EU AI Act Article 6: A Practitioner's Guide

Article 6 of Regulation (EU) 2024/1689 establishes the dual-pathway mechanism for designating AI systems as high-risk, triggering mandatory compliance obligations under Title III of the regulation. This framework distinguishes between AI systems functioning as safety components within harmonised product legislation (Article 6(1)) and those explicitly enumerated in Annex III (Article 6(2)). Accurate classification under Article 6 determines your entire compliance trajectory, including technical documentation requirements, conformity assessment procedures, and implementation deadlines. This guide dissects both pathways with sector-specific examples and clarifies the self-assessment procedure under Article 6(3) that permits certain Annex III systems to exit high-risk classification.

---

Understanding the Dual Classification Architecture of Article 6

Article 6 functions as the regulatory gatekeeper for the EU AI Act's risk-based approach. Unlike the prohibition framework in Article 5 or the transparency requirements in Article 50, Article 6 creates a binary classification that determines whether a provider must comply with the comprehensive obligations in Chapter 2 (Articles 8-15) or the lighter-touch requirements for general-purpose AI models in Article 53.

The regulation establishes two distinct pathways to high-risk classification:

Pathway One: Safety Components in Harmonised Products (Article 6(1))

An AI system qualifies as high-risk under Article 6(1) when it functions as a safety component of a product subject to EU harmonisation legislation listed in Annex I, and that product undergoes third-party conformity assessment under the applicable harmonisation directive.

Regulatory mechanics: The term "safety component" is defined in Article 3(14) as a component whose failure or malfunction would endanger the health or safety of a person or damage property. This definition creates a functional test: the AI system's role in the product's safety chain determines classification, not the AI system's inherent capabilities.

Concrete example – Automotive SMB: TechBrake Solutions, a mid-sized supplier in Stuttgart, develops an AI-powered predictive maintenance system for commercial vehicle braking systems. The system analyzes sensor data to predict brake pad wear and recommend maintenance intervals. Because this AI system is integrated into the brake control module of heavy-duty vehicles (covered by Directive 2014/30/EU on electromagnetic compatibility and Directive 2014/34/EU on machinery), and because brake failure directly endangers driver and public safety, the system qualifies as a safety component under Article 6(1). TechBrake must comply with Article 6(1) obligations beginning August 2, 2027, including technical documentation per Article 11 and conformity assessment procedures per Article 43.

Compliance deadline: August 2, 2027 (18 months from the regulation's entry into force on February 2, 2026).

Pathway Two: Annex III Enumerated Systems (Article 6(2))

Article 6(2) establishes that AI systems explicitly listed in Annex III are presumptively high-risk unless the provider demonstrates through self-assessment that the system poses no significant risk of harm (Article 6(3)).

Annex III enumerates eight categories of high-risk AI systems:

1. Biometric identification and categorisation (Annex III, Category 1): Real-time remote biometric identification systems and systems that categorise natural persons based on biometric data. This includes facial recognition systems used for law enforcement, iris scanning systems in border control, and emotion recognition systems in workplace monitoring contexts.

2. Critical infrastructure safety components (Annex III, Category 2): AI systems that function as safety components in critical infrastructure management, including power grid optimization, water treatment facility control, and telecommunications network routing. The definition references Article 2(1) of Directive 2008/114/EC on critical infrastructure protection.

3. Education and vocational training (Annex III, Category 3): AI systems determining access to educational institutions, admission decisions, assessment of learners, or evaluation of educational performance. This includes algorithmic systems that rank university applicants, predict student dropout risk, or assign grades in automated assessment platforms.

Concrete example – EdTech SMB: LearnPath GmbH, a Berlin-based educational technology provider, develops an AI system that analyzes student performance data to recommend course pathways and predict which students require additional support. The system influences which advanced courses students are permitted to enroll in and generates assessment recommendations for teachers. Because the system affects educational access and assessment decisions, it falls under Annex III, Category 3, triggering high-risk classification under Article 6(2).

4. Employment and worker management (Annex III, Category 4): AI systems that evaluate candidates in recruitment, monitor worker performance, allocate work tasks, or make decisions affecting employment relationships. This includes resume-screening algorithms, workforce scheduling systems that determine shift allocation, and performance monitoring systems that influence promotion decisions.

5. Essential public and private services (Annex III, Category 5): AI systems determining access to essential services including housing, healthcare, financial services, and utilities. This encompasses credit scoring systems, insurance underwriting algorithms, and healthcare triage systems.

6. Law enforcement applications (Annex III, Category 6): AI systems used for risk assessment of natural persons, polygraph and similar credibility assessment tools, evaluation of reliability of evidence, and profiling for law enforcement purposes. Article 6(2) explicitly references Regulation (EU) 2016/679 (GDPR) compliance requirements for these systems.

7. Migration, asylum, and border control (Annex III, Category 7): AI systems supporting decisions on asylum applications, visa determinations, and border crossing evaluations. These systems directly affect fundamental rights to freedom of movement and protection from persecution.

8. Administration of justice and democratic processes (Annex III, Category 8): AI systems assisting in judicial decision-making, case outcome prediction, or supporting electoral processes. This includes systems that predict sentencing outcomes or analyze voting patterns.

Compliance deadline: August 2, 2026 (six months from entry into force).

---

The Self-Assessment Procedure: Article 6(3) Risk Exemption

Article 6(3) introduces a critical mechanism allowing providers to remove Annex III systems from high-risk classification through documented self-assessment. This provision recognizes that not all systems within Annex III categories pose significant harm risks.

Regulatory framework: A provider may conclude that an Annex III system does not pose a significant risk of harm to health, safety, or fundamental rights, thereby exempting it from high-risk obligations. However, this determination must be:

• Documented: The provider must prepare a written self-assessment explaining why the system poses no significant risk
• Justified: The assessment must reference specific characteristics of the system, its deployment context, and risk mitigation measures
• Retained: Documentation must be maintained for competent authorities and notified bodies
• Transparent: Providers must disclose the self-assessment rationale to users and affected parties

Practical implementation: The self-assessment does not eliminate regulatory oversight. Competent authorities retain authority under Article 84 to challenge the provider's determination and require reclassification if evidence demonstrates significant risk. The burden of proof rests with the provider to substantiate the "no significant risk" claim.

Concrete example – HR Software SMB: PeopleFlow Solutions, a Vienna-based HR software provider, develops an AI system that analyzes job descriptions and candidate resumes to identify potential skill mismatches and flag candidates whose qualifications deviate significantly from the job specification. The system provides recommendations to human recruiters but does not make autonomous hiring decisions; recruiters retain full discretion to accept or reject recommendations.

Under Article 6(3), PeopleFlow could argue that the system poses no significant risk of harm because:

• The system operates in a purely advisory capacity with human decision-making retained
• The system does not determine employment outcomes but merely highlights information gaps
• Candidates receive notification that algorithmic analysis was performed (Article 50 transparency)
• The company implements bias monitoring per Article 29(2) to detect discriminatory patterns

However, this self-assessment would require documented evidence of these safeguards and would remain subject to competent authority review.

---

Distinguishing Article 6(1) from Article 6(2): Practical Implications

The classification pathway determines which compliance obligations apply:

---

Practical Implementation: Classification Decision Framework

Providers should implement a structured classification process:

Step 1: Determine product context

• Does the AI system integrate into a physical product?
• Is that product covered by EU harmonisation legislation (Annex I)?
• Does the product undergo third-party conformity assessment?
• If yes to all three: Article 6(1) applies.

Step 2: Cross-reference Annex III categories

• Does the system's function match any of the eight Annex III categories?
• Is the system's role in decision-making or risk assessment within that category?
• If yes: Article 6(2) presumptively applies.

Step 3: Evaluate Article 6(3) exemption (Annex III systems only)

• Does the system pose significant risk of harm to health, safety, or fundamental rights?
• Can you document specific safeguards that eliminate or substantially mitigate risk?
• Is human oversight retained over consequential decisions?
• If you can substantiate "no significant risk": prepare self-assessment documentation.

Step 4: Document classification rationale

• Create a classification memorandum citing specific regulation articles and Annex provisions
• Retain evidence supporting the classification decision
• Update documentation if system functionality or deployment context changes

Step 5: Establish compliance timeline

• Article 6(1) systems: implement by August 2, 2027
• Article 6(2) systems without exemption: implement by August 2, 2026
• Article 6(3) exempted systems: maintain self-assessment documentation and monitor for regulatory challenges

---

Common Classification Errors and Corrections

Error 1: Confusing "safety component" with "safety-critical" Not all systems in safety-critical products are safety components under Article 6(1). A system must be a component whose failure would endanger health or safety. An AI system that optimizes energy consumption in a medical device but does not affect diagnostic or therapeutic functions would not be a safety component.

Error 2: Assuming all employment AI is high-risk Article 6(2) Category 4 covers systems that "evaluate candidates in recruitment" or "monitor worker performance." A system that merely aggregates publicly available job market data for salary benchmarking would not trigger Article 6(2) because it does not evaluate candidates or monitor workers.

Error 3: Misinterpreting "essential services" Article 6(2) Category 5 applies to systems determining access to essential services. A system that optimizes service delivery efficiency (e.g., hospital scheduling) without affecting access decisions would not qualify as high-risk under this category.

---

Interaction with Other Regulatory Frameworks

Article 6 classification operates within a broader regulatory ecosystem:

GDPR intersection: Article 6(2) Category 6 (law enforcement) explicitly references GDPR compliance. Biometric processing under Article 6(2) Category 1 triggers GDPR Article 9 restrictions on special category data processing.

Product safety directives: Article 6(1) creates a bridge between the AI Act and existing harmonisation directives (Machinery Directive 2006/42/EC, Medical Devices Regulation 2017/745/EU, etc.). Providers must ensure consistency between AI Act compliance and product-specific safety requirements.

Sector-specific regulations: Financial services providers subject to MiFID II or insurance providers under Solvency II may find their AI systems classified as high-risk under Article 6(2) Category 5, requiring alignment with existing prudential requirements.

---

Key Takeaways

1. Article 6 is the classification gateway: Correct classification determines your entire compliance obligation set and implementation timeline.

2. Two pathways exist: Article 6(1) for safety components in harmonised products; Article 6(2) for Annex III enumerated systems.

3. Self-assessment provides limited relief: Article 6(3) allows exemption from high-risk status only for Annex III systems where providers can document absence of significant harm risk.

4. Documentation is mandatory: Regardless of classification pathway, providers must maintain written justification for their classification decision.

5. Deadlines differ by pathway: Article 6(1) systems must comply by August 2, 2027; Article 6(2) systems by August 2, 2026.

6. Competent authorities retain oversight: Self-assessments and classification decisions remain subject to regulatory challenge and verification.

Related guides

• EU AI Act fundamentals