AI Compliance Vendors

Free tool

EU AI Act Risk Classifier

Twelve questions, one tier. The classifier walks Article 5 prohibitions first, then Article 6 + Annex III high-risk uses (with the Article 6(3) derogation), then Article 50 transparency obligations, and finally GPAI + systemic-risk thresholds. Output is a downloadable markdown report with the exact article and annex that determined the result.

Step 1 — Your role under the AI Act

Obligations differ for providers (Art. 16, Chapter III §2), deployers (Art. 26–27), and importers/distributors (Art. 23–24). Pick the closest match.

Article 5 — Prohibited practices

If any of these apply, the system cannot be placed on the EU market.

Annex III — High-risk use cases

Pre-defined high-risk areas under Article 6(2). Choose any that apply.

Article 6(1) safety component

AI used as a safety component of a product covered by EU harmonisation legislation (Annex I) and required to undergo third-party conformity assessment.

Article 6(3) — Derogation from high-risk classification

Annex III systems can avoid high-risk classification if they only perform a narrow task AND do no profiling. Tick all that match.

Article 50 — Transparency triggers

These trigger transparency obligations regardless of risk tier.

GPAI — General-purpose AI model

Applies if you place a GPAI model on the EU market.

Operator profile — Article 99(6) proportionate fines

Affects which obligations apply to you and how penalties are calculated.

How the classifier works

The EU AI Act establishes a four-tier risk pyramid plus a separate track for general-purpose AI models (GPAI). The classifier evaluates your inputs against the cascade in the order the regulation itself uses, so the first match wins.

1. Article 5 — prohibited practices

Article 5 of Regulation (EU) 2024/1689 lists eight categories of prohibited AI: subliminal manipulation, exploitation of vulnerabilities, social scoring by public authorities, untargeted scraping of facial images, emotion inference in workplaces and schools, biometric categorisation inferring sensitive attributes, real-time remote biometric identification in publicly accessible spaces by law enforcement, and individual predictive policing based solely on profiling. These prohibitions took effect on 2 February 2025.

If your system falls under any of these, the classifier returns "prohibited" and stops — no further analysis is needed because the system cannot be placed on the EU market.

2. Article 6 + Annex III — high-risk

Article 6(1) covers systems used as safety components of products already regulated under EU harmonisation law (Annex I). Article 6(2) and Annex III cover eight standalone high-risk areas: biometrics, critical infrastructure, education and vocational training, employment and worker management, access to essential services and benefits, law enforcement, migration and border control, and administration of justice and democratic processes.

Article 6(3), added during the trilogue, provides a derogation: a system listed in Annex III is not high-risk if it performs a narrow procedural task, improves the result of a previously completed human activity, detects decision-making patterns without replacing human assessment, or performs a preparatory task. The classifier asks about the derogation conditions and applies them only when the user has indicated all required conditions are met.

High-risk classification triggers a long obligations list: risk management (Art. 9), data governance (Art. 10), technical documentation (Art. 11), record-keeping (Art. 12), transparency (Art. 13), human oversight (Art. 14), accuracy and robustness (Art. 15), conformity assessment (Art. 43), CE marking, registration in the EU database (Art. 49), and — for deployers of certain categories — a Fundamental Rights Impact Assessment under Article 27.

3. Article 50 — transparency obligations

Even if a system is not high-risk, Article 50 imposes transparency duties. Operators of AI systems that interact directly with natural persons must inform users they are interacting with AI. Providers of synthetic-content generators must mark output as artificially generated. Deployers of emotion-recognition or biometric-categorisation systems must inform affected persons. Deployers who generate or manipulate deep fakes must disclose that the content is artificial. The classifier flags these as "limited-risk" with the specific Article 50 paragraph that applies.

4. GPAI and systemic-risk GPAI

General-purpose AI models — those trained on broad data at scale and capable of competently performing a wide range of tasks — sit on a separate track. All GPAI providers must publish a sufficiently detailed summary of training content, comply with EU copyright law including the text-and-data-mining opt-out, and supply technical documentation to downstream deployers (Art. 53). Models with systemic risk — currently those trained with more than 10²⁵ floating point operations of compute — face additional obligations under Article 55, including model evaluation, systemic risk assessment, adversarial testing, and serious-incident reporting to the AI Office.

5. Minimal risk

Everything that survives the cascade above lands in minimal risk. The Act imposes no specific obligations on this tier beyond voluntary codes of conduct (Art. 95). Spam filters, AI-enabled video games, and inventory-optimisation models typically end up here.

When the classifier is not enough

The classifier produces a defensible first-pass classification suitable for internal triage and vendor scoping. It is not legal advice. Borderline cases — particularly around the Annex III biometrics carve-out, the Article 6(3) derogation, and whether a foundation model meets the systemic-risk threshold under Article 51 — should be reviewed with counsel. The official European Commission guidelines on Article 6 derogations were published in February 2025 and should be consulted for marginal cases.

What to do next

If the classifier returns high-risk, your next two artefacts are a fundamental rights impact assessment and a risk register. We have free tools for both:

  • FRIA generator — produces a draft Article 27 assessment.
  • AI risk register — pre-populated against NIST AI RMF, ISO 42001, OWASP LLM Top 10, and EU AI Act Article 9.

And once you know your tier, the AI Compliance Vendors matchmaker will rank vendors that document coverage of the obligations your tier triggers.

Compliance timeline (Article 113)

The Regulation entered into force on 1 August 2024 and applies in stages under Article 113. The dates below remain the legal baseline. A Digital Omnibus proposal under discussion in 2025 and 2026 would shift some high-risk deadlines by twelve months, but it has not been adopted.

  1. 2 February 2025
    Article 113(a)
    Article 5 prohibitions and Article 4 AI literacy duty applied to all providers and deployers.
  2. 2 August 2025
    Article 113(b)
    GPAI obligations (Articles 51 to 55) applied to new general-purpose AI models. AI Office, governance and penalty regime entered into force.
  3. 2 August 2026
    Article 113
    High-risk obligations for Annex III systems applied. Conformity assessment, technical documentation, registration in EU database, post-market monitoring required.
  4. 2 August 2027
    Article 113(c)
    High-risk obligations for Annex I safety-component systems applied. GPAI models already on the market at 2 August 2025 must be in full compliance.

Penalties under Article 99

Article 99 sets three administrative-fine tiers. SMEs and start-ups pay the lower of the two amounts shown. GPAI providers face a separate ceiling under Article 101.

BreachMaximum fine
Prohibited practices (Article 5)€35M or 7% of worldwide annual turnover
High-risk obligations and most other provisions€15M or 3% of worldwide annual turnover
Supplying incorrect/misleading information€7.5M or 1% of worldwide annual turnover
GPAI providers (Article 101)€15M or 3% of worldwide annual turnover

Provider vs deployer (Article 3)

The Regulation distinguishes five operator roles. The two that carry the heaviest obligations are provider and deployer. The same entity can sit in different roles for different systems.

Provider (Art. 3(3))

Develops an AI system or has one developed and places it on the market or puts it into service under its own name or trademark, whether for payment or free. Carries the full weight of Chapter III obligations for high-risk systems: risk management, data governance, technical documentation, conformity assessment, CE marking, post-market monitoring.

Deployer (Art. 3(4))

Uses an AI system under its own authority in the course of a professional activity. Obligations are narrower (Articles 26 to 27): assign human oversight, monitor operation, keep logs, inform workers when high-risk systems are used in workplace contexts, and run a Fundamental Rights Impact Assessment for certain Annex III categories.

Importers (Art. 23), distributors (Art. 24), and authorised representatives (Art. 22) face narrower verification duties. A deployer that substantially modifies a high-risk system or puts it on the market under its own name becomes a provider for that system (Art. 25).

Frequently asked questions

What are the four risk categories under the EU AI Act?+

Regulation (EU) 2024/1689 establishes four risk tiers. Prohibited AI under Article 5 cannot be placed on the EU market. High-risk AI under Article 6 plus Annex III triggers full Chapter III obligations (risk management, data governance, technical documentation, conformity assessment, registration). Limited-risk systems under Article 50 must meet transparency duties. Minimal-risk systems carry no specific obligations beyond voluntary codes of conduct (Article 95). General-purpose AI models sit on a parallel track under Articles 51 to 55.

When does the EU AI Act actually apply?+

Application is staged under Article 113. Prohibitions in Article 5 and the AI literacy duty in Article 4 applied from 2 February 2025. GPAI obligations under Chapter V applied from 2 August 2025. The main body of the Regulation, including high-risk obligations for Annex III systems, applies from 2 August 2026. High-risk obligations for Annex I safety-component systems apply from 2 August 2027. A pending Digital Omnibus proposal would extend certain high-risk deadlines by twelve months, but the dates above remain the legal baseline until that proposal is adopted.

Am I a provider or a deployer under Article 3?+

Article 3 of the Act defines a provider as the natural or legal person that develops an AI system, or has one developed, and places it on the market or puts it into service under its own name. A deployer is the natural or legal person using an AI system under its own authority in the course of a professional activity. The same entity can be both for different systems. Importers and distributors (Articles 23 to 24) face narrower duties focused on verifying that providers have completed conformity assessments.

What is the Article 6(3) derogation and when does it apply?+

Article 6(3) carves systems out of the high-risk tier even when they fall in Annex III, on four narrow grounds: the system performs a narrow procedural task, improves the result of a previously completed human activity, detects decision-making patterns without replacing or influencing human assessment, or performs a preparatory task for an Annex III assessment. The carve-out never applies to systems that profile natural persons. Providers that rely on the derogation must document the assessment and still register the system in the EU database under Article 49(2).

What counts as a deep fake under Article 50?+

Article 3(60) defines a deep fake as AI-generated or AI-manipulated image, audio, or video content that resembles existing persons, objects, places, entities, or events and would falsely appear to a person to be authentic or truthful. Article 50(4) requires deployers to disclose that the content has been artificially generated or manipulated, with limited exceptions for content that is part of an evidently artistic, creative, satirical, or fictional work.

What are the penalties under Article 99?+

Article 99 sets three tiers of administrative fines for providers. Prohibited practices under Article 5 are subject to fines up to 35 million euro or 7 percent of total worldwide annual turnover, whichever is higher. Non-compliance with most other provisions, including the high-risk obligations of Chapter III, is subject to fines up to 15 million euro or 3 percent of turnover. Supplying incorrect, incomplete, or misleading information to authorities is subject to fines up to 7.5 million euro or 1 percent of turnover. SMEs and start-ups face the lower of the two amounts. GPAI providers face a separate fine ceiling of 15 million euro or 3 percent under Article 101.

When is a general-purpose AI model a systemic-risk GPAI?+

Article 51 sets a presumption of systemic risk when the cumulative compute used for training exceeds 10^25 floating-point operations. Models above that threshold face the additional obligations of Article 55, including model evaluation, systemic risk assessment, adversarial testing, cybersecurity protection, and serious-incident reporting to the AI Office. Open-source GPAI models without systemic risk benefit from a lighter regime (Article 53(2)) but still have to publish a training-content summary and respect EU copyright law.

Does this classifier replace legal advice?+

No. The output is a defensible first-pass classification suitable for internal triage, vendor scoping, and budget planning. Article 6(3) derogations, the Annex III biometrics carve-out, GPAI systemic-risk threshold determinations, and the interaction with sector-specific law (MDR, IVDR, financial services prudential rules) all require legal review. Treat the classifier output as a structured starting point for counsel, not a substitute for it.

Where can I read the official text?+

The consolidated text of Regulation (EU) 2024/1689 is published on EUR-Lex at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689. The European Commission also publishes companion guidelines on prohibited practices, the definition of an AI system, and the Article 6(3) derogation, all linked at the bottom of this page.

Sources