milestones 6 milestones in Spain's DSA Coordinator rollout; as of May 2026 still… Corporate data breaches: from incident to response — 7 breaches documented 7 corporate data breaches documented by notification conduct and outc… Digital regulatory risk index by country — 16 countries profiled 16 countries profiled by digital regulatory risk (coverage expanded w… DMA · designated gatekeepers and real compliance — 8 documented DMA acts 8 acts in the DMA gatekeeper regime: 7 designated, first final fines … Global election risk 2026: democracy and digita… — 22 elections profiled 22 2026 elections profiled by political regime (EIU) and digital envi… Electoral digital integrity 2026 — 13 elections profiled 13 elections profiled by digital integrity; 5 with transparent politi… Documented electoral disinformation 2026 — 5 documented campaigns 5 electoral disinformation campaigns or patterns documented with open… GDPR · which national authority really sanctions — 9 authorities profiled 9 national authorities profiled; ~€7.1bn in GDPR fines since 2018, bu… Digital political ad spending 2026 — 5 country-platform observ… 5 observations of digital political ad spending in 2026 elections, me… US · the state AI regulation patchwork — 8 laws and milestones 8 laws and milestones in the US AI patchwork; with no comprehensive f… Climate: the gap between pledge and action — 12 countries assessed 12 countries assessed by the Climate Action Tracker: 10 with insuffic… Power and corruption in the courts in Ibero-Ame… — 29 documented cases 29 senior officials prosecuted for corruption across 19 countries, wi… Crypto industry: collapses, sanctions and convi… — 10 documented cases 10 crypto-sector collapse, sanction and conviction cases across 4 cou… Content moderation: appeals and reversals — 19 documented decisions 19 appealed and reviewed moderation decisions, with their policy, ori… AI harms in court — litigation, rulings and set… — 100 documented cases 100 litigated AI-harm cases across 25 jurisdictions on 5 continents, … Public AI spending — global government contracts — 50 documented contracts 50 public AI contracts across 15 jurisdictions on 5 continents (45 wi… Scandal → conviction gap — — milestones logged Series starting — Odebrecht/Lava Jato as base case Technology ↔ regulation gap — 25 regulatory milestones 25 milestones across 11 jurisdictions; gaps from 0 to 22 years; Chile… Campaign promises → fulfillment — 29 term evaluations 29 terms evaluated across 25 countries on five continents Digital fines actually imposed — 60 sanctions recorded 60 high-value sanctions across 17 jurisdictions and 6 continents; cov… EU AI Act — designation of national authorities — 3 / 27 Member States Art. 70 deadline expired 2 Aug 2025 — process still open AI Act · Notified bodies for conformity assessment — 1 body with AI-specific a… Designation process opened 2 Aug 2025 · high-risk deadline Aug 2026 AI Act · Sanctions regime and its actual enforc… — 0 documented AI Act fines… Only 3 of 27 MS with both authorities designated by early 2026 EU · Consolidated DSA enforcement decisions — €120M first DSA fine · X · 5 … 5 Member States referred to CJEU for insufficient DSC implementation LATAM · Digital spending in 2026 electoral camp… — $14.794M COP · highest declared … Only 8 of 13 campaigns had reported in Cuentas Claras by mid-May Ibero-America · documented public contracts wit… — 3 contracts verified with… DC registry kickoff · ongoing monthly manual sweep LATAM · Internet shutdowns and platform blocks — 7 documented events · 202… Venezuela concentrates the region's most severe blocks LATAM · Judicial and regulatory sanctions on pl… — $5,2M USD · fine on X Corp. i… X complied with the orders and was reinstated after 39 days of suspen… Commercial spyware: documented cases worldwide — 22 documented cases 22 verified commercial-spyware cases across 12 countries on four cont… RSF · Press freedom in Latin America — 144 worst regional rank (Pe… AR -11 · PE -14 · SV -8 · EC -31 · USA -7 LATAM · AI bills in legislative process — 150+ bills identified Niubox January 2026 — only 4 Iberoamerican countries with law in force AML/OFAC enforcement against banks and fintech — 455 penalties documented 455 AML/OFAC penalties documented across 177 countries and 401 regula… CNMC Spain · the Digital Services Coordinator g… — 6 documented milestones 6 milestones in Spain's DSA Coordinator rollout; as of May 2026 still… Corporate data breaches: from incident to response — 7 breaches documented 7 corporate data breaches documented by notification conduct and outc… Digital regulatory risk index by country — 16 countries profiled 16 countries profiled by digital regulatory risk (coverage expanded w… DMA · designated gatekeepers and real compliance — 8 documented DMA acts 8 acts in the DMA gatekeeper regime: 7 designated, first final fines … Global election risk 2026: democracy and digita… — 22 elections profiled 22 2026 elections profiled by political regime (EIU) and digital envi… Electoral digital integrity 2026 — 13 elections profiled 13 elections profiled by digital integrity; 5 with transparent politi… Documented electoral disinformation 2026 — 5 documented campaigns 5 electoral disinformation campaigns or patterns documented with open… GDPR · which national authority really sanctions — 9 authorities profiled 9 national authorities profiled; ~€7.1bn in GDPR fines since 2018, bu… Digital political ad spending 2026 — 5 country-platform observ… 5 observations of digital political ad spending in 2026 elections, me… US · the state AI regulation patchwork — 8 laws and milestones 8 laws and milestones in the US AI patchwork; with no comprehensive f… Climate: the gap between pledge and action — 12 countries assessed 12 countries assessed by the Climate Action Tracker: 10 with insuffic… Power and corruption in the courts in Ibero-Ame… — 29 documented cases 29 senior officials prosecuted for corruption across 19 countries, wi… Crypto industry: collapses, sanctions and convi… — 10 documented cases 10 crypto-sector collapse, sanction and conviction cases across 4 cou… Content moderation: appeals and reversals — 19 documented decisions 19 appealed and reviewed moderation decisions, with their policy, ori… AI harms in court — litigation, rulings and set… — 100 documented cases 100 litigated AI-harm cases across 25 jurisdictions on 5 continents, … Public AI spending — global government contracts — 50 documented contracts 50 public AI contracts across 15 jurisdictions on 5 continents (45 wi… Scandal → conviction gap — — milestones logged Series starting — Odebrecht/Lava Jato as base case Technology ↔ regulation gap — 25 regulatory milestones 25 milestones across 11 jurisdictions; gaps from 0 to 22 years; Chile… Campaign promises → fulfillment — 29 term evaluations 29 terms evaluated across 25 countries on five continents Digital fines actually imposed — 60 sanctions recorded 60 high-value sanctions across 17 jurisdictions and 6 continents; cov… EU AI Act — designation of national authorities — 3 / 27 Member States Art. 70 deadline expired 2 Aug 2025 — process still open AI Act · Notified bodies for conformity assessment — 1 body with AI-specific a… Designation process opened 2 Aug 2025 · high-risk deadline Aug 2026 AI Act · Sanctions regime and its actual enforc… — 0 documented AI Act fines… Only 3 of 27 MS with both authorities designated by early 2026 EU · Consolidated DSA enforcement decisions — €120M first DSA fine · X · 5 … 5 Member States referred to CJEU for insufficient DSC implementation LATAM · Digital spending in 2026 electoral camp… — $14.794M COP · highest declared … Only 8 of 13 campaigns had reported in Cuentas Claras by mid-May Ibero-America · documented public contracts wit… — 3 contracts verified with… DC registry kickoff · ongoing monthly manual sweep LATAM · Internet shutdowns and platform blocks — 7 documented events · 202… Venezuela concentrates the region's most severe blocks LATAM · Judicial and regulatory sanctions on pl… — $5,2M USD · fine on X Corp. i… X complied with the orders and was reinstated after 39 days of suspen… Commercial spyware: documented cases worldwide — 22 documented cases 22 verified commercial-spyware cases across 12 countries on four cont… RSF · Press freedom in Latin America — 144 worst regional rank (Pe… AR -11 · PE -14 · SV -8 · EC -31 · USA -7 LATAM · AI bills in legislative process — 150+ bills identified Niubox January 2026 — only 4 Iberoamerican countries with law in force
/ trackers / ai-act-notified-bodies
EU · AI Act · Notified Bodies

AI Act · Notified bodies for conformity assessment

Registry of conformity assessment bodies accredited and notified under Regulation (EU) 2024/1689 (AI Act) for the assessment of Annex III high-risk AI systems, per Chapter IV (Arts. 28-39) and the European Commission's NANDO database. The designation process started on 2 August 2025. As of May 2026 the ecosystem is still being built: very few bodies hold AI-specific accreditation, and formal NANDO notification is a separate step from national accreditation. Diálogo Ciudadano logs each verifiable accreditation and notification, distinguishing accreditation (by national accreditation body) from notification (in NANDO by notifying authority). The tracker measures the gap between certification demand (August 2026 deadline) and the actual supply of bodies able to certify.

Snapshot · May 21, 2026
1
body with AI-specific accreditation (biometrics)
↑ Designation process opened 2 Aug 2025 · high-risk deadline Aug 2026

Evolution

Reading the data

The AI Act requires independent bodies to certify high-risk systems before they reach the market. At the latest cut, only one body had AI-specific accreditation (biometrics): the conformity-assessment ecosystem the rule presupposes is not yet ready.

YV
Yaneth Vickari S. · Digital regulation expert · Madrid
June 3, 2026 · 2 min read

The AI Act rests on a little-visible but critical piece: notified bodies, independent entities that must assess and certify the conformity of high-risk AI systems before they reach the market. This tracker follows how many actually exist, and the provisional answer is almost none: at the latest cut, a single body held AI-specific accreditation, in the field of biometrics.

Without that network of assessors, the certification obligation the rule imposes is in practical suspension: there is no one to certify. The tracker documents the start-up of this ecosystem because its maturity is a necessary condition for the Regulation to work beyond paper.

Methodology note

Bodies with notified accreditation under Articles 28 and 39 and Annex VII of Regulation (EU) 2024/1689 are recorded, with their assessment scope. The ecosystem's status is described based on the available official documentation.

Assessments are attributed to the cited sources, never to this outlet.

Documented events (3)

March 9, 2026 NL confirmed

DEKRA: first body accredited for AI biometric systems under AI Act

DEKRA became the first body officially accredited to assess the conformity of AI biometric systems under the AI Act. The accreditation was granted by the Dutch Accreditation Council (RvA) and covers three Annex III high-risk categories: remote biometric identification, emotion recognition, and biometric categorization. It is an important but bounded milestone: the accreditation covers only biometrics, and accreditation by a national accreditation body is a prior and distinct step from formal NANDO notification. DEKRA is a global TIC body with relevant operational base in the Netherlands.

DEKRA · First Accredited Certification Body for AI Biometric Systems ↗ Biometric Update · DEKRA conformity assessment biometric AI Act ↗
January 28, 2026 EU confirmed

Digital Omnibus acknowledges notified body ecosystem is not ready

The Digital Omnibus, under discussion in the European Parliament and Council, proposes extending effective application deadlines for high-risk obligations (to December 2027 for Annex III, August 2028 for Annex I) as a direct response to the infrastructure not being ready: harmonised standards unpublished, notified bodies not designated in sufficient numbers, and many Member States having not established competent authorities. The Omnibus does not change which systems require a notified body — it only grants more time. As of May 2026 the Omnibus was not yet adopted, so the legally applicable high-risk deadline remained August 2026.

eyreACT · Notified Bodies Under the EU AI Act (Omnibus context) ↗ European Commission · Navigating the AI Act FAQ ↗
August 2, 2025 EU confirmed

AI Act notified body designation process opens

On 2 August 2025 the process formally opened for Member States to designate and notify conformity assessment bodies under the AI Act. For a body to be notified, the Member State must first have designated its notifying authority (Art. 28), and the body must have completed the Art. 39 assessment and meet Annex VII requirements. As of the process opening date, most Member States had not yet designated a notifying authority, and the harmonised standards that bodies must apply were still unpublished.

eyreACT · Notified Bodies Under the EU AI Act ↗ EU AI Risk · Notified Bodies guide ↗

Methodology

Type
event-log
Construction
DC editorial construction
Cadence
monthly

Sources consulted

  1. European Commission · NANDO database (New Approach Notified and Designated Organisations) ↗ official

    Official notified-bodies database managed by the European Commission. Filterable by legislation (Regulation 2024/1689 for the AI Act) and by country. Authoritative primary source of formal designation.

  2. AI Act · Capítulo IV · Arts. 28-39 (Notified Bodies) ↗ official

    Legal framework for notified bodies. Art. 28 (notifying authorities), Art. 31 (requirements), Art. 35 (identification numbers and public lists), Art. 43 (when third-party assessment is required).

  3. Future of Life Institute · AI Act national implementation plans ↗ civil-society

    Tracking of notifying-authority designation status by member state, a prerequisite for a body to be notified.

  4. DEKRA · primera acreditación AI Biometric Systems bajo AI Act ↗ press

    Official DEKRA statement on its accreditation by the Dutch Accreditation Council (RvA) for biometric AI systems, announced in March 2026.

  5. Biometric Update · cobertura acreditación DEKRA ↗ press

    Independent press coverage of the DEKRA accreditation for high-risk biometrics under the AI Act.

  6. Dutch Accreditation Council (RvA) ↗ official

    Dutch national accreditation body. Accredited DEKRA for biometric AI systems. Accreditation is a prerequisite for notification in NANDO.