EU AI ACT AUTHORISED REPRESENTATIVE FOR INDIA
Export AI to Europe from India
Indian AI companies placing systems on the EU market face the same obligations as any other non-EU provider under the EU AI Act — including the requirement to appoint a named Authorised Representative inside the Union. AI Act is already in force. Most Indian AI exporters have not acted.
Fixed annual fee · Named EU entity · Compliant from day one
EU AI ACT AND INDIAN COMPANIES
India’s AI sector is growing into Europe. The EU AI Act is already in force.
Three reasons Indian AI companies underestimate their EU obligations — and why the AR requirement is the one that blocks market access first.
The EU AI Act applies to every non-EU provider — including Indian companies
An Indian AI company with EU enterprise clients, EU SaaS users, or EU API integrations is placing its system on the EU market within the meaning of the Act. India’s bilateral trade discussions with the EU, India’s domestic AI policy, and DPDP compliance have no bearing on this. AI Act follows the product.
The Indian IT and AI export sector is directly in scope
India’s AI export strengths — enterprise software, decision-support tools, HR technology, fraud detection, healthcare AI, and process automation — map directly onto the EU AI Act’s high-risk categories under Annex III. Indian companies building AI for global enterprise clients frequently find that their EU deployments are the ones that trigger the Act’s most demanding obligations.
EU enterprise procurement is where this becomes visible
EU enterprise buyers are now including AI Act compliance clauses in procurement documentation. A missing AR appointment, an unresolved risk classification, or absent technical documentation will delay or derail a contract with a sophisticated EU buyer. Establishing a compliant EU presence before the procurement conversation is the commercial decision.
India’s AI industry is well-positioned to serve the EU market. The EU AI Act sets the threshold conditions for doing so compliantly. This service establishes your EU presence — a named lawyer on your documentation, accountable to EU authorities — so your EU market access is built on a foundation that holds.
WHAT’S INCLUDED
Everything required for a compliant EU AI Act presence
A substantive legal appointment that satisfies Article 22 — not a registered address that leaves you exposed when an EU enterprise buyer or regulator asks a real question.
Named EU Authorised Representative
A specialised entity established in the EU, appointed under Article 22, identified in your technical documentation and EU AI database registration. Legal standing with EU market surveillance authorities — the person they write to, and the person who responds substantively on your behalf.
Mandate agreement drafted and executed
A compliant appointment document reflecting the Act’s formal requirements — scope of representation, obligations, and terms — ready to include in your technical file and present to any EU authority, enterprise procurement team, or investor that requests evidence of compliance.
Technical documentation copy maintained
Your technical documentation and EU declaration of conformity are held as required by Article 22 — available to market surveillance authorities on request, maintained and updated as your product develops.
Authority correspondence handling
All EU regulatory authority correspondence relating to your system is received, escalated, and handled in coordination with your team. You are notified immediately. No position is taken without your involvement. No response goes without your approval.
Annual review and regulatory alerts
A structured annual call covering product changes, new deployments, and regulatory developments affecting your AR obligations or your system’s classification. Alerts when enforcement activity or Commission guidance is relevant to your category.
Priority AI product assessment
If a product change during the year raises a reclassification question, you are prioritised. The conversation is included in the service. No additional charge for the call that keeps your compliance position current.
About the provider: (yes, that’s real me)
I’m Yuliia Habriiel — a regulatory lawyer who spent years inside EU digital regulation: not just the AI Act, but GDPR, NIS2, DORA, the Cyber Resilience Act, and ISO 42001.
I build compliance infrastructure for a living, so I know the difference between a requirement that’s theatrical and one that will actually get enforced. The EU AI Act is written at the level of the product — yet almost everyone is still trying to comply at the level of the organisation. That mismatch is where companies get caught.
When you work with me, you’re not getting a generic audit or AI’s best guess. You’re getting the same legal reasoning the regulators apply, turned on the one thing that matters: the AI system you’re shipping.
Who this service is for:
- Indian AI companies with existing EU enterprise clients, EU SaaS deployments, or EU API integrations that have not established a compliant AR appointment and need to resolve that position before it surfaces in a renewal conversation, a procurement questionnaire, or a regulatory enquiry.
- Indian IT services companies and product firms expanding into EU markets who need a compliant legal presence established before their first EU contract is signed, not after their first EU compliance question arrives.
- Indian AI startups raising international funding from EU-based investors or global funds with EU portfolio obligations — where AI Act compliance is increasingly a condition of term sheets and a standard due diligence question.
- Indian companies in sectors that map directly onto Annex III high-risk categories — HR technology, recruitment automation, credit scoring, fraud detection, healthcare decision support, document processing for regulated industries — where high-risk classification under the Act is likely and the AR requirement applies before market entry.
- Indian system integrators and platform providers whose EU clients are now requiring AI Act compliance documentation as part of ongoing vendor management and enterprise risk programmes.
- Indian AI companies that have received EU procurement questionnaires asking about AI Act compliance, technical documentation, or EU regulatory standing — and need a compliant answer and a named representative quickly.
No prior legal training required.
What our customers say:
Thank you for sending the strategy doc. I did not even expect it to be customised so it provides a good strategy tool to help me think about developing my application.
Meredith Godat, PhD
Founder, CogniQuest (Switzerland)
We’ve been trying to figure out how the EU AI Act affects our drone platform, especially around AI-based navigation. The report helped make sense of what actually applies to us and what we need to pay attention to. It gave us a much better picture of where we stand and what we need to do next before expanding into the EU market.
Denis Isakovs,
CTO, ProDrone
(Latvia)
Before this report, every AI Act discussion ended in confusion. Now I can confidently present classification decisions to our legal team and explain timelines to stakeholders. Worth every euro.
Robert Müller
Head of Product, MedicaTech Solutions (Germany)
Backed by Our Guarantee
The mandate we execute satisfies Article 22 of the EU AI Act to the letter. The annual fee is fixed — no surprise invoices for correspondence handling, regulatory alerts, or review calls within the scope of the service. If your product changes during the year in a way that means the AR service is no longer needed, we refund the unused portion on a pro-rata basis. What you are paying for is a compliant EU presence, maintained for twelve months. That is what we deliver.
Audit-Proof Documentation
Lifetime AI Act Updates Included
If You Don’t Need It, We Tell You
Flexible Time Investment
Appoint your EU Authorised Representative — compliant from day one
✔︎ Free product scoping assessment
✔︎ Mandate agreement drafted and executed
✔︎ Authority correspondence handling for twelve months
✔︎ Technical documentation copy maintained
✔︎ Annual review call and regulatory alerts
✔︎ Priority reclassification assessment if needed
€2,400/year · Billed annually · No hourly billing · No open-ended scope
Frequently Asked Questions
Does the EU AI Act apply to Indian companies?
Yes. The Act’s extraterritorial scope under Article 2 applies to any provider placing an AI system on the EU market, regardless of where the company is incorporated. An Indian company that makes an AI system available to EU users, sells to EU businesses, or provides services consumed in the Union is placing that system on the EU market within the meaning of the Act. India’s domestic AI policy framework, DPDP compliance, and bilateral trade discussions with the EU have no bearing on this obligation.
What is an EU AI Act Authorised Representative and why does an Indian company need one?
An Authorised Representative under Article 22 is a firm established in an EU member state, appointed by a non-EU provider to act as their legal point of contact for EU regulatory authorities. For Indian companies placing high-risk AI systems on the EU market, the appointment is a legal precondition for compliant market access. Without a compliant AR on record, an Indian company is in breach of the Act regardless of how technically capable its product is or how well-established its EU client relationships are.
Which Indian AI products are most likely to be high-risk under the EU AI Act?
India’s core AI export strengths map closely onto the Act’s Annex III high-risk categories. Recruitment and HR automation tools, credit scoring and lending platforms, fraud detection systems, healthcare decision-support AI, document processing for financial or legal applications, and process automation in regulated industries are all categories where high-risk classification is likely if the system has EU users.
Our AR service includes a product review at onboarding to confirm your classification before the mandate is executed.
Does India’s Digital Personal Data Protection Act compliance help with EU AI Act obligations?
DPDP compliance demonstrates regulatory maturity and is relevant context, but it does not satisfy EU AI Act obligations. The two regimes are distinct: DPDP governs personal data; the EU AI Act governs the AI system itself, its risk classification, technical documentation, transparency, human oversight requirements, and conformity assessment obligations. A company that has navigated DPDP compliance has demonstrated it can work within a regulatory framework, extending that discipline to the EU AI Act is the next step for EU market access.
Is a registered address in an EU member state sufficient to satisfy the AR requirement?
No. Article 22 imposes active legal obligations on the AR to maintain technical documentation, cooperate with market surveillance authorities, and take corrective action where required. A registered address cannot fulfil any of these obligations. An AR that exists only on paper provides no protection when an EU authority makes a substantive enquiry and leaves the Indian company in the same legal exposure as having no AR at all.
Our EU clients have not raised this. Do we actually need to act now?
EU enterprise buyers are increasingly including AI Act compliance clauses in new and renewed contracts — particularly in financial services, healthcare, and public sector. The absence of a client complaint today does not indicate the absence of an obligation. Article 5 prohibited-practice rules have been in force since February 2025. High-risk system obligations, including the AR requirement, apply from August 2026.
Acting before a client raises it, before a procurement questionnaire asks for it, and before a regulator identifies it is the position that protects your EU market access and your client relationships simultaneously.
What happens when a EU market surveillance authority contacts our Authorised Representative?
We receive the correspondence, notify you immediately, and coordinate the response with your team. We do not take positions on your product or make commitments to authorities without your explicit involvement.
The AR role is to be the accountable EU point of contact. Decisions about your product and compliance position remain yours. If an enquiry escalates to formal enforcement proceedings, that is a separate legal engagement agreed before we proceed.
Can Indian companies be fined under the EU AI Act?
Yes. The Act’s enforcement provisions apply to non-EU providers regardless of establishment. Fines for prohibited-practice violations reach €35 million or 7% of global annual turnover. Fines for high-risk system violations reach €15 million or 3% of global annual turnover. EU market surveillance authorities can pursue non-EU companies through their Authorised Representative.
The territorial reach of EU enforcement has been established through GDPR. Indian companies that assumed GDPR enforcement wouldn’t reach them discovered otherwise. The AI Act follows the same model.
How long does it take to appoint an EU Authorised Representative?
From instruction to executed mandate is typically three to five working days. The mandate is executed once we have sufficient knowledge of your product — its function, deployment context, and current documentation position — to fulfil our obligations under Article 22 responsibly.
We do not accept appointments for products we have no visibility of, and we do not execute mandates for products that present unresolvable compliance concerns.
What if our product or EU deployment changes significantly during the year?
Material changes — new use cases, new EU client categories, expanded user bases, or new data processing — may affect your classification and the scope of the mandate. Contact us before deploying significant changes. If the change falls within the existing scope, the mandate covers it. If it represents a material expansion, we agree an amendment before it takes effect. The annual review call is designed to catch incremental changes; significant changes should not wait for it.
What is included in the €2,400 annual fee?
Mandate drafting and execution, named AR appointment, authority correspondence handling for twelve months, technical documentation copy maintenance, annual review call, and regulatory alerts relevant to your system’s category. Work outside that scope — a full reclassification assessment, legal representation in enforcement proceedings, or technical documentation drafting — is a separate engagement quoted before any work begins.
The annual fee is fixed and does not vary with correspondence volume or the number of regulatory enquiries within the service scope.