High-risk AI system
A high-risk AI system under the EU AI Act is one listed in Annex III (such as AI used in recruitment, credit, education, or biometrics) or used as a safety component of a regulated product. High-risk systems must meet Articles 9-15: risk management, data governance, technical documentation, record-keeping, transparency, human oversight, and accuracy/robustness.
Common high-risk examples for SMBs
- AI that screens or ranks job applicants (recruitment).
- AI used to evaluate creditworthiness or set insurance pricing.
- AI used in access to education or vocational training.
- Biometric identification or categorisation systems.
Core obligations
Providers of high-risk systems must establish a risk-management system (Article 9), govern training data (Article 10), maintain technical documentation (Article 11 / Annex IV), keep logs (Article 12), ensure transparency (Article 13), enable human oversight (Article 14), and meet accuracy and robustness requirements (Article 15) - then draw up an EU declaration of conformity (Article 47).
Last reviewed June 2026 by the ComplyAgent team.
See also our EU AI Act compliance guide, ISO/IEC 42001 and NIST AI RMF, or browse the full glossary.