EU AI Act — High-risk system obligations apply from 2 August 2026
Reg. (EU) 2024/1689

Understand your AI obligations under the EU AI Act

A free assessment tool that classifies your AI systems and shows exactly which requirements apply to your organisation.

Assessment tool launching soon

Answer 15 questions about your AI system. Get a clear classification and action plan — free, no account needed.

4
Risk categories defined by the regulation
13
Obligations for high-risk AI providers
5 min
To check your classification

How it works

Risk classification

Determine whether your AI system is prohibited, high-risk, limited risk, or minimal risk under the regulation.

Obligation mapping

See which specific Articles and requirements apply to your role — whether you are a provider or deployer.

Legal references

Every classification cites the relevant Articles of Regulation (EU) 2024/1689 with links to the official text.

Action plan

Receive a prioritised list of steps to reach compliance, with estimated effort and applicable deadlines.

Legal basis: This tool follows Regulation (EU) 2024/1689 of the European Parliament and of the Council of 13 June 2024 laying down harmonised rules on artificial intelligence. Classification follows Articles 5, 6, Annex III, Article 50, and Article 4. This tool provides informational guidance and does not constitute legal advice.

EU AI Act: key concepts for organisations

The EU Artificial Intelligence Act establishes a harmonised regulatory framework for AI systems placed on the market or put into service within the European Union. It takes a risk-based approach, with different requirements depending on the level of risk an AI system poses.

Risk categories

CategoryScopeKey requirements
ProhibitedSocial scoring by public authorities, subliminal manipulation, untargeted facial recognition scrapingThese practices are not permitted under any circumstances
High-riskAI used in employment decisions, credit assessment, education, critical infrastructure, biometricsRisk management system, technical documentation, data governance, human oversight, conformity assessment
Limited riskChatbots, AI-generated content, emotion recognition systemsTransparency and disclosure obligations
Minimal riskSpam filters, AI-enhanced search, basic recommendation systemsAI literacy measures (Article 4)

Application timeline

DateProvisions taking effect
2 February 2025Prohibited AI practices (Art. 5) and AI literacy obligation (Art. 4)
2 August 2025General-purpose AI model obligations (Arts. 53–55)
2 August 2026High-risk AI system obligations (Arts. 9–17, 26) and transparency requirements (Art. 50)
2 August 2027Full application of all remaining provisions

Who needs to comply

Providers — organisations that develop or commission AI systems and place them on the EU market — carry the most extensive obligations, including technical documentation, risk management, and conformity assessment.

Deployers — organisations that use AI systems in their professional activities — must ensure human oversight, maintain logs, and comply with transparency requirements. Any company using AI-powered tools (recruitment software, chatbots, credit scoring) in the EU is likely a deployer.

The regulation applies regardless of where the organisation is established, provided the AI system's output is used within the European Union.

Penalties

Non-compliance may result in administrative fines of up to €35 million or 7% of worldwide annual turnover for prohibited practice violations, and up to €15 million or 3% of turnover for other infringements. Proportionally reduced penalties apply to SMEs and startups.

Assessing your obligations

Determining whether your AI systems fall under high-risk classification requires examining their intended purpose against the categories defined in Article 6 and Annex III of the regulation. Our assessment tool guides you through this process with structured questions and provides a clear classification with supporting legal references.