On May 19, 2026, the European Commission published draft guidelines clarifying the classification of high-risk artificial intelligence (AI) systems under Regulation (EU) 2024/1689 (the “EU AI Act”) for stakeholder consultation. The guidance is intended to assist providers, deployers, and authorities in determining whether an AI system falls within the “high-risk” category, which attracts additional requirements. The guidance includes practical examples to illustrate the categorization across different sectors.
Overview of the EU AI Act’s Risk-Based Framework
The EU AI Act establishes a risk-based regulatory framework, classifying AI systems according to the risks they pose to health, safety, or fundamental rights, and mandating different requirements depending on the level of risk. High-risk systems form a subset of AI systems and are subject to the most stringent regulatory obligations. Under Article 6 of the EU AI Act, a system may be classified as high-risk via one of two routes:
- If the AI forms part of, or is itself, a product subject to EU product safety legislation (set out in Annex I); or
- If the AI is used in connection with specific high-risk use cases listed in Annex III. Annex III use cases include biometrics, critical infrastructure, education, employment, and law enforcement.
High-risk systems must comply with detailed requirements under Chapter III of the EU AI Act. These include obligations relating to risk management, data governance, transparency, human oversight, accuracy, cybersecurity and post-market monitoring.
Purpose of the Guidance
The Commission emphasizes that the draft guidelines are not legally binding. Their objective is to provide developers and deployers of AI systems guidance on determining whether an AI system is to be classified as high-risk and to support consistent interpretation of the EU AI Act across member states. The guidelines will complement forthcoming Commission guidance addressing the specific compliance obligations for high-risk systems.
The publication of the draft guidance aligns with recently updated implementation timelines introduced under the Digital Omnibus on AI package. The revised schedule delays the application of key high-risk obligations, with rules for most Annex III systems applying from December 2, 2027 and rules for Annex I systems applying from August 2, 2028. These delays were introduced to provide additional time for the development of guidance and standards, thereby enhancing legal certainty for stakeholders and facilitating compliance readiness.
Draft Guidelines
The draft guidelines outline a structured methodology for assessing high-risk classification. The guidelines are divided into three distinct sections. The first addresses general principles applicable to all high-risk AI systems, the second covers Annex I systems, while the third deals with Annex III systems.
Overarching Principles: The first section emphasizes two considerations that are central to the question of whether a high-risk AI system is at issue, regardless of whether a system falls within the Annex I or Annex III framework. First, a system must be an “AI system”, as defined in the EU AI Act, not merely a software application or an automated decision making system. Second, the determination of an AI system’s “intended purpose”, which the EU AI Act defines as “the use for which that system is intended by the provider, including the specific context and conditions of use,” is central to the classification of high-risk AI systems.
Annex I Systems: The second section deals with Annex I high-risk AI systems. For an AI system to qualify as high-risk under Annex I, it must meet two conditions: (i) first, the AI system must be either the product itself or a safety component of the product; and (ii) the product must be subject to third-party conformity assessment.
Regarding the first element, while the EU AI Act does not provide a list of safety components, the guidelines provide several examples of safety functions that may meet this criterion, such as where AI monitors for abnormal system behavior that may lead to physical harm or an AI system intended to detect failure of safety-related parts of a product. The guidelines also clarify certain functions that do not fulfill safety functions, such as the optimization of product performance, the optimization of service efficiency, or the quality control of non-safety related features. Turning to the second condition, the guidelines confirm that the EU AI Act does not set separate assessment procedures but instead relies on existing EU conformity assessment frameworks, using the requirement for notified body assessment as an indicator for identifying safety‑critical, higher‑risk systems.
Annex III Systems: The third section addresses systems considered high-risk by virtue of Annex III, which lists eight areas particularly susceptible to risk: (1) Biometrics; (2) Critical infrastructure; (3) Education; (4) Employment, workers’ management and access to self-employment; (5) Essential private services and essential public services and benefits; (6) Law enforcement; (7) Migration, asylum and border control; (8) Administration of justice and democratic processes.
The guidelines confirm that simply because a use case falls within one of these eight categories is insufficient. Under Article 6(3)’s “filter mechanism”, certain systems falling within Annex III use cases are exempt if they do not materially influence decision-making, such as where they only perform narrow procedural tasks or improve the result of a previous human activity. However, the guidance stresses that this exception must be interpreted narrowly and does not apply, for example, to systems performing profiling.
Although Annex III itself includes a list of high-risk use cases, the guidelines expound significantly on this list, offering highly specific examples of uses cases that do or do not qualify as high-risk. The guidelines emphasize that the list is non-exhaustive and may be updated over time.
Stakeholder Consultation
The draft guidelines have been published for public consultation, with feedback invited from stakeholders, including AI providers and deployers, businesses, public authorities, academia, and civil society. The consultation is open until June 23, 2026.
Takeaways
In practice, the draft guidance reinforces that classification as high-risk is fact-specific and depends heavily on the intended purpose and deployment context of an AI system. Organizations should therefore carefully assess AI system functionalities and intended uses, and align documentation to make their classifications defensible. The guidance also underscores increased scrutiny of self-assessments and the potential for regulatory intervention where systems are misclassified, particularly in light of the structured methodologies and examples now being proposed. Interested stakeholders may also wish to participate in the consultation and provide feedback on the draft guidelines.
