We value your privacy

We use necessary cookies to run the site and, with your consent, analytics and marketing cookies to improve it. You can change your choice anytime. Privacy Policy

  • Security
  • Pricing
Book a scoping call
Back to guides
Guides4 min read

Which AI Systems Are High-Risk Under the EU AI Act?

Which AI counts as high-risk under the EU AI Act? The Article 6 rules, all Annex III use cases, the 6(3) filter, and what deployers must do — with sources.

July 6, 2026·Qadar AI
Which AI Systems Are High-Risk Under the EU AI Act?
Searching for the EU AI Act's list of high-risk vendors or tools? There isn't one — and that is the single most important thing to understand. Regulation (EU) 2024/1689 names no vendors and no brands. Classification is use-based: Article 6 defines high-risk by what an AI system is used for, not by whose logo is on it. This guide walks through exactly how that classification works, every Annex III area, the exemption filter, and what it means when your company uses a general-purpose tool for a high-risk purpose.

High-risk AI definition: the two routes in Article 6

Article 6 of the EU AI Act gives a system two possible routes into the high-risk category.

Route 1 — Article 6(1): regulated products. An AI system is high-risk when it is a safety component of a product (or is itself a product) covered by the EU harmonisation legislation listed in Annex I, where that product must undergo a third-party conformity assessment. Annex I spans two sections: Section A covers machinery, toy safety, recreational craft and personal watercraft, lifts, equipment for explosive atmospheres, radio equipment, pressure equipment, cableway installations, personal protective equipment, gas-burning appliances, medical devices, and in-vitro diagnostic medical devices; Section B covers civil aviation security, two- and three-wheel vehicles, agricultural and forestry vehicles, marine equipment, rail interoperability, motor vehicles and trailers, vehicle general safety and occupant protection, and civil aviation.

Route 2 — Article 6(2): the Annex III use-case list. Independent of any product law, an AI system is high-risk when it falls into one of the use-case areas listed in Annex III — described next.

Annex III: the eight high-risk areas, with examples

Annex III lists eight areas. What makes a system high-risk is the intended use within these areas:

  1. Biometrics — remote biometric identification, biometric categorisation by sensitive attributes, and emotion recognition.
  2. Critical infrastructure — safety components in the management and operation of critical digital infrastructure, road traffic, and the supply of water, gas, heating, and electricity.
  3. Education and vocational training — for example determining access or admission, evaluating learning outcomes, or monitoring prohibited behaviour during tests.
  4. Employment and worker management — recruitment and selection (including targeted job ads and filtering applications), decisions on promotion or termination, task allocation, and monitoring or evaluating employee performance and behaviour.
  5. Essential services — credit scoring, risk assessment and pricing in life and health insurance, evaluating eligibility for public benefits, and classifying emergency calls or dispatching emergency services.
  6. Law enforcement — such as assessing the risk of a person becoming a victim, evaluating the reliability of evidence, or profiling in the course of criminal investigations.
  7. Migration, asylum and border control — for example examining applications for asylum, visas, or residence permits.
  8. Administration of justice and democratic processes — assisting judicial authorities in researching and interpreting facts and law, or influencing the outcome of elections.

For companies adopting AI tools, the employment area deserves the closest look: screening CVs, ranking candidates, or monitoring worker performance with AI are named Annex III use cases.

The Article 6(3) filter: when an Annex III system is not high-risk

An Annex III system is not considered high-risk when it does not pose a significant risk of harm to health, safety, or fundamental rights and at least one of four conditions applies — the system:

  • performs a narrow procedural task,
  • improves the result of a previously completed human activity,
  • detects decision-making patterns or deviations from them without replacing or influencing the human review, or
  • performs a preparatory task for an assessment relevant to the Annex III use case.

Two hard edges to this filter: profiling of natural persons always makes an Annex III system high-risk, with no exemption. And a provider that relies on Article 6(3) must document its assessment before placing the system on the market and register the system (Articles 6(4) and 49(2)) — the exemption is a documented claim, not a silent opt-out.

Are ChatGPT, Claude, or Gemini high-risk? (GPAI)

No — not as a category. Models of the ChatGPT, Claude, or Gemini class are general-purpose AI (GPAI) under Chapter V of the Act, with their own, separate obligations for the model providers. GPAI is not an Annex III entry.

The classification that matters for your organization happens at the point of use: when a company uses such a tool for an Annex III purpose — say, a recruiter screening applications with a general-purpose chatbot — that use can make the deployment high-risk, and the company carries deployer obligations. What those obligations look like in practice (use per instructions, monitoring the operation, retaining logs) is covered in our explainer on EU AI Act Article 26 — deployer obligations; the prohibited-practices line of Article 5 applies today regardless. Shield's policy preset library includes an HR-monitoring preset for exactly this scenario — logging AI use in employment decisions as the evidence base.

Current status: draft guidelines and the pending Digital Omnibus

Two moving parts are worth tracking (state as of 6 July 2026):

  • The European Commission published draft guidelines on the classification of high-risk AI systems on 19 May 2026, with a consultation running to 23 July 2026 (source). Draft status: they clarify, they are not yet final.
  • The AI/Digital Omnibus is pending and not yet in force. If adopted as proposed, it would defer the Annex III high-risk obligations to 2 December 2027 — conditional on the Omnibus entering into force before 2 August 2026. Until that happens, plan against the Act's existing timeline.

Sources

  • Regulation (EU) 2024/1689 (EU AI Act), EUR-Lex — canonical text; Article 6, Annex I, Annex III, Article 49.
  • Annex I and Annex III on artificialintelligenceact.eu — readability mirror of the official text.
  • Draft Commission guidelines on the classification of high-risk AI systems, 19 May 2026.

On this page

  • High-risk AI definition: the two routes in Article 6
  • Annex III: the eight high-risk areas, with examples
  • The Article 6(3) filter: when an Annex III system is not high-risk
  • Are ChatGPT, Claude, or Gemini high-risk? (GPAI)
  • Current status: draft guidelines and the pending Digital Omnibus
  • Sources

Share

Product and governance updates — see our privacy policy.

Related guides

The EU AI Act: A Practical Compliance GuideGuide

The EU AI Act: A Practical Compliance Guide

A practical guide to the EU AI Act for operators: the risk tiers, the compliance timeline, who it applies to, the AI literacy duty, and how it meets GDPR.

Read more
EU AI Act (Artificial Intelligence Act)Glossary

EU AI Act (Artificial Intelligence Act)

The EU AI Act is the EU's risk-based law for artificial intelligence. A plain-language summary of what it regulates, when it applies, and who must comply.

Read more
What controls you actually need: EU AI Act and GDPR for lean SaaS operatorsBlog

What controls you actually need: EU AI Act and GDPR for lean SaaS operators

The EU AI Act is live and GDPR enforcement now reaches AI-mediated data flows. Here's what lean SaaS operators need to show — and how to think about it.

Read more

Put this guide into practice with Qadar AI

A product specialist will reply within one business day

Book a demo

Subscribe to our newsletter

Product and governance updates — see our privacy policy.

AI security and control for every model your team uses.

Built in Dubai. Designed for teams operating across regions, models, and regulatory environments.

  • Product

    • Shield Web
    • Shield Control
    • Shield Desktop
    • Shield Mobile
    • Pricing
    • Download
  • Solutions

    • For CISOs
    • For Operations
    • For AI Teams
  • Use Cases

    • AI Governance
    • AI Agent Security
    • LLM Access Control
    • Secure AI Deployment
    • Enterprise Operations
    • Financial Services
  • Resources

    • Help Center
    • Blog
    • Guides
    • Glossary
    • Changelog
    • AI Risk Calculator
    • Compare
    • FAQ
  • Company

    • About
    • Careers
    • Security & Trust
    • Contact
  • Legal

    • Legal
    • Privacy
    • Terms
    • GDPR / DPA

© 2026 Qadar AI. All rights reserved. EU data residency available for Enterprise customers.