The EU AI Act's Four Risk Categories, Explained

The EU AI Act (Regulation (EU) 2024/1689) does not regulate "AI" as one undifferentiated thing. It sorts every system into one of four risk tiers and attaches obligations proportionate to the tier. Get the tier right and the rest of your compliance work has a shape. Get it wrong and you either over-build controls a minimal-risk tool never needed, or you ship a high-risk system with none of the documentation a regulator will expect.

So the first question for any AI system headed for the EU market is simply: which tier is this? Here is what each one means and, more usefully, which part of the Regulation decides it.

Tier 1: Unacceptable Risk (Prohibited)

These are the practices the Act bans outright. Article 5 lists them, and there is no compliance path that makes them legal — you cannot document your way into shipping one. The list covers eight practices:

• Subliminal or manipulative techniques that materially distort behaviour
• Exploiting vulnerabilities of a specific group (age, disability, economic situation)
• Social scoring by public or private actors leading to unjustified detrimental treatment
• Predictive policing based solely on profiling a person
• Untargeted scraping of facial images to build recognition databases
• Emotion recognition in the workplace or in education
• Biometric categorisation that infers sensitive attributes like race or sexual orientation
• Real-time remote biometric identification in public spaces by law enforcement, outside narrow exceptions

The penalty here is the Act's most severe: up to 35 million euros or 7% of worldwide turnover. If a system touches one of these practices, the assessment ends. There is nothing to remediate.

A practical note: the prohibitions are written around use, not technology. An emotion-recognition model is not automatically banned — deploying it to monitor employees is. The same model used for, say, accessibility research in a consented setting sits elsewhere. Context decides.

Tier 2: High Risk

This is the tier that generates almost all of the Act's documentation work, and it is the one most teams underestimate. A system is high-risk by one of two routes:

• Article 6(1) + Annex I: it is a safety component of a product already covered by EU product-safety law (medical devices, machinery, toys, and so on).
• Article 6(2) + Annex III: it falls into one of eight listed use-case categories — biometrics, critical infrastructure, education and vocational training, employment and worker management, access to essential public and private services (including credit scoring), law enforcement, migration and border control, and administration of justice.

If you build a CV-screening model, a credit-scoring model, or a tool that decides who gets into a training programme, you are almost certainly in Annex III.

There is a relief valve. Article 6(3) says an Annex III system is not high-risk if it only performs a narrow procedural task, improves the result of a completed human activity, detects decision-making patterns without replacing human judgment, or does preparatory work. But there is a hard limit on that relief: if the system profiles natural persons, it stays high-risk regardless. The carve-out is narrower than it first looks, and leaning on it is exactly the kind of call worth confirming with counsel.

High-risk systems pull in the full provider obligation set — risk management (Article 9), data governance (Article 10), technical documentation per Annex IV (Article 11), logging (Article 12), transparency and instructions for use (Article 13), human oversight (Article 14), and accuracy, robustness, and cybersecurity (Article 15) — plus a conformity assessment under Article 43 before the system goes to market.

Tier 3: Limited Risk (Transparency)

Limited-risk systems are not dangerous enough to warrant the high-risk machinery, but they can mislead people if their AI nature is hidden. So the Act asks for honesty rather than heavy controls. Article 50 sets four disclosure duties:

• Tell people when they are interacting with an AI system, such as a chatbot, unless it is obvious.
• Mark AI-generated or manipulated audio, image, video, and text as artificially produced.
• Disclose when emotion-recognition or biometric-categorisation systems are in use (outside the Article 5 prohibitions).
• Label deepfakes as AI-generated.

Most consumer-facing generative products live here. The obligation is real but light: it is a labelling and disclosure exercise, not a documentation programme. The common mistake is assuming "we use AI in the UI" automatically means high-risk. It usually does not — it means Article 50.

Tier 4: Minimal Risk

Everything not captured above. Spam filters, inventory forecasters, recommendation engines for low-stakes content, AI in video games. The Act imposes no specific obligations on these systems. Article 95 encourages voluntary codes of conduct, and that is the extent of it.

Most of the AI inside a typical software product sits here. That is by design: the Act is meant to concentrate effort where the risk to people's rights and safety is genuine, not to tax every use of machine learning.

Why the Tier Drives Everything Else

Two systems with identical architecture can land in completely different tiers because their purpose differs. A model that ranks documents is minimal-risk when it sorts your inbox and high-risk when it ranks job applicants. The Act classifies by intended purpose and context of use, not by the model card.

This is why the classification step is not a formality. It determines whether you owe an Annex IV technical file and a conformity assessment, or just a one-line disclosure, or nothing at all. It also determines your deadlines, since the high-risk and transparency obligations phase in on different dates than the prohibitions.

If you want to see how the tiers translate into a concrete to-do list for a specific system — with the Article references and the deadline for each obligation — that is exactly what a structured readiness assessment produces. Our guide to assessing EU AI Act readiness with AI walks through how to do that in a few minutes, and the compliance timeline shows when each tier's obligations actually bite.

A Quick Self-Check

Before you assume a system is low-stakes, ask:

• Does it touch any Article 5 practice? If yes, stop — it cannot ship.
• Is its purpose listed in Annex III, or is it a safety component under Annex I? If yes, treat it as high-risk until a carve-out is confirmed.
• Does it generate content, or interact with people as if it were human? If yes, Article 50 transparency applies.
• None of the above? It is most likely minimal-risk.

Run that sequence honestly and you will know which tier — and which body of obligations — you are actually dealing with. The EU AI Act Readiness tool does the same screen against the full text of the Regulation and hands you back the classification with its rationale.