EU AI Act Annex III: The Complete List of High-Risk AI and What It Means for Your Organisation

The eight Annex III categories in full

Category 1 — Biometric identification and categorisation: AI used for real-time remote biometric identification in publicly accessible spaces (subject to specific law enforcement exceptions and member state authorisations), post-remote biometric identification systems used by law enforcement, and AI used to categorise individuals based on biometric data according to sensitive attributes (race, political opinions, religion, sexual orientation). Note: emotion recognition AI and biometric categorisation for narrow private purposes (unlocking your own phone) are not in this category.

Category 2 — Critical infrastructure: AI used as a safety component in the management or operation of critical digital infrastructure (electricity grids, water systems, transport networks), road traffic management, and the supply of water, gas, heating, or electricity. The key is that the AI must be safety-critical — AI used for optimisation or efficiency is not automatically in this category.

Category 3 — Education and vocational training: AI used to determine access to or assignment to educational and vocational training institutions, to assess learning outcomes in ways that affect students' educational pathways, to evaluate competence of students in ways that affect their future, and to monitor students during assessments. AI used to support teaching or assist students with learning is generally not high-risk under this category.

Category 4 — Employment, workers management, and access to self-employment: AI used to make employment decisions including recruitment and selection (shortlisting), decisions about promotion, termination of employment relationships, allocation of tasks, monitoring and evaluation of performance, decisions about access to self-employment opportunities. This is the category that affects the largest number of enterprise AI deployments — virtually any AI used in HR that affects employment decisions is high-risk.

Category 5 — Access to essential private services and essential public services and benefits: AI used to assess creditworthiness and credit scoring (with limited exceptions), AI used in life and health insurance risk assessment and pricing, AI used to assess eligibility for welfare benefits and social services, AI used in emergency services dispatch, and AI used in access to education. This category captures most financial services AI that affects customer outcomes.

Category 6 — Law enforcement: AI used as polygraphs and similar tools, AI used to assess reliability of evidence, AI used to predict the likelihood of an individual committing a criminal offence, AI used for profiling in investigations. Significant restrictions apply to law enforcement AI and many applications are prohibited rather than merely high-risk.

Category 7 — Migration, asylum, and border control management: AI used to assess risks related to individuals applying for visas or asylum, AI used in border control, and AI used to detect document authenticity.

Category 8 — Administration of justice and democratic processes: AI used to assist judicial authorities in researching and interpreting facts and the law, AI used in dispute resolution, and AI used to influence elections and voting behaviour.

Is your AI high-risk? The assessment framework

Step 1: Identify the use case specifically. High-risk classification is use-case specific, not technology specific. A large language model is not inherently high-risk — but the same model used to screen job applicants is high-risk under Category 4. Step 2: Map the use case against Annex III categories. Read each category carefully and consider whether your specific use case falls within it. The categories have definitional text in the AI Act that must be read alongside Annex III. Step 3: Consider whether any exclusions apply. The AI Act excludes AI used solely for narrow procedural purposes, AI used to detect fraud, and AI that is intended to be a preparatory element for a human decision (with genuine human review) in some contexts. Step 4: Document your assessment. Whether your conclusion is that the AI is or is not high-risk, document the assessment with reasoning. This documentation is necessary for due diligence, for regulatory inquiry, and for internal accountability.