What to Know About the European Commission’s Draft Guidelines on the Classification of High-Risk AI Systems

The European Commission’s Draft Guidelines are the Commission’s next step in issuing practical guidance to the statutory text of Article 6 of the AI Act. 

The guidelines are expressly aimed at supporting providers and deployers of AI systems in evaluating whether their AI system is classified as high-risk. If an AI system is classified as high-risk, providers must comply with rigorous conformity assessment requirements, including, in some cases, third-party review by a notified body before the system can be placed on the EU market. Providers would also need to document the system’s intended purpose and maintain ongoing compliance with the AI Act’s obligations. Misclassification of a high-risk system can result in penalties imposed by market surveillance authorities. Additionally, distributors, importers, and deployers who modify or rebrand a high-risk system may themselves assume provider obligations under Article 25(1) of the AI Act. The draft is not yet legally binding and has been published for stakeholder consultation.  

Why the European Commission Delayed the High-Risk AI System Guidelines 

The original deadline for the draft guidelines for the European Commission was February 2, 2026. A potential delay was forecasted on January 26, 2026, when Deputy Director General for Communication Networks Renate Nikolay expressed that the guidance needed to provide legal certainty and thus, the Commission needed more time to work on the guidelines.  

The delay was also a result of member-state-level authorities struggling to appoint enforcers, and the lack of sufficient advanced guidance on the enforcement of the directive before its scheduled implementation. A Commission spokesperson stated that the EU’s executives were integrating feedback and wanted to publish the draft guidelines in February for stakeholder input.  

As a result of the delay, AI systems subject to product regulation have a postponed compliance deadline of August 2028 and AI systems intended for use cases have a postponed compliance deadline of December 2027.  

How the Draft Guidelines Define and Classify High-Risk AI Systems Under the EU AI Act 

Pursuant to Article 6 of the AI Act, there are two classifications of “high-risk” systems:  

1. AI systems embedded in products regulated under the Union’s legislation on product safety.  
2. AI systems that can significantly affect people’s health, safety, or fundamental rights in specific use cases listed in the AI Act.  

The first classification provides two cumulative conditions under Article 6(1) and Annex I to classify a system as high-risk. First, the AI system must be a product itself, or a safety component of a product under the EU’s legislation of Annex I of the AI Act.  An AI system is a safety component if it is intended to prevent or mitigate risks to health, safety, or property, or, if the system’s failure could endanger health, safety, or property. Second, the system must undergo a third-party conformity assessment, and it must be subject to regulatory scrutiny involving a notified body before it can be placed in the EU market.  

Once the two conditions are met under Article 6(1), the AI system is classified as high-risk under the first classification. 

The second classification, governed by Article 6(2) and Annex III, classifies high-risk AI systems through determining whether a system’s intended purpose falls into one of the specific cases listed in Annex III, which identifies areas that are particularly susceptible to AI risks. Providers are responsible for clearly describing the system’s intended purpose including its envisioned use and its functionalities.  

There are eight areas under Annex III which the system’s intended purpose could fall under:   

1. Biometrics 
2. Critical Infrastructure 
3. Education and Vocational Training  
4. Employment  
5. Essential Public and Private Services 
6. Law Enforcement  
7. Migration, Asylum, and Border Control  
8. Administration of Justice and Democratic Processes  

If the system falls within an area listed under Annex III, providers are exempt from a high-risk classification if a “filter” governed by Article 6(3) applies. The filter applies under one of four conditions:  

1. The AI system is intended to perform a narrow procedural task. 
2. The AI system is intended to improve the result of previously completed human activity. 
3. The AI system is intended to detect decision-making patterns or deviations from prior decision-making patterns and is not meant to replace or influence the previously completed human assessment without proper human review; or  
4. The AI system is intended to perform a preparatory task to an assessment relevant for the purposes of the use cases listed in Annex III of the AI Act.  

If a filter applies, the providers who rely on it must publish a self-assessment explaining why the exemption applies and why the system is not otherwise considered high-risk, to include such information with its registration application under Article 49(2). A misclassification can be penalized by market surveillance authorities. However, the filter cannot be applied if the AI system performs profiling of natural persons-automated processing of personal data to evaluate personal aspects. Companies should consider engaging experienced counsel to assist with the initial assessment, documentation, and registration of their AI system.  

Key Principles for Determining Whether an AI System Is High Risk 

Before a classification is made, the system must first qualify as an “AI system” under Article 3(1) of the AI Act. Under the relevant definition, the AI system:  

• Must be a machine-based system designed to operate with varying levels of autonomy 
• May exhibit adaptiveness after deployment  
• Infers from input to generate outputs such as predictions, content, recommendations, or decisions, and  
• Can influence physical or virtual environments 

The intended purpose of an AI system plays an important role in its classification as high-risk and for assessing compliance with the requirements of a high-risk AI system under the second classification governed by Article 6(2) and Annex III. It is the responsibility of the provider, who is supervised by the relevant competent market surveillance authorities, to assess whether an AI system is intended to be used for a high-risk use case. Consequently, a provider cannot merely assert that high-risk uses of the AI system are excluded to avoid being considered high-risk.  

Additionally, distributors, importers, deployers, or other third parties may be subject to provider obligations under Article 25(1) of the AI Act if they:  

• Put their name on a high-risk system  
• Make a modification to one, or  
• Modify the purpose of a non-high-risk system so that it becomes high-risk  

Furthermore, some AI systems that could be classified as high-risk may be entirely prohibited under Article 5 of the AI Act. The guidelines note that use cases listed in category 1 of Annex III should be considered in light of AI practices prohibited by Article 5.  

Implementation Dates 

Obligations under the first classification governed by Article 6(1) and Annex I of the AI Act will apply beginning on August 2, 2028. The original application date was set for August 2, 2027, but was then postponed.  

Obligations under the second classification governed by Article 6(2) and Annex III of the AI Act will apply beginning on December 2, 2027. The original application date was set for August 2, 2026, but was then postponed.  

Moreover, Article 111(2) of the AI Act states that the act applies to operators of high-risk AI systems that have been placed in the market or put into service before August 2, 2026. Obligations under Article 111(2) of the AI Act will apply to operators of these systems if they undergo significant changes from August 2, 2026.  

Providers and deployers of high-risk AI systems intended to be used by public authorities should comply with the requirements and obligations for high-risk AI systems by August 2, 2030. 

AI systems that are components of the large-scale IT systems established by the legal acts listed in Annex X of the AI Act placed in the market or put into service before August 2, 2027, should be brought into compliance with the high-risk requirements by December 31, 2030.  

European Commission Consultation on the Draft High-Risk AI Guidelines 

The Commission is collecting feedback on the guidelines from stakeholders until June 23, 2026. The target audience is “[a]nyone with an interest in the development, deployment, supervision or use of AI systems…this includes AI providers and developers, organizations using AI systems, public authorities, researchers, civil society organizations, supervisory bodies and members of the public.”  

In addition to the current feedback collection process, the AI Office organized a stakeholder workshop in December 2025 to collect more sector-specific feedback on the draft guidelines. In contrast, this round of feedback collection is targeted at collecting feedback on clarity, completeness, and usability of the draft guidelines. 

Next Steps  

The Commission will continue to review the list of high-risk use cases through a monitoring instrument and have the power to adopt delegated acts to add new use cases or remove existing ones. Moreover, the AI Office and the AI Act Service Desk will provide ongoing support. An AI regulatory sandbox is expected to be established by August 2026.  

Summer associate Ana Lopez contributed to this alert.