Hungary has adopted two legal instruments establishing the institutional framework for the national implementation of the EU AI Act: Act LXXV of 2025 and Government Decree No. 344/2025 (X.31) in line with a legislative tendency towards active enforcement, which sends a message to organisations and companies operating in Hungary that they must continue to maintain and advance their compliance efforts under the EU AI Act. The scope of enforcement is broad. Any use of “AI system output” falls under Hungarian jurisdiction, regardless of where the AI system was placed on the market or put into service, and irrespective of whether the provider is established or resident in Hungary.
The key provisions of these instruments are as follows:
- The National Accreditation Authority (Nemzeti Akkreditációs Hatóság) will be the “notifying authority” under Article 28 of the EU AI Act.
- The Minister of Enterprise Development (vállalkozásfejlesztési miniszter) will be the AI market surveillance authority under Article 70 of the EU AI Act.
The AI Notifying Authority and the AI Market Surveillance Authority will handle all matters necessary for implementing the EU AI Act, unless otherwise provided by law.
The key tasks of the AI market surveillance authority include the following:
- Operating the AI regulatory sandbox.
- Performing the tasks related to the single point of contact under Article 70 of the EU AI Act.
- Handling market surveillance in cases where the client is not a consumer and the surveillance concerns the assessment of an AI system.
- Stopping unlawful conduct, restoring compliance and imposing fines up to the maximum set out in the EU AI Act, or settling the case through a written administrative agreement.
- Overseeing real-world testing of high-risk AI systems.
If an AI system is sold or used in a sector overseen by a sectoral market surveillance authority, the AI Market Surveillance Authority acts as a special expert authority, and the sectoral authority must obtain its opinion before deciding if the system complies with the EU AI Act. It, however, is unclear how this applies to cases that are outside the AI market surveillance authority’s competence and not covered by a sectoral market surveillance procedure (e.g. data protection cases).
For high-risk AI systems used by financial institutions, the Hungarian National Bank (Magyar Nemzeti Bank) will serve as the market surveillance authority when the AI system is directly provides those financial services.
The new laws also establish the Hungarian Artificial Intelligence Council, an advisory body without decision-making powers, composed of representatives from key authorities, government bodies, academia, research institutions, and business organisations. The Council guides Hungary’s national AI strategy and policy, ensures that AI development respects fundamental rights and vulnerable groups, provides recommendations for implementing the EU AI Act (including market surveillance), supports AI skill-building initiatives, participates in regulatory sandbox operations, coordinates AI research and public sector applications, monitors societal and economic impacts, and has the power (subject to legal protections) to request relevant data from authorities and organisations for AI regulation.
For more information on Hungary’s AI regulations, contact your CMS client partner or the CMS experts who wrote this article.
