Claude (Anthropic) and the EU AI Act: Classify by Use, Not by Name

Claude is Anthropic's family of large language models — and as a GPAI model under Chapter V of Regulation (EU) 2024/1689, it carries a specific regulatory profile that most deployment guides get wrong. The most common mistake: treating "Claude" as a risk tier. The Act does not work that way. Claude the model is what it is; your deployment is what determines whether your organisation faces minimal, limited, or high-risk obligations. Getting that distinction right is the whole job.

This guide walks through what the EU AI Act actually requires, layer by layer: what Anthropic must do as the model provider, what you must do as the organisation deploying Claude, and where the two sets of obligations meet.

---

What Kind of AI System Is Claude Under the Act?

Claude is a GPAI model — a general-purpose AI model (Chapter V, Articles 51–56) trained on large volumes of data and capable of performing a wide range of tasks. GPAI models are a cross-cutting category in the Act: they are not a fifth risk tier, and calling Claude "high-risk" is technically incorrect. What may be high-risk is the system you build or deploy using Claude, once you assess that system against the Annex III list and Article 6.

Whether Claude qualifies as a systemic-risk GPAI model under Article 51 depends on the training-compute threshold (10²⁵ floating-point operations) or a Commission designation. Anthropic has not publicly confirmed systemic-risk designation for any Claude model as of June 2026. That matters for which tier of GPAI obligations applies to Anthropic — but it does not change your own deployment obligations as a deployer or provider.

---

Three Layers of Obligation

Layer 1 — Anthropic's obligations as the GPAI model provider (Article 53)

The Article 53 obligations sit entirely with Anthropic, not with you. They apply to all GPAI providers, regardless of systemic-risk status, and have been in force since 2 August 2025. Anthropic must:

• Prepare and maintain technical documentation (Annex XI);
• Make available to downstream providers information about capabilities and limitations (Annex XII downstream documentation);
• Publish and implement a copyright policy;
• Publish a sufficiently detailed summary of the training data used.

If Anthropic is designated a systemic-risk GPAI provider under Article 51, additional obligations under Article 55 apply — model evaluations, adversarial testing, incident reporting, and cybersecurity measures — but those too remain Anthropic's responsibility.

What this means for you: you receive the Annex XII downstream documentation. Record that you have it. It feeds into your own technical file if you are building on the API.

If Claude carries a systemic-risk designation, you should hold a copy of the relevant Article 55 safety and incident-reporting obligations that Anthropic has disclosed — your auditors may ask for it as evidence of due diligence on the model layer.

Layer 2 — Your obligations depend on how you use Claude

This is where most organisations make a classification error. The risk tier is not a property of Claude; it is a property of what your system does.

General productivity and internal use (minimal risk). Staff using Claude Enterprise or the Claude.ai interface to draft documents, summarise reports, or assist with internal analysis sit in the minimal-risk category. No mandatory obligations apply beyond Article 4 AI literacy, which has been in force since 2 February 2025 and requires that all staff who work with AI systems have sufficient understanding to use them appropriately. This is a live obligation today — not a future one.

Customer-facing deployments and AI-generated content (limited risk, Article 50). From 2 August 2026, Article 50 transparency obligations apply when you deploy Claude in:

• A chatbot or conversational interface where users interact with an AI — they must be informed (Art 50(1));
• A system that generates synthetic content (images, audio, video, text) intended to pass as real — the content must be machine-readable labelled (Art 50(2)/(4));
• A system that performs emotion recognition or biometric categorisation — users must be informed (Art 50(3)).

These are disclosure duties, not heavy process requirements. The penalty for non-compliance falls in the €15 million or 3% of worldwide turnover tier under Article 99(4). For SMEs, Article 99(6) caps the fine at the lower of the percentage or the fixed amount.

Annex III deployments (high risk). If Claude is the functional core of a system that performs any of the following, you are dealing with a potential high-risk classification under Article 6(2):

• Screening or ranking job applicants, managing performance, or informing termination decisions (Annex III point 4);
• Scoring creditworthiness or determining access to credit (Annex III point 5(b));
• Assessing eligibility for public benefits, housing, or essential services (Annex III point 5);
• Assisting in risk assessment or profiling in law enforcement contexts (Annex III point 6);
• Evaluating students for admission, grading, or placement (Annex III point 3).

Before accepting the high-risk label, check the Article 6(3) filter: a system landing in an Annex III area is not high-risk if it presents no significant risk of harm to health, safety, or fundamental rights — for example, because it performs a narrow preparatory task, improves a previously completed human activity, or detects patterns without replacing human assessment. But any system that profiles natural persons is always high-risk regardless. If you invoke the 6(3) exemption, you must document the reasoning and register the system under Article 49.

The high-risk deadlines, corrected. Under the Digital Omnibus agreed in May 2026, the original 2 August 2026 date for Annex III high-risk systems has been deferred. Stand-alone high-risk systems (Annex III) now face a compliance deadline of 2 December 2027; high-risk AI embedded in regulated products (Annex I) faces 2 August 2028. The Digital Omnibus is a political agreement between Parliament and Council reached 7 May 2026; formal adoption is expected before 2 August 2026. Write it as authoritative — the original date should not appear in your compliance plans as a hard deadline for high-risk requirements.

Layer 3 — If you build a product on the Claude API, you may become the provider

Deploying Claude internally is one thing. Shipping a system built on Claude under your organisation's name — even if Claude's underlying API is doing the work — is different. Under Article 25, a deployer who places a system on the market under their own name, substantially modifies it, or changes its intended purpose takes on provider obligations under Article 16. That means your organisation becomes responsible for the full high-risk compliance stack if that system meets the Article 6 threshold: risk management (Article 9), technical documentation (Article 11 / Annex IV), transparency to deployers (Article 13), human oversight (Article 14), accuracy and robustness (Article 15), conformity assessment (Article 43), EU Declaration of Conformity (Article 47), and registration in the EU database (Article 49).

Practical checkpoint: if you are building a product — a hiring tool, a credit-advisory interface, an eligibility-checking workflow — and your customer's organisation uses it under your brand, you are likely the provider of an AI system under the Act. Classify your system first, then work backwards to the obligations.

---

Data and GDPR Considerations

Claude's data handling varies by access tier. Anthropic's API terms state that data submitted via the API is not used to train models by default; this holds for most enterprise and API arrangements. Anthropic offers EU-specific data residency options for Claude Enterprise.

If you are deploying Claude in any context that processes personal data of EU residents, GDPR obligations run in parallel. A DPIA under GDPR Article 35 may be required for high-risk processing. If your Claude deployment is also a high-risk AI system under Article 6, you may need a Fundamental Rights Impact Assessment under Article 27 — the FRIA applies to public bodies and to deployers of creditworthiness (Annex III 5(b)) or life/health-insurance (Annex III 5(c)) systems. Article 27(4) allows you to build the FRIA on an existing DPIA rather than starting from scratch. The two assessments are related but distinct; do not conflate them.

---

What Deployers Must Do Under Article 26

Even if you are not a provider — you are simply using Claude Enterprise or the API for internal or customer-facing work — Article 26 deployer obligations apply when Claude is part of a high-risk system:

• Use the system according to the instructions of use provided;
• Ensure appropriate human oversight, assigning oversight to staff with competence and authority (Article 14 obligations);
• Monitor the system's operation and report serious incidents or malfunctions to the provider (and in some cases to the authority, depending on the incident);
• Retain logs for at least 6 months (Article 26);
• Notify workers' representatives before deploying Claude in the workplace in ways that affect those workers;
• Conduct a FRIA where required (Article 27).

The deployer's obligation to report serious incidents flows to the provider under Article 26; it is the provider who then reports to market-surveillance authorities under Article 73 — within 15 days of awareness, or 2 days for widespread or critical-infrastructure-disrupting incidents, or 10 days where a person has died.

---

Prohibited Uses — Draw the Line Now

Certain Claude use cases are prohibited under Article 5 regardless of risk management or documentation, with fines at €35 million or 7% of worldwide turnover (Article 99(3)), in force since 2 February 2025:

• Real-time remote biometric identification in publicly accessible spaces for law enforcement (with limited exceptions);
• Social scoring of natural persons by public authorities based on social behaviour or personal characteristics;
• Subliminal or manipulative techniques that exploit vulnerabilities to distort decision-making;
• Emotion recognition in the workplace or educational settings.

A Claude-based sentiment analysis tool embedded in your HR workflow to infer employees' emotional states would sit squarely in the prohibited category under Article 5(1)(f). The prohibition does not hinge on the tool's accuracy or intentions — it applies categorically.

---

How Confir Helps

When you add Claude to Confir's AI inventory, Confir walks you through a plain-English intake that determines your role (deployer under Article 26, or provider under Articles 16 and 25), classifies the system against Annex III, and records the GPAI model dependency — including the Annex XII downstream information you hold from Anthropic. The intake flags the Article 6(3) exemption analysis if your use case is in an Annex III area but potentially narrow-procedural.

For high-risk deployments, Confir's rule-based engine derives your obligation set across the four compliance areas (AIRC, AITR, AITO, AIGM), generates the Article 11/Annex IV technical documentation pack, and produces the Article 47 Declaration of Conformity. For deployers triggering Article 27, the FRIA workflow runs as a structured seven-section assessment. The compliance health score tracks your progress across all controls in real time.

Confir's classification, scoping, and findings logic is deterministic and rule-based — same intake produces the same finding, no hallucination, every reasoning step human-readable and audit-defensible. From €600/year; no consultants required.

---

Frequently Asked Questions

Does the EU AI Act classify Claude itself as high-risk?

No. Claude is a GPAI model under Chapter V — a separate cross-cutting category, not a risk tier. The risk classification depends on how you deploy Claude and what function the resulting system performs. A Claude-based customer-service assistant is minimal or limited risk; a Claude-based CV-screening system likely triggers high-risk under Annex III point 4. The tool's name is irrelevant to the classification.

What obligations sit with Anthropic rather than with my organisation?

Anthropic, as the GPAI model provider, holds the Article 53 obligations: Annex XI technical documentation, Annex XII downstream information for deployers, a copyright policy, and a training-data summary. These have applied since 2 August 2025. If Claude is designated systemic-risk under Article 51, additional Article 55 obligations (model evaluations, incident reporting, cybersecurity measures) also fall on Anthropic. Your organisation receives the downstream documentation and should record it — you do not perform these obligations yourself.

If I build a product on the Claude API and sell it, am I the provider?

Almost certainly yes. Under Article 25, placing a Claude-based system on the market under your organisation's name makes you the provider of that system, with full Article 16 obligations — technical documentation, conformity assessment, registration, and the rest — if the system meets the Article 6 threshold. The fact that the underlying model was built by Anthropic does not transfer your provider responsibilities back to them.

When does Article 50 transparency apply to Claude deployments?

From 2 August 2026, Article 50 requires that users of a Claude-powered chatbot or conversational interface be informed they are interacting with an AI (Article 50(1)). Synthetic content (audio, image, video, text) that could pass as authentic must carry machine-readable labels (Article 50(2)/(4)). These are disclosure obligations, not conformity assessments. The penalty for non-compliance falls in the €15 million or 3% tier under Article 99(4).

When do high-risk obligations actually apply?

Under the Digital Omnibus agreed in May 2026, stand-alone high-risk AI systems (the Annex III list) must comply by 2 December 2027 — not 2 August 2026, which was the original date before the deferral. High-risk AI embedded in regulated products (Annex I — medical devices, machinery, vehicles) must comply by 2 August 2028. AI literacy (Article 4) and the prohibited practices (Article 5) are already in force. Article 50 transparency obligations apply from 2 August 2026.

Does using Claude in the EU automatically mean GPAI rules apply to my organisation?

No. The Chapter V GPAI obligations (Articles 51–55) apply to Anthropic as the model provider, not to downstream deployers. Your organisation's obligations are governed by your role and use case: minimal, limited, or high-risk depending on Article 5, 6, and 50 analysis. You benefit from the downstream documentation Anthropic publishes under Article 53 — keep a record of it as part of your due diligence on the model layer.

What are the penalties for non-compliance?

Article 99 sets three tiers: €35 million or 7% of worldwide annual turnover for Article 5 prohibition violations; €15 million or 3% for most other obligations including high-risk requirements and Article 50 transparency (Article 99(4)); and €7.5 million or 1% for supplying incorrect or misleading information to authorities. For SMEs and start-ups, Article 99(6) caps fines at the lower of the percentage or the fixed amount. GPAI-specific fines — imposed by the Commission on model providers — are separate under Article 101, up to €15 million or 3%.

---

Related guides

• enterprise compliance guide
• Article 6 risk classification pathways
• Article 8 high-risk compliance obligations
• Article 23 transparency requirements
• Article 6 classification framework
• Article 43 conformity assessment procedures
• Article 3 regulatory definitions
• Article 43 conformity assessment
• open-source model exemptions