The 90-day EU AI Act high-risk action plan: one quarter, four phases

High-risk readiness under Regulation (EU) 2024/1689 fits into one booked quarter, structured as four phases around Article 6. Build an AI system register (weeks 1–2). Classify every system and fix your role (weeks 3–4). Gap-analyse against your obligation stack (weeks 5–8). Remediate with evidence discipline (weeks 9–12). Each phase ends in an artefact you could put in front of an authority, not in a meeting.

This plan assumes a Q3 2026 start, and one freshness caveat governs everything below. The Digital Omnibus (provisional political agreement of 6–7 May 2026, COREPER text confirmed around 13 May 2026) defers stand-alone Annex III high-risk application from 2 August 2026 to 2 December 2027. It is agreed but not yet law: the European Parliament plenary vote, formal Council adoption and Official Journal publication are still pending. Until they complete, the statute reads 2 August 2026.

---

One Quarter, One Owner: How to Use This Plan

Chapters 1–7 of this guide covered the law: what counts as high-risk, what providers and deployers owe, which deadlines moved and which did not. This chapter is the operational close. It books the work into a calendar. If you have read the legal chapters and concluded that your company has high-risk exposure, you do not need more legal analysis. You need a quarter.

Start with the runway, because that is where most objections come from. Even if the Omnibus deferral is enacted exactly as agreed, the in-force layers leave no idle quarter. The Article 5 prohibitions have applied since 2 February 2025, the general-purpose AI obligations in Articles 51–55 since 2 August 2025, the Article 4 AI literacy duty applies now, and most Article 50 transparency duties still start on 2 August 2026. The runway to 2 December 2027 is time to research and build, not a pause.

Three operating rules carry the whole plan. Name a single accountable owner, a person and not a committee. Book the quarter in the calendar before the work starts, or it will not start. Begin with the register, because everything else gates on it. Treat this quarter as the execution arm of the readiness assessment method: the assessment tells you where you stand, and the plan below turns that position into dated deliverables.

The 90-Day Plan at a Glance

The table is the plan. Each phase produces artefacts, not activities. If a phase ends without its deliverable, it is not done.

The phases gate on each other in sequence. You cannot classify what you have not inventoried, you cannot gap-analyse unclassified systems, and you cannot prioritise remediation without a gap register. Do not start in the middle.

Weeks 1–2: Build or Refresh the AI System Register

No single article of the Act mandates an internal register by name, yet every downstream obligation assumes one exists. Classification, role assignment and literacy scoping all begin here, which is why the register gets the first two weeks to itself.

What Every Register Entry Needs

Capture six fields per system, as a minimum:

1. System name and a one-line description
2. Business owner — a named person, not a department
3. Intended purpose in plain language
4. Build or buy, and the vendor if bought
5. Role hypothesis — provider or deployer, to be confirmed in weeks 3–4
6. Lifecycle status — pilot, production or retired

The purpose statement decides whether week 3 works. Annex III classification turns on the context of use, not the technology. "Scores inbound job applications for shortlisting" classifies cleanly; "HR automation tool" classifies nothing and turns the classification phase into guesswork.

Where Systems Hide

Sweep beyond the obvious. Procurement records, expense reports and shadow IT all surface systems nobody volunteered. AI features embedded in existing vendor tools (HR suites, CRM lead scoring, support-ticket triage) belong in the register even though nobody in your company calls them "AI systems".

The register earns its two weeks twice over. It later feeds the Article 49 EU-database registration that providers of Annex III high-risk systems must complete, and it scopes the Article 4 literacy programme in weeks 9–12. Start from the AI system register template rather than a blank sheet. The bar for the deliverable is a register the named owner would sign their name to.

Weeks 3–4: Classify Each System and Fix Your Role

Classification runs through two routes. Every system in the register takes one of them, or exits as not high-risk with the exit documented.

Route 1: Products and Safety Components - Article 6(1) and Annex I

A system is high-risk under Article 6(1) where it is a product, or a safety component of a product, covered by the Union harmonisation legislation listed in Annex I and subject to third-party conformity assessment: machinery, medical devices, lifts and the rest. If your AI ships inside a regulated product, this is your route. Chapters 1–3 of this guide walk the full method.

Route 2: Stand-Alone Use Cases - Article 6(2) and Annex III

Stand-alone systems used in the Annex III areas (employment, credit, education, essential services, law enforcement and the rest) are high-risk under Article 6(2). One filter exists. Under Article 6(3), an Annex III-area system escapes high-risk status only if it poses no significant risk to health, safety or fundamental rights and does not materially influence decision outcomes. If you claim the filter, document the assessment before the system is placed on the market or put into service (Article 6(4)). Note that Article 49(2) still requires providers to register that not-high-risk conclusion in the EU database.

Use the Draft Guidelines as Orientation - Article 6(5)

The Commission's draft classification guidelines under Article 6(5), published 19 May 2026, orient this phase: general principles, the Article 6(1)/Annex I route, and the Article 6(2)/Annex III route with practical in-and-out examples. The targeted consultation is open until 23 June 2026, and the final version is expected later in 2026. The guidelines are not legally binding (authoritative interpretation rests with the Court of Justice of the EU), so attribute every classification influence to "the draft guidelines" and assume the final text may change.

That is the job of the check log. For each system, record whether the draft guidelines support or challenge your classification, and diarise a re-test for the day the final version lands. It is the cheapest insurance in the whole plan.

Provider or Deployer: Decide Per System - Articles 16, 25 and 26

Role is decided per system, not per company. The Article 16 provider stack and the Article 26 deployer stack are very different workloads, and the same company is routinely provider for one system and deployer for five others.

Watch the Article 25 traps. Putting your name or trademark on a high-risk system, substantially modifying one, or repurposing a system into a high-risk use turns a deployer into a provider, with the full provider stack attached. A white-labelled recruitment tool is the classic example.

Weeks 5–8: Gap Analysis Against Your Obligation Stack

This phase gets four weeks because this is where the volume sits. Take each system's classification and role from weeks 3–4, map the obligations that attach, and record the distance between required state and current state.

Map the Stack Per System and Per Role - Articles 9–15, 26 and 27

The Article 27 trigger is specific. The fundamental rights impact assessment binds bodies governed by public law, private operators providing public services, and deployers of systems under Annex III point 5(b) (creditworthiness and credit scoring) and point 5(c) (life and health insurance risk assessment and pricing).

Prioritise by Deadline First, Then by Risk

Rank gaps by what bites first, regardless of effort. In-force and near-term obligations top the list: any Article 5 exposure (in force now, and carrying the EUR 35 million or 7% ceiling under Article 99(3)), Article 4 literacy (now), GPAI touchpoints (now), and Article 50 transparency (2 August 2026). Then come the long-lead high-risk items, such as technical documentation, quality management and data governance, that consume the runway to 2 December 2027. Most provider and deployer breaches sit in the Article 99(4) tier: up to EUR 15 million or 3% of worldwide annual turnover, with a proportional cap for SMEs and start-ups under Article 99(6).

Run the gap analysis method and capture the results in the gap analysis template. The deliverable bar is simple: every gap carries an owner, a target date and a citation to the obligation it closes. A gap without an article reference is an opinion.

Weeks 9–12: Remediate, Build Evidence Discipline, Cover AI Literacy

Close the Top Gaps First

Pick remediation targets by the deadline-and-risk ranking from weeks 5–8, not by ease of completion. Quick wins that close no dated obligation are theatre. A half-closed Article 50 gap is worth more than three closed cosmetic ones.

Evidence Discipline - Article 99(5)

Evidence discipline means decisions are documented at the moment they are made: classification memos, Article 6(3) assessments, role determinations, gap-acceptance decisions. Reconstructing evidence after the fact is slower and less credible, and it carries its own exposure. Article 99(5) makes supplying incorrect, incomplete or misleading information to notified bodies or competent authorities a separate penalty tier, at up to EUR 7.5 million or 1% of total worldwide annual turnover. Evidence built as you go is the defence. Audit preparation covers the audit-facing view of the same discipline.

Article 4 AI Literacy - Due Now, Not in December 2027

Article 4 has applied since 2 February 2025 and is untouched by the Omnibus. It belongs in this quarter, not a later one. Scope the programme straight from the register: who operates which system, in what role, with what technical background. Then deliver proportionate, documented training. See AI literacy requirements (in force now) for the full duty.

Before day 90, set the watch list: two items, one named owner. First, the final Article 6(5) classification guidelines, whose publication triggers the re-test of every classification logged against the draft. Second, formal Omnibus adoption (Parliament plenary, Council adoption, Official Journal publication), which converts the agreed 2 December 2027 date into law.

End of quarter, you hold four deliverables: top gaps in flight, evidence log live, literacy programme launched, watch list owned.

After Day 90: The Runway Is Build Time, Not Buffer

The Dates That Do Not Move

The deferral never touched most of the calendar set by Article 113. Article 5 prohibitions: in force since 2 February 2025. GPAI obligations (Articles 51–55): in force since 2 August 2025. Most Article 50 transparency: 2 August 2026. Article 4 literacy: now. The Omnibus agreement also added a new fixed date, 2 December 2026, for the CSAM/"nudifier" prohibition and the content-marking and watermarking duties.

One point matters for planning. The new dates are fixed calendar dates. The "stop the clock" proposal, which would have tied the deferral to harmonised-standards availability, was rejected. Never plan as if the timeline floats on standards.

What the Next Quarter Looks Like

2 December 2027 gets consumed quickly because the remaining work is long-lead. Quality management systems, Annex IV technical documentation, data governance and Article 43 conformity assessment are builds measured in quarters, not weeks. A company that starts in Q3 2026 spends the whole runway building, not waiting. The next quarter holds deep remediation of the remaining gap register, conformity assessment preparation, and the classification re-test once the final guidelines land.

The decision in front of you: name the single accountable owner this week, book the quarter in the calendar, and start with the register on day one. Everything in this guide compresses into that sentence.

Ready to run this quarter's plan in one place? See Confir pricing and start self-serve.

How Confir helps

Confir's Risk Classification & Compliance module runs this quarter as one structured workflow: the AI system register as a guided intake, classification against Article 6 and Annex III with a documented finding per system, role assignment including the Article 25 edge cases, and a gap register tied to article references and deadlines. The synthesis engine is deterministic and rule-based. The same intake answers produce the same finding, using the same logic every time, with no model inference and no hallucination, and every finding names the rule that fired. The classification memos and check logs from weeks 3–4 come out as audit-ready artefacts rather than free text, and the evidence log from weeks 9–12 builds itself as decisions are recorded, which is exactly the discipline Article 99(5) rewards.

Frequently Asked Questions

When do high-risk obligations under the EU AI Act apply? The statute as enacted reads 2 August 2026 for stand-alone high-risk systems under Annex III. The Digital Omnibus agreement of May 2026 defers that to 2 December 2027, and the Annex I product-embedded route from 2 August 2027 to 2 August 2028 — but the Omnibus is agreed, not yet law, pending the European Parliament plenary vote, Council adoption and Official Journal publication.

Is the EU AI Act delayed? Only partly. The high-risk deadlines move under the May 2026 Omnibus agreement, but Article 5 prohibitions have applied since 2 February 2025, GPAI rules since 2 August 2025, Article 4 AI literacy is in force, and most Article 50 transparency duties still start 2 August 2026. Content marking gets a new fixed date of 2 December 2026 — the dates are calendar-fixed, not standards-contingent.

Do I need an AI system register under the EU AI Act? No single article mandates an internal register, but you cannot classify systems under Article 6, assign provider or deployer roles, or scope Article 4 AI literacy without one. Providers of Annex III high-risk systems must separately register in the EU database under Article 49. Practically, the register is the first deliverable of any compliance quarter — weeks one and two of this plan.

How long does EU AI Act compliance take? One focused quarter covers the foundation: register (weeks 1–2), classification (weeks 3–4), gap analysis (weeks 5–8) and first remediation (weeks 9–12). The full high-risk build — risk management, Annex IV technical documentation, quality management, conformity assessment — typically runs several further quarters, which is why the runway to 2 December 2027 is build time, not buffer.

What are the penalties for non-compliance with the EU AI Act? Three tiers under Article 99: up to EUR 35 million or 7% of worldwide annual turnover for prohibited practices under Article 5; up to EUR 15 million or 3% for most other obligations; and up to EUR 7.5 million or 1% for supplying incorrect, incomplete or misleading information to authorities. SMEs and start-ups benefit from a proportional cap under Article 99(6).

Are the Commission's high-risk classification guidelines legally binding? No. The draft guidelines under Article 6(5), published 19 May 2026, are practical orientation, not law — authoritative interpretation of the EU AI Act rests with the Court of Justice of the EU. The targeted consultation is open until 23 June 2026 and the final version is expected later in 2026, so log which classifications the draft supports and re-test when the final text lands.

Does the AI literacy requirement of the EU AI Act apply now? Yes. Article 4 has applied since 2 February 2025 and is untouched by the Digital Omnibus agreement. Providers and deployers must ensure a sufficient level of AI literacy among staff and other persons operating AI systems on their behalf, taking account of technical knowledge, context and the persons affected. It belongs in this quarter's plan, not a later one.

Related guides

• The EU AI Act High-Risk Guide — all chapters
• Chapter 1: What counts as high-risk
• Chapter 7: High-risk deadlines
• The readiness assessment method
• The gap analysis method
• The AI system register template
• AI literacy requirements (in force now)