EU AI Act Article 49: EU Database Registration for High-Risk AI (2027)

Before a high-risk AI system can legally reach a customer, it must be registered in a public EU database. Article 49 of Regulation (EU) 2024/1689 makes that registration a hard prerequisite — not a post-launch formality, not an optional filing. No registration, no lawful market placement.

This guide covers who must register and when, what data goes into the EU database, which systems get routed to a restricted non-public section, how Article 49 relates to the conformity assessment (Article 43), the Declaration of Conformity (Article 47), and CE marking (Article 48) that precede it, and what the registration obligation means in practice for a company of 20 or 200 people.

The compliance deadline for stand-alone Annex III high-risk systems is 2 December 2027, following the deferral agreed under the Digital Omnibus in May 2026.

---

What Article 49 Actually Requires

Article 49 creates three distinct registration duties, each aimed at a different actor.

Providers (and their authorised representatives) must register themselves and their high-risk AI system in the EU database referred to in Article 71 before placing the system on the market or putting it into service — provided the system falls under Annex III but is not one of the critical-infrastructure systems listed at Annex III, point 2 (safety components in the management and operation of critical digital infrastructure, road traffic, and utilities). Point 2 systems follow the sectoral rules for Annex I products and are not registered under Article 49.

Providers who applied the Article 6(3) exemption — that is, providers who concluded their Annex III system does not pose a significant risk of harm and is therefore not high-risk — must also register themselves and the system. The register is not solely for confirmed high-risk systems. If you invoked the exemption, the database records that fact. This is a deliberate transparency mechanism: regulators and the public can see that a provider assessed the system and claimed the exemption, which creates accountability for that assessment.

Deployers that are public authorities, Union institutions, bodies, or agencies, or private parties acting on their behalf, must register their use of an Annex III high-risk system before putting it into service. A private company using a high-risk AI tool without a public-authority mandate does not carry this obligation. A municipality using a predictive-policing or benefits-eligibility tool does.

---

The Annex VIII Data Fields

The information entered into the EU database is specified in Annex VIII of the Act, which is divided into three sections.

Section A covers registration by providers (or their authorised representatives) of Annex III systems that are not subject to the Article 6(3) exemption — that is, confirmed high-risk systems. The fields include: provider name and contact details; member states of intended market placement; name and description of the system; intended purpose; the Annex III category the system falls under; version information; status (available on the market or withdrawn); a summary description for the public; a link to instructions for use (where publicly available); a reference to the Article 43 conformity assessment route used; and whether a notified body was involved.

Section B covers registration by providers who applied the Article 6(3) non-high-risk exemption. The fields are narrower: provider identity, system name, a description of the intended purpose, and a statement of the grounds for concluding the system does not pose a significant risk of harm.

Section C covers registration by deployers that are public bodies. The fields include: the deployer's identity and contact details; the name and registration number of the AI system as entered by the provider; the deployer's intended use, including the geographic area, categories of natural persons to whom the system will be applied, and the anticipated number of affected persons; and the rationale for using the system.

Providers registering under Section A must also update the record after each substantial modification and when the system is withdrawn from the market.

What triggers an update to an existing registration

Registration is not a one-time event. Providers must update the EU database entry whenever:

• the system undergoes a substantial modification (Article 43(4) triggers a new conformity assessment; the registration must reflect the updated version and assessment outcome);
• the system is withdrawn from the market or taken out of service;
• the previously registered information — intended purpose, Annex III category, conformity route — has changed.

Providers who register and then significantly retrain the model, expand the intended purpose beyond what was declared, or add functionality that brings new natural-person categories within scope must treat that as a new assessment cycle and update the registration accordingly. The database entry is not a snapshot locked at launch — it is a live record.

---

Authorised Representatives and Cross-Border Registration

If the provider is established outside the EU but places a high-risk system on the EU market, it must appoint an authorised representative under Article 22. The representative is established in the EU and acts on the provider's behalf for all regulatory obligations, including Article 49 registration. The Annex VIII, Section A fields include the authorised representative's identity and contact details alongside the provider's.

One EU authorised representative can cover multiple member states — there is no obligation to appoint a separate representative per country. The representative cannot, however, assume provider obligations for a system it does not understand: Article 22 requires the mandate to specify the systems covered and to grant the representative access to the technical documentation and Declaration of Conformity.

This matters for non-EU SaaS providers selling recruitment, credit-scoring, or biometric tools into the EU. Without an Article 22 authorised representative in place, the Article 49 registration cannot lawfully proceed, because the Annex VIII Section A fields require an EU-based point of contact. Setting up the representative relationship is therefore a prerequisite, not an afterthought.

---

The Non-Public Section: Law Enforcement, Migration, and Border Control

Not all registration data is publicly searchable. Article 49 carves out a secure, non-public section of the EU database for systems used in:

• law enforcement (Annex III, point 6)
• migration, asylum, and border control (Annex III, point 7)
• administration of justice (Annex III, point 8)

For these systems, only a limited set of fields is disclosed to the public. Full registration data is accessible to the Commission, relevant market surveillance authorities, and the European Data Protection Supervisor, but not to the general public. The rationale is straightforward: publishing the operational details of a law-enforcement risk-scoring tool or a border-control document-verification system could compromise security operations or identify protected methods.

This carve-out matters for deployers in national security-adjacent functions. You still register. You still supply the data. The restricted section simply controls who can read it.

---

Where Article 49 Sits in the Compliance Sequence

Article 49 registration is the final step in a defined pre-market sequence. The order matters because each step depends on the one before it.

1. Classify the system under Article 6 (and Annex III). If the system is not high-risk — either because it falls outside Annex III entirely, or because you have documented an Article 6(3) exemption — most of the heavy obligations do not apply. But if you claim the exemption, registration is still required (Section B above).

2. Complete conformity assessment under Article 43. For most Annex III systems this is internal control via Annex VI; biometric identification and some point 1 (biometrics-related) systems require involvement of a notified body. The conformity assessment verifies that the system meets the requirements in Articles 9–15: risk management system (Article 9), data governance (Article 10), technical documentation (Article 11), logging (Article 12), transparency (Article 13), human oversight (Article 14), and accuracy/robustness/cybersecurity (Article 15).

3. Draw up the Article 47 Declaration of Conformity (DoC) — the provider's written statement that the system meets all applicable obligations. The DoC references the completed conformity assessment and the technical documentation compiled under Article 11 and Annex IV.

4. Affix CE marking under Article 48, which is only permitted once the DoC is in place.

5. Register in the EU database under Article 49.

A provider cannot lawfully skip to step 5. Registration is evidence that steps 1–4 are complete, not a substitute for them.

---

Three Documents That Are Frequently Confused

Registration (Article 49) is a regulatory filing in the EU database. It is a public record created by submitting the Annex VIII fields. It says: "This system exists, here is who built it, here is its intended purpose, here is its conformity status."

Declaration of Conformity (Article 47) is a legal document held by the provider and made available on request. It says: "We have completed conformity assessment and this system meets the requirements of Regulation (EU) 2024/1689." The DoC is not uploaded to the EU database wholesale — but the Section A registration fields reference the conformity assessment route that underpins it, and national authorities can request the full document separately.

Internal AI inventory is not a regulatory artifact at all. Many organisations maintain an internal register of AI systems they develop or deploy — it is good governance, and it feeds the data needed for Article 49 registration and for Annex VIII fields. But it has no legal status of its own and does not substitute for either the DoC or the EU database entry.

The three are related but distinct. Providers who conflate them tend to discover the distinction when a market surveillance authority asks to see their EU database entry and finds either no entry or one that was populated with the wrong data.

A fourth document sometimes enters the confusion: the Article 11 / Annex IV technical documentation. This is the evidentiary backbone that the DoC attests to, and that conformity assessment reviews. Registration does not require uploading the technical documentation — but it does require the conformity assessment referenced in the Annex VIII fields to have been conducted against it. The documentation must be held by the provider and made available to national authorities on request under Article 74.

---

A Worked Example: HR-Tech Company, 35 Employees

Suppose a German software company with 35 employees builds a CV-screening tool that ranks job applicants and generates a shortlist. The tool falls under Annex III, point 4 (employment, workers management, access to self-employment).

The company's compliance path under Article 49 runs as follows.

First, it documents the Article 6 classification. The tool makes assessments about natural persons in an employment context, so it is high-risk — the Article 6(3) exemption for non-significant-risk systems does not apply because the system influences hiring decisions. This documentation goes into the technical file.

Second, it conducts a conformity assessment under Article 43 using internal control (Annex VI). This produces a conformity assessment report covering the Article 9 risk management system, Article 10 data governance, and the rest of the Chapter 3 requirements.

Third, it draws up an Article 47 Declaration of Conformity referencing the assessment report and the Annex IV technical documentation.

Fourth, it affixes the CE marking under Article 48.

Fifth, it registers in the EU database under Annex VIII, Section A. The entry includes the company's legal name and address, a description of the CV-screening system, confirmation that it falls under Annex III point 4, and a reference to the internal-control conformity route.

If the company later sells the tool to a German federal employment agency, that agency — as a public-body deployer — must also register its use under Annex VIII, Section C, before putting the system into service.

---

The Article 6(3) Exemption and Registration

The exemption in Article 6(3) allows a provider to conclude that an Annex III system is not high-risk if it does not pose a significant risk of harm to health, safety, or fundamental rights. The four scenarios where a system qualifies: it performs a narrow procedural task; it improves the result of a previously completed human activity; it detects decision patterns without replacing or influencing human assessment; or it performs preparatory work for an assessment that a human will make. Any system that profiles natural persons remains high-risk regardless.

Providers who apply this exemption must document the assessment in writing. They must also — and this surprises many practitioners — still register themselves and the system in the EU database under Annex VIII, Section B. The exemption removes the heavy Article 9–15 obligations. It does not remove the registration obligation. The logic is transparency: the public database should reflect both confirmed high-risk systems and systems where providers claimed the exemption, so that regulators can audit those claims.

---

Public Accessibility: The EU Database as a Transparency Tool

With the exception of the restricted section for law enforcement, migration, and border-control systems, the EU database is publicly accessible and searchable. The Commission is responsible for establishing and maintaining it under Article 71.

This public accessibility is substantive. Deployers can look up a system before purchasing it — checking whether it is registered, what conformity route was used, and whether a notified body was involved. Civil society organisations, journalists, and researchers can monitor which high-risk AI systems are on the market and in what sectors. National authorities can cross-check registrations against market surveillance findings.

The database also has a deterrent function. Providers who place an unregistered high-risk system on the market face a record that is, by definition, absent. That absence is visible.

---

Penalties for Non-Registration

Failure to register a high-risk AI system in the EU database, or providing inaccurate or incomplete registration data, falls under the general non-compliance tier in Article 99. The maximum fine is €15,000,000 or 3% of total worldwide annual turnover for the preceding financial year, whichever is higher.

For SMEs and start-ups, Article 99(6) provides a proportionality protection: fines are capped at the lower of the percentage or the fixed amount. A 20-person company with €2 million in annual revenue faces a ceiling of €60,000 (3%), not €15 million. That ceiling still concentrates the mind.

Supplying false or misleading information in the registration — for example, understating the intended purpose or misclassifying the Annex III category — falls under the lower tier: €7,500,000 or 1% of annual worldwide turnover. Deliberate misrepresentation risks triggering the higher tier at the discretion of the competent authority.

The compliance deadline for stand-alone Annex III systems is 2 December 2027 (deferred from the original 2 August 2026 date under the Digital Omnibus agreed in May 2026). For high-risk AI embedded in Annex I regulated products, the deadline is 2 August 2028.

---

How Confir Helps

Confir's rule-based classification engine works through the Article 6 and Annex III logic during the system intake. Once classification is confirmed, it generates the Annex VIII registration data fields — Section A for confirmed high-risk systems, Section B for systems where the Article 6(3) exemption has been applied — drawn directly from the system record you have already built.

This means the registration filing is not a separate data-gathering exercise. The Annex VIII output is a by-product of the conformity work already done: the provider details, system description, Annex III category, conformity assessment route, and notified body reference are all captured in the structured record. The same record feeds the Article 47 Declaration of Conformity and the Article 11 technical documentation pack.

The engine is deterministic and rule-based: the same intake answers produce the same Annex VIII fields, which is the right behaviour for a document you are filing with a public regulatory database.

---

What to Do Now

The 2 December 2027 deadline is later than the original date, but the conformity assessment work that precedes registration — the Article 9 risk management system, Article 10 data governance, Article 11 technical documentation — takes months to complete properly. Registration is only the last step. Providers who wait until late 2027 to start will not have time to do the preceding work with the rigour it requires.

The practical checklist:

1. Inventory every AI system you develop or deploy and classify each under Article 6 and Annex III.
2. For each high-risk system, determine whether you are the provider or a deployer — the obligations differ.
3. If you are a provider, begin the Article 43 conformity assessment. This is where most of the effort sits.
4. Document any Article 6(3) exemption claims in writing — and note that registration is still required.
5. Draw up the Article 47 DoC and affix CE marking once conformity assessment is complete.
6. Register in the EU database, using the Annex VIII fields, before placing the system on the market.
7. If you are a public-body deployer, register your use (Annex VIII, Section C) before putting the system into service.

Registration is a checkpoint, not the finish line. The documentation that makes it credible is the harder task.

---

Related guides

• AI system inventory management
• SMB compliance requirements
• EU AI Act compliance requirements