When the EU AI Act was published in the Official Journal of the European Union on 12 July 2024, it brought with it one of the most consequential questions a company can face: Is our AI system high-risk? The answer determines everything — your legal obligations, your timelines, and your potential penalties.
Understanding what qualifies as a high-risk AI system under the EU AI Act is not just a legal exercise. It is a business-critical decision. Get it wrong — either by missing that your system is high-risk, or by over-complying unnecessarily — and you face real costs. The Act's risk-based approach places the heaviest compliance burden on systems that can meaningfully harm people's safety or fundamental rights.
Key deadline: Obligations for high-risk AI systems in Annex III apply from 2 August 2026. Prohibited AI practices came into force on 2 February 2025. Spanish businesses must begin compliance planning now.
This guide covers exactly what the law says, what it means in practice, and — critically — what companies operating in Spain and the EU should be doing about it. We will walk through Article 6, Annex III, the key obligations, the penalties, and give you a practical checklist you can use today.
What Is a High-Risk AI System Under the EU AI Act?
The EU AI Act uses a tiered, risk-based model to regulate AI. At the top of that model — below only prohibited AI practices — sit high-risk AI systems. These are AI applications that pose a significant risk to health, safety, or the fundamental rights of people.
The formal definition and classification rules are set out in Article 6 of the EU AI Act. According to the legislation, an AI system is high-risk if it falls into one of two categories:
- It is a safety component of a product covered by EU harmonisation legislation listed in Annex I (such as medical devices, aviation, or automotive AI), AND that product requires a third-party conformity assessment.
- It is listed in Annex III — a standalone list of eight high-risk use cases defined directly in the Act itself.
If your AI system fits either of those categories, it is high-risk. This triggers a set of mandatory obligations that must be met before you can deploy or place the system on the EU market.
"High-risk AI systems shall comply with the requirements laid down in this Chapter." — EU AI Act, Chapter III, Section 2.
The rationale is clear: the higher the potential impact on human life, livelihoods, or rights, the stronger the regulatory safeguards. A chatbot that helps you write emails is not in the same risk league as an AI deciding whether a job applicant gets an interview — or whether a patient receives treatment.
While high-risk systems require strict management, they sit one tier below prohibited AI practices, which are banned entirely within the EU as of February 2025. To ensure your system doesn't fall into the forbidden category before you begin high-risk classification, see our breakdown of 8 real-world examples of prohibited AI practices.
Article 6 Explained: The Two Pathways to High-Risk Classification
Article 6 is the legal gateway to high-risk status. It is worth understanding both pathways clearly, because they operate differently and affect different types of businesses.
Pathway 1 — Safety Component Systems (Annex I Products)
The first pathway applies when an AI system is a safety component of a product already governed by EU product safety law. If that product must undergo a third-party conformity assessment under existing EU rules, and the AI is part of what makes it safe, then the AI is high-risk.
Examples of sectors covered by Annex I include:
- Medical devices — AI-assisted diagnostics, surgical robots, AI-powered imaging analysis
- Aviation — AI navigation systems, autonomous flight control components
- Automotive — AI within vehicles certified under EU type-approval regulation
- Machinery — AI in industrial equipment requiring CE marking
For businesses in these sectors, the EU AI Act integrates with existing product safety rules. You cannot treat them as separate compliance exercises.
Pathway 2 — Annex III Use Cases
The second — and arguably more impactful — pathway is Annex III. This is a list of eight categories of AI applications that the EU has deemed high-risk based on their potential to affect fundamental rights, access to essential services, and public safety.
Unlike Pathway 1, Annex III systems do not need to be part of a regulated product. They are high-risk by virtue of what they do — not what they are embedded in.
Determining if your system falls under Article 6 or Annex III requires a detailed technical audit. For a structured walkthrough of this classification process, you can refer to the EU AI Act Compliance & AI Ethics Certification.
Annex III: The Eight Categories of High-Risk AI
Below is a full breakdown of the eight high-risk AI categories listed in Annex III, with practical examples relevant to businesses in Spain and across the EU.
|
Annex III Category |
Real-World Examples |
Spain Relevance |
|
1. BiometricsFacial recognition, remote identification systems |
Facial recognition in workplaces, emotion detection in call centres |
High — Spanish employers & retailers using biometrics |
|
2. Critical InfrastructureEnergy, water, transport, digital |
AI managing power grids, water distribution, traffic systems |
High — Public utilities & smart city projects |
|
3. Education & Vocational Training |
AI grading student essays, selecting university applicants |
High — EdTech in Spanish universities & schools |
|
4. Employment & Workers Management |
CV screening, performance monitoring, promotion recommendations |
High — HR AI across Spanish businesses of all sizes |
|
5. Essential Private & Public Services |
Credit scoring, insurance risk, benefit eligibility AI |
High — Spanish banks, fintechs, public administrations |
|
6. Law Enforcement |
Predictive policing, crime analytics, evidence evaluation AI |
High — Spanish police & public security agencies |
|
7. Migration, Asylum & Border Control |
Visa decision systems, asylum claim assessment, border screening |
High — Relevant to Spanish borders & public admin |
|
8. Administration of Justice & Democratic Processes |
AI assisting in court decisions, legal research, sentencing tools |
High — Any AI used by Spanish courts or tribunals |
Note: Annex III is not static. The European Commission can update it via delegated acts as AI technology evolves.
What AI Systems Are NOT High-Risk?
One of the most practical — and often overlooked — parts of Article 6 is its exception clause. Article 6(3) provides that even if an AI system is technically within an Annex III category, it will not be classified as high-risk if it poses only limited risk to fundamental rights.
Specifically, a system is not high-risk if it:
- Performs a narrow preparatory task (not the substantive decision itself)
- Improves the result of a previously completed human activity
- Detects patterns or deviations without influencing a consequential decision
Common examples of AI that are typically not high-risk:
|
AI System Type |
Why It Is Usually Not High-Risk |
|
Spam filters |
No meaningful impact on fundamental rights |
|
AI writing assistants |
Narrow task; human remains in full control |
|
Product recommendation engines |
Commercial suggestions, not consequential decisions |
|
Basic analytics dashboards |
Reporting only; no autonomous decision-making |
|
Fraud detection (flagging, not deciding) |
Human review required before action |
|
AI scheduling tools |
Operational convenience, not rights-impacting |
Important: This assessment is context-dependent. An AI that seems innocuous in isolation can become high-risk if integrated into a decision-making pipeline that affects someone's rights, employment, or access to services. If in doubt, seek legal advice before assuming your system is exempt.
Obligations for High-Risk AI Systems
If your AI system is high-risk, you must comply with a comprehensive set of requirements under Articles 9 to 17 of the EU AI Act. These obligations apply to both providers (companies that develop or bring high-risk AI to market) and deployers (businesses that use high-risk AI in their operations).
|
Obligation |
What It Requires |
|
Risk Management System(Article 9) |
A continuous, documented process to identify, assess, and mitigate risks throughout the AI lifecycle. Not a one-time assessment — it must be ongoing. |
|
Data Governance(Article 10) |
Training, validation, and testing data must meet quality standards. You must document data sources, handle biases, and manage personal data lawfully. |
|
Technical Documentation(Article 11) |
Comprehensive documentation of the system's design, development, and capabilities must be prepared before market placement and kept up to date. |
|
Automatic Logging(Article 12) |
High-risk systems must automatically record events during operation. Logs must be kept for at least six months. |
|
Transparency(Article 13) |
Deployers must provide users with clear information about the system's capabilities, limitations, and the level of human oversight involved. |
|
Human Oversight(Article 14) |
Systems must be designed to allow humans to intervene, override, or stop the system. The ability to monitor and correct AI output in real time is mandatory. |
|
Conformity Assessment(Article 43) |
Before deployment, providers must conduct a conformity assessment to demonstrate compliance. For some categories, this requires a notified third-party body. |
|
Post-Market Monitoring(Article 72) |
Once deployed, providers must monitor real-world performance, report serious incidents to national authorities, and take corrective action when needed. |
Deployers also have specific duties — including carrying out a fundamental rights impact assessment (for public bodies and certain private actors), registering the use in the EU database, and ensuring human oversight in their operations.
High-Risk AI System Compliance Checklist
Use this checklist to assess where your organisation stands:
- Classify your AI systems — Determine whether any AI you develop or use falls within Annex I or Annex III categories
- Does the AI influence employment decisions? — CV screening, performance reviews, promotion tools all trigger high-risk status
- Does it affect access to education or essential services? — Credit, benefits, health, or education AI must be assessed
- Does it process biometric data or run real-time identification? — These are among the most strictly regulated categories
- Is it safety-critical within an Annex I product? — Medical devices, aviation, machinery with AI safety components
- Have you built a risk management system? — Must be documented, continuous, and proportional to the risk
- Is your technical documentation complete? — Regulators can request this at any time
- Is automatic logging enabled? — Required for all high-risk systems
- Do you have human oversight in place? — Humans must be able to monitor, intervene, and override
- Is a conformity assessment completed? — Mandatory before market deployment
- Is the system registered in the EU AI database? — Required before placement on the market
While this checklist identifies what is required under Articles 9–17, the EU AI Act Compliance Certification provides the specific templates and data governance workflows needed to execute these steps for Spanish and EU businesses.
Penalties for Non-Compliance with the EU AI Act
The EU AI Act is not a framework of soft guidelines. It comes with substantial financial penalties that are among the largest in any tech regulation globally — comparable in structure to GDPR fines.
|
Maximum Fine |
Turnover Cap |
Applies To |
|
€35,000,000 |
7% global annual turnover |
Placing a prohibited AI system on the market |
|
€15,000,000 |
3% global annual turnover |
Non-compliance with high-risk system obligations |
|
€7,500,000 |
1.5% global annual turnover |
Supplying incorrect information to authorities |
These figures come directly from Article 99 of the EU AI Act. The higher figure applies in each case. For SMEs, proportionality is considered — but penalties are still substantial.
Enforcement will be handled at the national level. In Spain, this falls primarily to the Agencia Española de Supervisión de la Inteligencia Artificial (AESIA), working alongside the Agencia Española de Protección de Datos (AEPD) for cases involving personal data.
What Spanish Businesses Need to Do Now
Spain is in a particularly active regulatory position when it comes to AI. It was among the first EU member states to establish a dedicated AI supervisory agency — AESIA — and to begin transposing the EU AI Act into the national framework. The government has signalled that enforcement will be taken seriously from day one.
Here is what different sectors in Spain should be focusing on:
- Spanish HR departments: Any AI used to screen CVs, rank candidates, or assess employee performance is high-risk. This is one of the most common areas where businesses are unknowingly non-compliant.
- Healthcare providers and hospitals: Medical AI — whether diagnostic, administrative, or patient-facing — must be assessed under both the EU AI Act and the EU Medical Device Regulation (MDR).
- Fintech companies and banks: Credit scoring, fraud detection that makes decisions, and insurance risk AI are all within Annex III scope. Coordination with AEPD on data governance is essential.
- Public sector AI: Spanish local and national government bodies using AI for benefit allocation, public service access, or administrative decisions face some of the strictest requirements — including mandatory fundamental rights impact assessments.
- EdTech: AI used in Spanish universities or training programmes to grade students or select learners falls within Annex III. These systems need human oversight mechanisms before deployment.
AESIA will have powers to request technical documentation, conduct audits, and impose corrective measures. Spanish businesses that have not yet begun a compliance audit of their AI systems should treat this as urgent — not optional.
Conclusion
The EU AI Act's risk-based framework is, at its core, a proportionality tool. The more an AI system can affect people's lives — their jobs, health, freedom, or rights — the stricter the rules. High-risk classification under Article 6 is not a punishment; it is a signal that the stakes are high enough to demand robust safeguards.
For businesses in Spain, the urgency is real. AESIA is already operational. Enforcement timelines are set. The cost of non-compliance — financial and reputational — is substantial. But the compliance path is navigable with the right guidance.
The first step is always classification: do your AI systems fall within Annex III or Annex I scope? Once you know that, the obligations, timelines, and actions become clear.
