Contact

An overview of the European Union’s Model Contractual Clauses for Artificial Intelligence

Back to top

An overview of the European Union’s Model Contractual Clauses for Artificial Intelligence

In 2024, the European Union (EU) formally adopted the Artificial Intelligence Act (AI Act). The AI Act will be fully applicable in 2026, with some provisions currently in force. Flowing from this, in March 2025, the EU Public Buyers Community released updated Model Contractual Clauses for Artificial Intelligence (MCC-AI), including a commentary to guide its use. 

3 Sep 2025 3 min read Corporate & Commercial Alert Article

At a glance

  • In 2024, the European Union (EU) formally adopted the Artificial Intelligence Act (AI Act). The AI Act will be fully applicable in 2026, with some provisions currently in force. Flowing from this, in March 2025, the EU Public Buyers Community released updated Model Contractual Clauses for Artificial Intelligence (MCC-AI), including a commentary to guide its use. 
  • Supply chain management teams should carefully consider the application of the MCC-AI, as it provides a useful foundation for contractual provisions to procure AI solutions.
  • This article breaks down what the MCC-AI offers when procuring AI and the applicability for South Africa.

Supply chain management teams should carefully consider the application of the MCC-AI as it provides a useful foundation for contractual provisions to procure AI solutions. This article breaks down what the MCC-AI offers when procuring AI.

Overview

The MCC-AI sets out the contractual conditions that enable contracting authorities to comply with obligations under the AI Act. The MCC-AI primarily focuses on systems that are classified as “high risk” in the AI Act. These are systems that may pose a high risk to the health and safety or fundamental rights of persons. In instances where a non-high-risk system is used, a lighter and flexible version (light version) of the clauses could be used.

The MCC-AI is intended to be included in contracts as an annexure, and not used as a standalone contract. It focuses on AI-specific obligations drawn from the AI Act, which include transparency, risk management, data governance, human oversight, cybersecurity, etc. The lighter version omits stricter components such as audit rights and conformity assessments.

The table below summarises the key obligations set out in the MCC-AI. These obligations are mapped directly to the AI Act’s requirements:

15083 key obligations[97]

It is important to determine which version of the MCC-AI is required for the specific AI system. For example, if the AI system is intended to be used in in healthcare, and may process health and patient data, this may mandate the use of the high-risk clauses. Therefore, the parties must ensure that the appropriate conformity assessments are conducted, and ongoing risk monitoring measures are implemented. The light version may be used in instances where the processing of data or the AI system does not pose a high risk, for example, incorporating an AI chatbot agent to assist with queries on a website.

Analysis

The MCC-AI is a good starting point to mitigate risk when procuring AI systems. It provides a checklist to cover most of the risks present when considering the impact of AI in a business. However, the MCC-AI alone is not sufficient. For complex technology transactions, parties must consider the overall objective of the contract. Additionally, the AI system will have an impact on intellectual property, liability, warranties and data protection considerations. Therefore, any use of the MCC-AI must essentially be tailored to the specific terms and the actual risk profile of the AI system.

Adapting for South Africa

Organisations are grappling with implementing suitable AI contractual provisions. The MCC-AI will provide South African companies and multinationals with some guidance on how to address AI risk, especially those that supply or procure AI solutions from internationals vendors.

We envisage that the MCC-AI clauses can be customised for operational requirements and adapted for South African-specific legislation, including the Protection of Personal Information Act 4 of 2013 (POPIA).

POPIA will play a prominent role in terms of how to address the processing of personal data and, in particular, automatic processing of personal data. We also envisage considering how South African intellectual property laws will impact a risk-based contractual approach.

Practical recommendations

Any party that intends to use the MCC-AI must consider the following:

  • Have the MCC-AI operate as an annexure to a main agreement.
  • Adjust the terminology to include references to local laws that are applicable.
  • Decide which version of the MCC-AI is more appropriate for the AI system being procured.
  • Negotiate all other aspects of the agreement which will have a bearing on AI risk – for example, data protection, warranties, liabilities and intellectual property.
  • Ensure that the procuring party fully understands the limits and capabilities of the AI system, to ensure that all potential risks are mitigated and provided for in the contract.

Conclusion

While the MCC-AI is a solid starting point for incorporating key AI provisions when contracting for AI systems, further consideration is required to ensure AI accountability, including in terms of South Africa’s specific laws. Contracting parties should adapt them to suit their particular needs, while ensuring that any AI risks are covered.

The information and material published on this website is provided for general purposes only and does not constitute legal advice. We make every effort to ensure that the content is updated regularly and to offer the most current and accurate information. Please consult one of our lawyers on any specific legal problem or matter. We accept no responsibility for any loss or damage, whether direct or consequential, which may arise from reliance on the information contained in these pages. Please refer to our full terms and conditions. Copyright © 2025 Cliffe Dekker Hofmeyr. All rights reserved. For permission to reproduce an article or publication, please contact us cliffedekkerhofmeyr@cdhlegal.com.

You might also be interested in

28 May 2025

by Susan Meyer and Taigrine Jones

Don’t show restraint! Will the Competition Commission join in global scrutiny of ‘no poach’, ‘restraint of trade’ and ‘wage fixing’ employment agreements

First, there was a threat of criminal prosecution by the US Department of Justice. Then the European Commission announced it would start investigating new types of anti-competitive conduct. Now, a Las Vegas man has been convicted. Is this the start of a global competition law obsession with labour markets?

Competition Law

6 min read

31 Mar 2025

by Fiona Leppan, Kgodisho Phashe and Sinead McElligott

Navigating occupational health and safety in the digital economy

The digitalisation of labour has become increasingly prevalent, necessitating a review of occupational health and safety (OHS) protocols and standards. Employers and employees face unprecedented challenges as well as opportunities in the digital workplace. On 25 March 2025, the Department of Employment and Labour released a guide titled “ What Every Employer and Employee Should Know for the Digital Economy ”, (Guide) which addresses the risks associated with digital labour, highlights key precautionary measures and emphasises the importance of risk management by outlining a step-by-step approach to identify and minimise workplace risks.

Employment Law

4 min read

24 Mar 2025

by Imraan Mahomed and Lee Masuku

Reinstatement - Does arrear remuneration prescribe?

The Labour Appeal Court (LAC) in Potgieter v Samancor Chrome Limited t/a Tubatse Ferrochrome (JA91/22) (10 March 2025) was again called upon to consider the question of prescription in the context of employment law, this time in respect of arrear remuneration.

Employment Law

7 min read

11 Oct 2024

by Emil Brincker, Gerhard Badenhorst, Alex Kanyi and Stephan Spamer

CDH Tax & Exchange Control experts ranked among the best by 2025 ITR World Tax

Cliffe Dekker Hofmeyr (CDH), a leading corporate and commercial law firm, is proud to be recognised for our expertise in tax in the recently released 2025 ITR World Tax Rankings.

Firm News

1 min read

13 Aug 2025

by Lucinde Rhoodie and Roxanne Bain

When companies behave as quasi-partnerships – A cautionary tale of oppression

The recent decision of the Eastern Cape High Court in Ungerer v Ferreira and Others (4475/2024) ZAECQBHC 13 (7 May 2025) reinforces the principles relating to the rights of shareholders in closely held companies, the concept of quasi-partnerships, and the remedies available under section 163 of the Companies Act 71 of 2008 (Companies Act). The judgment is particularly relevant for business partners in private companies who have not reduced their mutual understandings to writing, and for those seeking clarity on what constitutes oppressive or unfairly prejudicial conduct when business relationships break down.

Corporate & Commercial Law

4 min read

19 Mar 2025

by Albert Aukema and Leah Williams  

The National Consumer Tribunal’s unprecedented approach to unfair pricing

In the recent decision of Julie Williams v Cell C Ltd, NCT/300948/2023/75(1)(b) , the National Consumer Tribunal (Tribunal) made a notable finding regarding pricing practices.

Competition Law

4 min read

This website uses cookies to enhance the browsing experience. For more information, please see our Cookie Policy.

Accept Decline