High-risk AI systems: Annex III, Annex I and the Article 6(3) filter

• Annex I route: AI that is a safety component of products covered by the CE-marking directives/regulations listed in Annex I, including the Machinery Regulation, Medical Devices Regulation, In Vitro Diagnostic Medical Devices Regulation, Radio Equipment Directive, General Product Safety Regulation, Automotive type-approval, Aviation, Toys, Lifts, Pressure equipment, and Personal Protective Equipment.
• Annex III area 1 - Biometrics: remote biometric identification, biometric categorisation, and emotion recognition not covered by Article 5 prohibitions.
• Annex III area 2 - Critical infrastructure: AI used as safety components in management or operation of road traffic, water, gas, heating, electricity, and digital infrastructure.
• Annex III area 3 - Education & vocational training: AI that determines access or assignment to educational/vocational institutions, assesses learning outcomes, evaluates learning level, or monitors/proctors exams.
• Annex III area 4 - Employment & workers management: recruitment and candidate screening, promotion and termination decisions, task allocation and monitoring of performance or behaviour.
• Annex III area 5 - Access to essential private & public services: credit-scoring and creditworthiness evaluation (excluding fraud detection); eligibility for public benefits; life and health insurance risk assessment and pricing; emergency service dispatch and triage.
• Annex III area 6 - Law enforcement: risk assessment of offending or re-offending, polygraphs, evidence-reliability evaluation, criminal profiling in investigations.
• Annex III area 7 - Migration, asylum & border control: polygraphs, risk assessments, examination of asylum/visa/residence applications, detection or recognition of persons.
• Annex III area 8 - Administration of justice & democratic processes: AI assisting judicial authorities in researching, interpreting or applying the law; AI influencing election or referendum outcomes or voting behaviour.

Article 6(3) filter: even if an AI system falls in an Annex III area, it is NOT classified as high-risk if it does not pose a significant risk of harm to health, safety or fundamental rights. Indicators of non-significant risk: the system performs a narrow procedural task; it improves a prior human activity; it only detects decision-making patterns without replacing human judgement; it performs preparatory tasks. Important: the filter does not apply where the system profiles natural persons.

Source: Regulation (EU) 2024/1689 (EUR-Lex)

1. Inventory every AI system in your portfolio: document its intended purpose, deployment context and the population of users or affected persons.
2. Apply the Annex I test: does the AI operate as a safety component of, or is it itself a product governed by, any of the Annex I directives/regulations?
3. Apply the Annex III test: does the AI fall in one of the 8 listed use-case areas given its intended purpose?
4. Apply the Article 6(3) filter to Annex III candidates: can you substantiate that the system does not pose significant risk of harm? Document the assessment.
5. For confirmed high-risk systems: build the Chapter III compliance programme - risk management system, data governance, technical documentation, logging, human oversight, accuracy/robustness, quality management, conformity assessment, EU declaration of conformity, CE marking, registration, post-market monitoring.

For the full obligations breakdown, see the AI Act obligations guide, and for role-specific duties see the provider vs deployer guide.