Germany’s AI Implementation Act (KI-MIG): Who are the responsible supervisory authorities?

· Source: Technology's Legal Edge · Field: Legal & Regulatory — Compliance & Risk Management, Regulatory Affairs & Government Relations · Depth: Advanced, medium

Summary

On February 10, 2026, the German Federal Government adopted its official draft for the AI Market Surveillance and Innovation Promotion Act (KI-MIG), outlining Germany's supervisory framework, enforcement powers, and penalty regime for AI systems under the EU AI Act (Regulation (EU) 2024/1689). This draft updates an earlier ministerial version, particularly concerning competent authorities and administrative fines, and initiates the formal legislative process. Germany will implement a hybrid supervisory model, designating the Federal Network Agency (BNetzA) as the central market surveillance authority, a single point of contact for the EU AI Office, and a central complaints office. Sector-specific regulators, such as BaFin for financial services and state media authorities for journalistic AI, will retain competence. An independent three-member AI Market Surveillance Chamber (KI-Marktüberwachungskammer) will oversee sensitive high-risk AI systems, and the draft includes robust enforcement tools like remote access, unannounced inspections, and immediate enforcement without suspensive effect.

Key takeaway

For international companies operating or planning to operate AI systems in Germany, you should meticulously review the KI-MIG's supervisory architecture and enforcement powers. Your compliance strategy must account for the BNetzA's central role, sector-specific mandates, and the robust investigative tools, including remote access and unannounced inspections, which require immediate compliance. Pay close attention to the ongoing legislative process for potential amendments, especially regarding authority delineations and entry-into-force dates, to ensure your legal and operational frameworks are aligned.

Key insights

Germany's AI Act implementation features a hybrid supervisory model with strong central and sector-specific authorities.

Principles

Method

Germany's supervisory architecture combines a central authority (BNetzA) with sector-specific regulators (e.g., BaFin, state media authorities) and an independent chamber for sensitive high-risk AI, supported by extensive inter-agency information sharing and remote investigative powers.

In practice

Topics

Best for: CTO, VP of Engineering/Data, Director of AI/ML, Legal Professional, Policy Maker, AI Product Manager

Related on AIssential

Open in AIssential →

Editorial summary, takeaway, and curation by AIssential. Original article published by Technology's Legal Edge.