AI Risk Classification: Guide to EU AI Act Risk Categories
Updated: June 2026
AI risk classification under the EU AI Act determines which compliance obligations apply to your artificial intelligence systems. The European Commission established a risk-based approach that assigns four distinct risk levels to AI systems, each triggering different regulatory requirements for organisations deploying AI in the EU market.
Principaux enseignements
• This guide explains all four EU AI Act risk categories (unacceptable, high risk, limited, and minimal risk), the specific classification criteria that determine which category applies to your AI system, and the compliance obligations required for each risk level. We focus exclusively on the EU AI Act framework, which entered into force on 12 July 2024 with provisions phasing in through 2027.
• It’s designed for AI providers, deployers, compliance officers, and organisations that develop or use AI systems within the EU.
• Accurate risk classification is mandatory for EU AI Act compliance and determines your organisation’s legal obligations, documentation requirements, and market access rights. Misclassification can result in regulatory penalties, operational disruptions, and restricted access to the European market.
What You’ll Learn:
• The four AI risk categories and their specific compliance requirements
• Step-by-step classification criteria to assess your AI systems
• Mandatory obligations for high-risk AI systems, including conformity assessment
• Practical solutions for common classification challenges and borderline cases
What is AI risk classification under the EU AI Act?
AI risk classification is the process of determining which of the EU AI Act’s four categories applies to an AI system before it enters the EU market. The assigned category determines everything from whether deployment is permitted at all to what documentation, testing, oversight, and registration the system requires. Classification must be completed before market entry and reviewed whenever the system changes.
The Act entered into force on 12 July 2024, with provisions phasing in across several dates. The prohibition on unacceptable-risk AI applications became enforceable on 2 February 2025. Obligations for general-purpose AI model providers applied from 2 August 2025. High-risk AI system requirements are expected from late 2026 to early 2027, with full enforcement from mid to late 2027.
The risk-based regulatory framework
Compliance obligations scale directly with assessed risk. Minimal-risk AI systems face no mandatory requirements, while high-risk AI systems require extensive conformity assessments, technical documentation and EU database registration. Annex III of the Act defines which AI applications qualify as high risk based on their potential impact on fundamental rights and safety.
This structure allows lower-risk innovation – AI-enabled video games, spam filters, basic recommendation systems – to proceed without regulatory barriers, while systems capable of causing significant harm to individuals face proportionate scrutiny.
What AI systems are prohibited under the EU AI Act?
Unacceptable-risk AI systems are banned entirely because they pose an inherent threat to fundamental rights and human dignity. Prohibited categories include social scoring systems that evaluate individuals’ social behaviour; AI designed to exploit psychological, age-related or disability-related vulnerabilities to manipulate behaviour; biometric categorisation systems that infer sensitive attributes such as sexual orientation, political opinions or religious beliefs; and real-time remote biometric identification in publicly accessible spaces.
A narrow exception applies to law enforcement use of real-time remote biometric identification, specifically for: locating missing persons or victims of human trafficking or sexual exploitation; preventing a specific and imminent terrorist attack; or identifying perpetrators and suspects of serious criminal offences listed in Annex II of the Act. These exceptions are exhaustive. Civilian applications remain banned regardless of safeguards in place.
Deploying a prohibited AI system carries fines of up to €35 million or 7% of global annual turnover – the Act’s highest penalty tier.
What are the compliance requirements for high-risk AI systems?
High-risk AI systems must complete a conformity assessment, produce extensive technical documentation, register in the EU database, implement a risk management system, establish data governance measures, build in human oversight mechanisms, demonstrate accuracy and robustness, and set up systems for logging and monitoring serious incidents – all before market entry.
High-risk systems fall into two groups. The first covers AI used as a safety component in products already regulated under EU product safety law: medical devices, aviation equipment, automotive systems, and similar products. The second covers standalone applications listed in Annex III: remote biometric identification, critical infrastructure management, education and vocational training, employment and worker management, access to essential services including credit scoring, law enforcement, migration and border control, and administration of justice.
Ongoing obligations after market entry include maintaining post-market monitoring, logging system performance, and reporting serious incidents and malfunctions to the relevant national competent authority.
What do limited-risk and minimal-risk AI systems require?
Limited-risk AI systems are not restricted in deployment but must disclose their AI nature to users. Generative AI systems and chatbots must inform users they are interacting with an AI. General-purpose AI models that exceed the systemic risk threshold (training compute above 10²⁵ FLOPs) face additional obligations: model evaluation, adversarial testing and incident reporting to the European AI Office.
Unlike high-risk systems, limited-risk AI does not require conformity assessment or EU database registration. The focus is on user awareness and responsible deployment.
Minimal-risk AI – video games, spam filters, basic recommendation systems – faces no mandatory compliance obligations under the Act. Organisations may voluntarily adopt codes of conduct and ethical AI principles. This category covers the majority of AI applications currently in commercial use.
How do you classify an AI system step by step?
Work through the four categories in sequence, starting with prohibited applications. If the system doesn’t meet the criteria for a higher-risk category, move to the next level. Document your reasoning and evidence at every step – this record will be required during any regulatory review.
Step 1 – Check for prohibited applications. Assess whether the system performs social scoring, biometric categorisation to infer sensitive attributes, or real-time remote biometric identification in publicly accessible spaces without meeting the Article 5 law enforcement exceptions.
Step 2 – Assess against Annex III. If not prohibited, check whether the system falls under any Annex III category: biometrics, critical infrastructure, education, employment, essential services, law enforcement, border control or administration of justice.
Step 3 – Evaluate transparency requirements. If not high risk, determine whether the system is generative AI or a chatbot requiring user disclosure, or a general-purpose AI model that may exceed the 10²⁵ FLOPs systemic risk threshold.
Step 4 – Document the classification decision. Record your assessment methodology, the criteria applied, supporting evidence and the resulting compliance roadmap.
High risk vs limited risk: key requirements compared
| Requirement | High-Risk AI Systems | Limited-Risk AI Systems |
|---|---|---|
| Conformity Assessment | Mandatory before market entry | Not required |
| Technical Documentation | Extensive documentation required | Basic transparency disclosures |
| Human Oversight | Mandatory human review protocols | User notification sufficient |
| EU Database Registration | Required | Not applicable |
High-risk systems entail significantly greater compliance complexity, requiring dedicated resources for documentation, assessment, and ongoing monitoring.
How do you handle borderline cases and complex AI systems?
When a system could fall into more than one category, or serves multiple functions at different risk levels, apply the highest applicable classification to the whole system. The cost of treating a borderline system as high risk is lower than the cost of misclassification – in regulatory penalties and market access consequences.
Borderline high-risk applications. If a system could plausibly fall under Annex III but the evidence is unclear, treat it as high risk. Review the European Commission’s guidance and take legal advice for systems that could affect fundamental rights or safety. Document your reasoning thoroughly to demonstrate good faith during any regulatory review.
General-purpose AI models. Calculate training compute relative to the 10²⁵ FLOPs threshold to determine the systemic risk status. Evaluate the base model and downstream applications separately – a low-risk foundation model can produce a high-risk application depending on deployment context. Monitor for updates or fine-tuning that could change the classification.
Multi-purpose AI systems. Where a system performs both high-risk and low-risk functions, apply the highest applicable classification. Where technically feasible, segment functions so that low-risk components are clearly distinguished and can be assessed separately, reducing compliance burden on those parts.
Frequently Asked Questions
What are the four AI risk categories under the EU AI Act?
The EU AI Act defines four categories: unacceptable risk (prohibited), high risk (strict compliance obligations before market entry), limited risk (transparency disclosures to users) and minimal risk (no mandatory obligations). The assigned category determines the full compliance burden before a system can enter the EU market.
How do I determine whether my AI system is high risk?
A system is high risk if it is a safety component in a regulated product covered by existing EU product safety law, or if it falls within one of the Annex III application areas, including biometric identification, critical infrastructure, education, employment, credit scoring, law enforcement, or border control. High-risk systems require conformity assessments, technical documentation, EU database registration and human oversight mechanisms.
What obligations apply to limited-risk AI systems?
Providers of generative AI systems and chatbots must disclose to users that they are interacting with an AI. No conformity assessment or EU database registration is required. General-purpose AI models exceeding the 10²⁵ FLOPs training compute threshold are subject to additional obligations, including model evaluation and incident reporting to the European AI Office.
About the Author
Ana Mishova
Sales and Business Development Consultant — GDPRLocal
Ana focuses on helping organisations understand their compliance obligations and find the right data protection solutions. At GDPRLocal she works closely with businesses of all sizes, making GDPR and privacy compliance clear, practical, and accessible.