On 19 May 2026, the European Commission published its long-awaited draft, non-binding guidelines on the classification of high-risk Artificial Intelligence systems under the EU Artificial Intelligence Act. Across three documents covering general principles, high-risk classification for regulated products, and high-risk use cases, the Commission explains when an Artificial Intelligence system falls within the high-risk regime and when it may sit outside it. The guidance clarifies that complex systems made up of several Artificial Intelligence components, including agentic systems, must be assessed holistically where their combined outputs materially influence a decision in a high-risk use case.
For regulated products, Article 6(1) applies regardless of whether the Artificial Intelligence system is embedded in a product or provided separately, including through software updates, add-ons, or remote services. Artificial Intelligence systems may also qualify as standalone regulated products under EU harmonized legislation in some cases. The Artificial Intelligence Act definition of “safety component” in Article 3(14) controls the assessment, and safety functions are interpreted broadly, while risks must relate to real physical harm to persons or property. As provided in recital 55 of the Artificial Intelligence Act, safety components intended to be used solely for cybersecurity purposes are excluded from the notion of a “safety component,” but only when used in critical infrastructure.
The Annex III guidance focuses heavily on intended purpose and the Article 6(3) filter. Providers must describe envisaged uses clearly and consistently across instructions, technical documentation, and marketing or sales materials. The Article 6(3) filter is treated as a narrow exception, and the guidance provides detail on the four exhaustive but alternative scenarios in which the filter may apply. To rely on the Article 6(3) filter, providers must carry out and document an assessment before placing the system on the market or putting it into service, as well as register the Artificial Intelligence system in the EU database established pursuant to Article 71.
Biometric systems receive detailed treatment, with remote biometric identification distinguished from active verification or authentication, biometric categorization limited to sensitive or protected inferences, and emotion recognition treated broadly. Employment-related systems are also interpreted expansively, including recruitment, monitoring, evaluation, platform account suspensions, compensation tools, and task allocation based on behavior or personal traits. Point 5(b) of Annex III is interpreted narrowly for financial fraud detection, with the exception available only where fraud detection is the main intended use.
The Guidelines remain in draft form and are open for public consultation until 23 June 2026. They were published against the backdrop of recently proposed changes to the Artificial Intelligence Act, which postpone the application of the Artificial Intelligence Act’s provisions on high-risk Artificial Intelligence systems until next year (2 December 2027) and the year after (2 August 2028), depending on the high-risk Artificial Intelligence system in question.
