What is a high-risk AI system under the AI Act?

A high-risk AI system is one whose use can have a significant impact on people's health, safety, or fundamental rights. The AI Act defines two categories: systems used as safety components of regulated products (Annex I), and systems operating in 8 sensitive domains listed in Annex III (biometrics, critical infrastructure, education, employment, essential services, law enforcement, migration, justice).

When do obligations for high-risk systems take effect?

Obligations for high-risk AI systems under Annex III take effect on August 2, 2026. Prohibited systems (unacceptable risk) have been banned since February 2025. Transparency obligations for all systems also apply from August 2026.

Is my CV screening software considered high-risk?

Yes. AI systems used for recruitment, candidate screening, candidate evaluation, or employment decisions are explicitly classified as high-risk in Annex III of the AI Act (category 4: Employment and workforce management). This includes ATS with AI features, automated assessment tools, and candidate-job matching systems.

What are the penalties for non-compliance?

Penalties for non-compliance with high-risk system obligations can reach 15 million euros or 3% of global annual turnover (whichever is higher). Authorities can also order the withdrawal of the system from the European market.

Can a high-risk AI system be exempted?

Yes, in certain cases. A system listed in Annex III may be exempted if it performs a narrow procedural task, improves the result of a prior human activity, detects patterns without replacing human evaluation, or is purely preparatory to human assessment. However, the exemption must be documented and justified.

Is Your AI System High-Risk? AI Act Classification Guide

With AI Act obligations taking effect on August 2, 2026, every enterprise using AI must answer this crucial question. This guide helps you determine whether your systems are affected — and what that means in practice.

Why This Is Urgent: High-risk AI systems deployed after August 2026 without compliance can result in fines up to €15 million or 3% of global turnover. Withdrawal of the system from the European market is also possible.

Understanding the Risk Pyramid

The AI Act classifies AI systems into four risk levels. Each level carries different obligations:

Unacceptable Risk — Prohibited

Systems banned since February 2025: subliminal manipulation, social scoring, emotion recognition at work/school, biometric categorization by race/religion/sexual orientation.

High Risk — Strict Obligations

Systems listed in Annexes I and III. Must meet a complete set of requirements before market placement. This is the focus of this article.

Limited Risk — Transparency Obligations

Chatbots, content generators, deepfakes. Main obligation: inform users they're interacting with AI.

Minimal Risk — No Specific Obligations

Spam filters, video games, non-personalized content recommendation systems.

The 8 High-Risk Domains (Annex III)

Your AI system is automatically classified as high-risk if it operates in any of these 8 domains:

1 Biometrics

Identification and categorization of people by physical characteristics.

Examples: Facial recognition, emotion detection, biometric identity verification, remote identification in public spaces.

2 Critical Infrastructure

Safety components in essential infrastructure management.

Examples: Power grid management, water/gas supply, road traffic control, critical digital infrastructure.

3 Education & Training

Systems affecting access to education or learner assessment.

Examples: Automated exam grading, academic guidance, admissions decisions, plagiarism detection with automatic consequences.

4 Employment & HR

Systems affecting recruitment, evaluation, or working conditions.

Examples: Automated CV screening, candidate-job matching, performance evaluation, promotion decisions, employee surveillance.

5 Essential Services

Access to essential public and private services.

Examples: Credit scoring, creditworthiness assessment, individual risk-based insurance pricing, social benefit allocation.

6 Law Enforcement

Systems used by law enforcement agencies.

Examples: Suspect profiling, recidivism risk assessment, fraud detection, predictive policing.

7 Migration & Border Control

Migration flow management and asylum applications.

Examples: Visa application processing, security risk assessment, document verification, detection of irregular migrants.

8 Justice

Systems assisting judicial decisions.

Examples: Decision support for judges, automated evidence analysis, legal research with recommendations, automated mediation.

The 5-Question Test

To quickly determine if your system requires deeper investigation, answer these 5 questions:

1. Does my AI make or influence decisions about people?

Recruitment, credit, service access, performance evaluation...

2. Could an error from my AI affect someone's health, safety, or fundamental rights?

Medical diagnosis, access control, impactful financial decisions...

3. Is my AI a safety component of a regulated product?

Medical devices, vehicles, industrial machinery, toys...

4. Does my AI process biometric data to identify or categorize people?

Facial recognition, fingerprints, voice recognition, behavioral analysis...

5. Does my AI operate in one of the 8 domains listed above?

Biometrics, infrastructure, education, employment, essential services, law enforcement, migration, justice.

Interpretation: A single "yes" means your system requires deeper analysis. Multiple "yes" answers very likely indicate high-risk classification.

Possible Exceptions

Even if your system falls under Annex III, it may be exempted from high-risk classification if all these conditions are met:

It performs a narrow procedural task (no complex judgment)
It improves the result of a prior human activity (rather than replacing it)
It detects patterns without replacing the final human evaluation
It is purely preparatory to a human assessment that remains determinative

Exemption Example: A tool that automatically extracts dates from a CV to display them to the recruiter (narrow procedural task, preparatory) vs. a tool that automatically ranks and rejects applications (impactful decision, no exemption).

Warning: The exemption must be documented and justified. When in doubt, consult an expert.

Obligations If You're High-Risk

If your system is classified as high-risk, you must meet these requirements before market placement:

Obligation	What It Means in Practice
Risk Management System	Identify, assess, and mitigate risks throughout the system's lifecycle. Continuous documentation.
Data Governance	Quality criteria for training data. Bias detection and correction. Source traceability.
Technical Documentation	Complete, auditable dossier: architecture, data, testing, performance, known limitations.
Automatic Logging	Record system decisions to enable traceability and post-incident audits.
Transparency	Inform users they're interacting with AI. Clear instructions for deployers.
Human Oversight	A qualified human can understand, monitor, and interrupt/override the system's decisions.
Accuracy & Robustness	Documented performance levels. Resistance to errors, attacks, and manipulation attempts.
Cybersecurity	Protection against attacks targeting training data or model outputs.
CE Marking	Self-assessment or notified body evaluation depending on system type.

Practical Cases for Enterprises

Case 1: HR Software with CV Screening

Situation: A company uses an ATS (Applicant Tracking System) with AI features to filter applications.

Classification: High-risk (Annex III, category 4 — Employment)

Required Actions: Document the scoring system, test for bias, log filtering decisions, inform candidates, enable human review.

Case 2: Customer Service Chatbot

Situation: A chatbot answers FAQs and redirects to human agents for complex cases.

Classification: Limited risk (not in Annex III)

Required Actions: Transparency obligation only — inform users they're talking to an AI.

Case 3: Credit Scoring System

Situation: A financial institution uses AI to evaluate loan applicants' creditworthiness.

Classification: High-risk (Annex III, category 5 — Essential Services)

Required Actions: Full compliance including decision explainability, discrimination testing, human oversight for borderline cases.

Case 4: Sales Predictive Analytics

Situation: An AI tool predicts sales volumes to optimize inventory.

Classification: Minimal risk (no impact on people)

Required Actions: No specific obligations under the AI Act.

Timeline & Next Steps

February 2025: Prohibition of unacceptable risk systems (already in effect)

August 2025: Obligations for General-Purpose AI models (GPAI)

August 2026: Obligations for high-risk systems (Annex III) and transparency

August 2027: Obligations for high-risk systems (Annex I — regulated products)

Recommended Action Plan

Inventory all your AI-using systems (including third-party SaaS tools)
Classify each system according to this guide
Prioritize high-risk systems for compliance work
Document the architecture, data, and decisions for each system
Test for bias and robustness
Train teams on human oversight
Audit regularly and keep documentation current

The Bottom Line

High-risk classification isn't a punishment — it's recognition that your system has significant impact on people. The AI Act's requirements are designed to ensure that impact is positive and controlled.

Enterprises that anticipate these obligations don't just avoid penalties. They build lasting trust with their customers, employees, and partners. In a market where AI trust is becoming a competitive advantage, compliance is an investment, not a cost.

Trusted AI Advisory

Need Help Classifying Your Systems?

Our Trusted AI practice helps enterprises with inventory, classification, and compliance for their AI systems. From initial audits to technical documentation, we help you turn regulatory requirements into competitive advantage.

Learn More Talk to an Expert