Insights and Analysis

European Commission publishes long-awaited guidelines on high-risk AI systems

27 May 2026
AdobeStock_421587370
AdobeStock_421587370

The European Commission has published its draft guidelines on the classification of high-risk AI systems under the AI Act. The guidelines, which are subject to consultation, have been eagerly anticipated for some time, in part because they have been delayed since the original deadline of 2 February 2026, but also because these rules are likely to impact a far greater number of organisations than the rules on prohibited AI practices and general purpose AI models (for which guidance was published in 2025).

Background

Their publication follows the recent provisional agreement reached by the Council of the EU and the European Parliament on targeted amendments to the EU AI Act. This includes delaying the application of the high-risk AI system rules until 2 December 2027 for stand-alone high-risk AI systems and 2 August 2028 for high-risk AI systems embedded in products subject to Union harmonisation legislation. 

The guidelines, which run to 167 pages, set out the key concepts and provide practical examples to assist stakeholders in the classification of high-risk AI systems. However, the scope of the guidelines is limited to determining whether an AI system is high-risk or not. The guidelines will be complemented at a later date by guidelines on the obligations for providers and deployers of high-risk AI systems. Harmonised standards or implementing acts may also be applicable, once developed.  

Below, we set out some of the points which stakeholders may want to engage on or that are particularly noteworthy, with the focus being on a subset of high-risk AI systems in the biometric, employment/recruitment and creditworthiness categories. The consultation on the guidelines is open until 23 June 2026. 

General points under the draft guidelines

A number of key overarching points are made within the guidelines, concerning how providers should document and analyse the applicability of the high-risk rules to their systems.

  • GPAI systems may come into scope of the high-risk AI system rules unless documentation consistently excludes high-risk AI use cases

The guidelines emphasise that, in particular, providers of GPAI systems must exercise care in describing their AI systems in publicly available materials such as instructions for use, technical documentation, and any promotional, marketing materials. Where this documentation does not consistently limit or exclude high-risk use cases, then the system’s intended purpose will be classified as high-risk.

This is a very significant expansion of the scope of the high-risk requirements. It could result in both the providers and deployers of general-purpose technologies (e.g. chatbots, agentic systems etc) being subject to the high-risk requirements.

  • Human involvement does not automatically exclude a system from being high-risk

AI Systems that generally would fall within one of the Annex III use cases, can be exempt from the high-risk classification if they meet certain conditions in Article 6(3), provided that they do not perform profiling. 

However, providers cannot exempt an AI system from the high-risk classification based solely on the use of human oversight since this does not change the purpose and area in which a system is intended to be used. 

Human involvement may however be part of the assessment as to whether one of the conditions in the exemption applies, for example that the system is only intended to perform a narrow procedural task or improve a previously completed human activity. 

  • Documentation is key for reliance on the high-risk exemption conditions

The guidelines provide several practical examples for each limb of the Article 6(3) exemption.

To benefit from the exemption, the provider must conduct and document a self-assessment before the AI system is placed on the market or put into service. The guidelines provide helpful clarification for stakeholders on the required content of that assessment.

  • The Commission may assess multiple AI systems as a whole

Where multiple AI components operate together so that their combined purpose or outputs materially influence a decision, the Commission indicates the set-up should be assessed as a whole (i.e., as a single AI system) to prevent circumvention of the rules. The impact of this is to dissuade providers from designing a system architecturally to exclude certain components which, overall contribute towards the high-risk functionality. However, the guidelines do appear to provide some room for excluding “strictly procedural or preparatory functions” particularly where they are put into services independently from the rest of the AI system. 

Biometrics

The section on biometrics specifies the scope of the three groups of biometric systems defined in Annex III. 

  • Remote biometric identification systems. The guidelines focus on distinguishing ‘remote’ biometric identification from those requiring active and conscious involvement of individuals. For example, a person presenting themselves in front of a door or computer sensor would be out of scope, whereas the use of keystroke biometric technology to identify a person typing a fraudulent message would be considered remote and in-scope. The guidelines also reference the use of biometric reference databases, which could have implications for services which identify and remove certain types of content based on previously identified images (e.g. removal of child sexual abuse material in the context of online safety).
  • AI systems intended to be used for biometric categorisation, according to sensitive or protected attributes or characteristics based on the inference of those attributes or characteristics. There are few surprises on this topic, where the guidelines confirm that assigning age or gender to a customer  based on their biometrics (e.g. the use of key strokes or facial features for the purposes of personalised advertising or age assurance) is not in-scope of the high-risk rules, since these characteristics are not considered covered by Article 9(1) GDPR. Similarly, scanning text or images to identify illegal content (e.g. extreme political opinions) is also not within scope since the categorisation of special category data is not based on biometrics. 
  • AI systems intended to be used for emotion recognition. Some care will need to be taken when considering whether an inferred state is an emotion or intention, for example the guidelines make it clear that the AI Act should not be circumvented by referring to an ‘angry attitude’ rather than an ‘angry emotion’. Similarly, the use of other proxies such as facial expressions, gestures or raised voices which accomplish the same, are also within scope. 

Such provisions will likely have implications for organisations developing and deploying smart devices, call center satisfaction detection systems, the gaming industry and large-scale event security monitoring systems.

Employment and recruitment

The Commission emphasises that AI systems relating to employment/recruitment are not limited to traditional employment, but also apply to a broad range of work arrangements (including freelancers, independent professionals, service providers and platform work). Stakeholders operating gig-economy business models may therefore need to assess whether their tools are likely to be in scope.

The guidelines provide comprehensive guidance on the conditions for different scenarios that fall in and out of scope of this use case. For example:

  • AI systems used for background checks in the recruitment process may fall within scope; however, tools limited to verifying professional accreditations against official registers may benefit from the exemption in Article 6(3).
  • Making decisions affecting the terms of the work relationship should be interpreted broadly, however it is required that these decisions  meet a threshold of “significance”. Thus, routine, day‑to‑day decisions that do not materially alter the rights or obligations arising from the work relationship would fall outside scope. It is not necessary for the AI system to take the decision itself; it is sufficient that a human decision-maker significantly relies on the system’s output. 
  • Regarding the use case of work allocation, it must be distinguished between individual behaviour or personal traits (e.g., punctuality or responsiveness) and allocation based on neutral, objective and external factors. Task allocation solely on the basis of neutral, objective factors such as availability/unavailability, geographical proximity, or possession of a required professional accreditation are outside of the scope of this use case.
  • Systems deployed solely to meet external legal or regulatory obligations (e.g., transaction logging), or used exclusively for safety/security purposes, are out of scope (provided they are not also used for employment monitoring/evaluation purposes). 
  • Systems that support workers in performing tasks without pressuring increased productivity should not be treated as high-risk where outputs are provided only to the worker and not shared with the employer or others in the organisation.

Creditworthiness and credit scoring systems

AI systems used to establish creditworthiness or the establishment of a credit score in the context of essential public and private services may come within scope of the high-risk rules. The guidelines establish that:

  • A credit score does not always need to be a numeric value, but could also take the form of a ranking or label. 
  • The ultimate use of the score (e.g. calculation of interest rates) is not relevant but a single system which combines both the production of the credit score, and the use of that score for pricing, would fall within scope.
  • The Commission defines “essential” services as those that have a “significant impact on their life, health, livelihood and participation in society”.
  • AI systems which are intended to establish the credit score of a sole trader, which is not a legal entity will not come within scope as long as the system is not intended to evaluate a ‘natural person’ when it uses only business or company data.

As expected, the guidelines state that tailoring information to customers, making personalised marketing offers, pricing simulations or complaints handling following a loan or insurance decision would not fall within scope of creditworthiness and credit scoring.

Key takeaways and next steps

With only 18 months until the high-risk requirements under Annex III are due to take effect, it is important that organisations take steps now to:

  • Evaluate the potential for AI systems that they develop or deploy being classified as high-risk under the AI Act, taking account the practical examples set out in the guidelines.
  • Document the rationale for why AI systems should be considered in or out of scope, taking into account the relevant exemptions.
  • Identify whether there are particular areas within the guidelines that could be problematic or require further clarification and contribute to the ongoing public consultation.

 

 

Authored by Dan Whitehead, Robert Fett, and Valentin Reiter.

Related topics

Related countries

Related keywords

Load more

Articles you may be interested in

image_1
Insights and Analysis

Initial reflections on Law 132/25: Italy's approach to AI

15 October 2025
image_1
News

Mexico has been placed on the U.S. Priority Watch List for Intellectual Property issues in 2025

19 May 2025
image_1
News

The EU AI Act: an impact analysis (part 1)

01 February 2024
left_arrow
right_arrow

View more insights and analysis

arrow
arrow

Register now to receive personalized content and more!

 

Register
close
See benefits
Register