On 19 May 2026, the European Commission published draft guidelines on the classification of AI systems as high-risk under Regulation (EU) 2024/1689 (the EU AI Act). The guidelines are in consultation stage and are not yet final. Providers, deployers, academia, and public authorities may submit input to the Commission until 23 June 2026 at 22:00 CET.
Under Article 6 of the AI Act, an AI system is classified as high-risk in two scenarios: where it is intended as a safety component of a product subject to EU harmonisation legislation listed in Annex I, or where it falls within one of the use cases enumerated in Annex III. Annex III covers eight categories including biometric identification, critical infrastructure management, education, employment, access to essential services, law enforcement, migration, and administration of justice. The draft guidelines clarify the methodology for applying these classification criteria and provide worked examples to assist providers in self-assessment under Recital 52. The Commission published the guidelines on the AI Act Single Information Platform to allow searchable browsing by sector and use case.
Providers placing AI systems on the EU market and deployers putting them into service must complete classification assessments before obligations under Title III of the AI Act apply. For systems falling within Annex III, providers must register in the EU database under Article 71, conduct a conformity assessment, and establish a quality management system under Article 17. The draft guidelines are of direct relevance to AI deployers in financial services, HR technology, healthcare, and public administration, all of which appear in Annex III use case categories and must determine whether their specific deployments trigger high-risk obligations.
The guidelines distinguish between AI systems classified as high-risk per se under Annex I products and those subject to a threshold assessment within Annex III categories. The threshold for the latter, which requires providers to assess whether the system poses a "significant risk," remains a point of interpretive difficulty. The Commission has invited specific feedback on whether the worked examples adequately reflect real-world deployment scenarios. Final guidelines are expected in late 2026 following review of consultation responses.
Licentium provides AI regulatory advice to technology companies, financial institutions, and public bodies operating under the EU AI Act. We may advise on this matter or assist through our partner network. Work we undertake includes AI Act classification analysis, Annex III risk assessment, conformity assessment preparation, quality management system documentation, and regulatory consultation response drafting for high-risk AI deployments.