High-Risk AI Systems
The Complete Guide to EU AI Act High-Risk Requirements
Overview
High-risk AI systems face the most stringent requirements under the EU AI Act. If your AI system falls into this category, you'll need to comply with Articles 9-15 and undergo conformity assessment before placing it on the EU market.
Key Deadline
High-risk AI systems must comply by August 2, 2026.
What Makes AI "High-Risk"?
AI systems are classified as high-risk through two pathways:
Pathway 1: Safety Components (Annex I)
AI systems that are safety components of products covered by EU harmonization legislation:
- • Medical devices
- • Machinery
- • Toys
- • Lifts
- • Radio equipment
- • Civil aviation
- • Motor vehicles
- • Railway systems
- • Marine equipment
Example: An AI system that controls braking in an autonomous vehicle is a safety component of that vehicle.
Pathway 2: Standalone High-Risk (Annex III)
AI systems in specific use cases that pose risks to safety or fundamental rights.
Annex III Categories
Biometrics
Remote biometric identification, categorization, emotion recognition
Critical Infrastructure
Safety components of water, gas, electricity, traffic management
Education
Admissions decisions, assessments, proctoring, cheating detection
Employment
Recruitment, screening, hiring, task allocation, performance evaluation, termination
Essential Services
Credit scoring, emergency services dispatch, health/life insurance assessment
Law Enforcement
Risk assessment, polygraphs, evidence evaluation, crime prediction
Migration
Document verification, visa applications, residence permits
Justice
Sentencing, legal research, case outcome prediction
Elections
Influencing voting behavior (with exceptions for non-manipulative uses)
Annex III Categories Deep Dive
1. Biometrics
High-risk if used for:
- • Remote biometric identification — Identifying individuals from a distance using biometric data
- • Biometric categorization — Categorizing individuals by protected characteristics
- • Emotion recognition — Inferring emotional states in workplace or educational settings
Examples:
- • Facial recognition for access control
- • Voice recognition for identity verification
- • Systems inferring mood from facial expressions
Not high-risk:
- • Biometric verification (one-to-one matching for authentication)
- • Systems designed for accessibility purposes
3. Education and Vocational Training
High-risk if used for:
- • Determine access — Admissions decisions, assignment to programs
- • Evaluate outcomes — Grading, assessment scoring
- • Monitor students — Cheating detection, exam proctoring
- • Predict success — Dropout prediction, performance forecasting
Examples:
- • AI scoring college applications
- • Automated essay grading
- • Remote proctoring software
- • Systems predicting student dropout risk
4. Employment
This is one of the most common high-risk categories for AI startups.
High-risk if used for:
- • Recruitment — Posting ads, screening applications
- • Hiring — Evaluating candidates, ranking applicants
- • Task allocation — Assigning work, scheduling
- • Performance — Evaluating worker performance
- • Termination — Decisions about ending employment
Examples:
- • Resume screening tools
- • AI-powered interview analysis
- • Algorithmic scheduling systems
- • Productivity monitoring tools
5. Access to Essential Services
High-risk if used for:
- • Credit — Credit scoring, loan decisions
- • Public benefits — Welfare, unemployment, housing
- • Emergency services — Prioritizing emergency calls
- • Insurance — Health and life insurance pricing/coverage
Examples:
- • AI credit scoring models
- • Fraud detection in insurance claims
- • Emergency dispatch prioritization
- • Benefits eligibility assessment
Requirements for High-Risk AI (Articles 9-15)
Once classified as high-risk, you must comply with these requirements:
Risk Management System
Establish a continuous risk management process
| Requirement | Description |
|---|---|
| Risk identification | Identify known and foreseeable risks |
| Risk estimation | Evaluate risks from intended use and misuse |
| Risk mitigation | Implement measures to address risks |
| Residual risk | Communicate remaining risks to users |
| Testing | Verify risk management effectiveness |
| Documentation | Document the entire process |
Key outputs:
- Risk assessment document
- Mitigation measures list
- Residual risk communication
- Testing procedures and results
Data and Data Governance
Ensure training data quality
| Requirement | Description |
|---|---|
| Governance practices | Documented data management |
| Data quality | Relevant, representative, error-free |
| Statistical properties | Appropriate for intended purpose |
| Bias assessment | Identify and address biases |
| Gap analysis | Document data shortcomings |
| GDPR compliance | Personal data processed lawfully |
Key outputs:
- Data governance documentation
- Data quality assessment
- Bias testing results
- Privacy compliance evidence
Technical Documentation
Prepare comprehensive documentation
| Requirement | Description |
|---|---|
| General description | System purpose, functionality |
| Development | Design, architecture, algorithms |
| Monitoring | How system is monitored and controlled |
| Risk management | Risk assessment and mitigation |
| Changes | Modifications throughout lifecycle |
| Performance | Accuracy, robustness metrics |
Key outputs:
- Technical documentation package
- System architecture description
- Performance specifications
Record-Keeping
Implement automatic logging
| Requirement | Description |
|---|---|
| Automatic | No manual intervention required |
| Duration tracking | Log operational periods |
| Database access | Log reference database queries |
| Input data | Log or enable reconstruction of inputs |
| Traceability | Enable full decision reconstruction |
Key outputs:
- Logging implementation
- Audit trail capability
- Export functionality
Transparency and Information
Provide clear information to deployers
| Requirement | Description |
|---|---|
| Instructions for use | How to properly use the system |
| Capabilities | What the system can do |
| Limitations | What the system cannot do |
| Performance | Accuracy and error rates |
| Oversight | How to implement human oversight |
| Lifetime | Expected operational lifetime |
Key outputs:
- Instructions for use document
- Performance specifications
- User guidance materials
Human Oversight
Enable effective human oversight
| Requirement | Description |
|---|---|
| Understanding | Humans can understand system behavior |
| Awareness | Humans aware of automation bias risk |
| Interpretation | Humans can correctly interpret output |
| Override | Humans can decide not to use or override |
| Intervention | Humans can stop the system |
Key outputs:
- Human oversight procedures
- Training materials for operators
- Override and intervention mechanisms
Accuracy, Robustness, Cybersecurity
Ensure technical quality
| Requirement | Description |
|---|---|
| Accuracy | Appropriate for intended purpose |
| Robustness | Resilient to errors and attacks |
| Redundancy | Fail-safe measures where appropriate |
| Cybersecurity | Protected against threats |
Key outputs:
- Accuracy metrics and testing
- Robustness evaluation
- Security assessment
Conformity Assessment
What It Is
Before placing a high-risk AI system on the EU market, you must demonstrate compliance through conformity assessment.
Two Pathways
| Pathway | When It Applies | Process |
|---|---|---|
| Internal control | Most Annex III systems | Self-assessment + documentation |
| Third-party assessment | Biometric identification, critical infrastructure | Notified body involvement |
Internal Control (Most Common)
For most high-risk AI systems:
- Implement all Article 9-15 requirements
- Document compliance in technical documentation
- Establish quality management system
- Prepare EU Declaration of Conformity
- Affix CE marking
- Register in EU database
Third-Party Assessment
For biometric ID and critical infrastructure:
- Implement all Article 9-15 requirements
- Engage a notified body
- Submit technical documentation for review
- Address any findings
- Obtain conformity certificate
- Affix CE marking
- Register in EU database
Implementation Timeline
Now → August 2026
| Phase | Timeline | Activities |
|---|---|---|
| Assessment | Now | Classify systems, identify gaps |
| Planning | Q1 2026 | Resource allocation, project planning |
| Implementation | Q2-Q3 2026 | Build compliance, create documentation |
| Testing | Q3 2026 | Verify conformity, address gaps |
| Certification | Q3 2026 | Conformity assessment, registration |
| Compliance | Aug 2, 2026 | Full compliance required |
Recommended 6-Month Plan
Months 1-2: Foundation
- • Complete risk classification for all AI systems
- • Identify which systems are high-risk
- • Gap analysis against Articles 9-15
- • Resource and budget planning
Months 3-4: Core Implementation
- • Implement risk management system
- • Document data governance
- • Create technical documentation
- • Implement logging capabilities
Months 5-6: Finalization
- • Complete all documentation
- • Conduct conformity assessment
- • Register in EU database
- • Train team on ongoing compliance
Common Mistakes
1. Waiting Too Long
"We'll deal with it when enforcement starts."
Reality: Implementation takes 6+ months. Starting in 2026 is too late.
2. Underestimating Scope
"We only have a few AI features."
Reality: Every AI system needs classification. Many companies discover more high-risk systems than expected.
3. Documentation-Only Approach
"We'll just create the documents."
Reality: Documentation must reflect real processes. Auditors will verify implementation.
4. Ignoring Continuous Compliance
"We're compliant now, we're done."
Reality: Risk management is continuous. Documentation needs updates. Logs need monitoring.
5. DIY for Complex Systems
"We can figure this out ourselves."
Reality: High-risk compliance is complex. Professional tools and/or expert guidance often pay for themselves.
Penalties for Non-Compliance
| Violation | Maximum Penalty |
|---|---|
| Non-compliance with high-risk requirements | €15 million or 3% of global annual turnover |
| Failure to register in EU database | €7.5 million or 1.5% of turnover |
| Providing incorrect information | €7.5 million or 1.5% of turnover |
Beyond fines:
- Market withdrawal orders
- Recall of non-compliant systems
- Prohibition of market placement
- Reputational damage
How Protectron Helps
Risk Classification
Instantly determine if your AI is high-risk. Understand which Annex III category applies.
Requirement Tracking
Track all 113 high-risk requirements. See progress across Articles 9-15.
Document Generation
Generate required documentation with AI. Technical documentation templates.
Audit Trail (Article 12)
Automatic logging via SDK. LangChain, CrewAI integration.
Evidence Management
Centralized evidence repository. Link evidence to requirements.
Compliance Reporting
Real-time compliance score. Progress dashboards.
Get Started
High-risk compliance is complex, but it's manageable with the right tools.
Classify your AI systems, track requirements, and generate documentation—all in one platform.
Questions about high-risk compliance? Contact us for a personalized assessment.