Safety Component Under the EU AI Act: Classification and Obligations

A "safety component" is a component of a product or of an AI system that fulfils a safety function for that product or system, or whose failure or malfunction endangers the health and safety of persons or property. Under Regulation (EU) 2024/1689, whether an AI system qualifies as a safety component of a regulated product is the primary trigger for the Annex I product route to high-risk classification under Article 6(1).

The EU AI Act definition

Article 3 of Regulation (EU) 2024/1689 — the definitions article — defines "safety component" at point 14 as:

a component of a product or of an AI system which fulfils a safety function for that product or AI system, or the failure or malfunctioning of which endangers the health and safety of persons or property.

The definition has two limbs. The first is functional: the component actively fulfils a safety function, meaning it is part of the mechanism that keeps a product or system within safe operating limits. The second is consequentialist: even if the component's primary purpose is not safety, its failure or malfunction would endanger persons or property. Either limb is sufficient; you do not need both.

The practical effect is that "safety component" casts a wide net. A pressure sensor in an industrial machine that, if it fails, allows over-pressurisation that could injure an operator, satisfies the second limb even if it is not marketed as a "safety device." An AI subsystem that monitors brake performance in a vehicle satisfies the first. Both are safety components within the meaning of Article 3, point 14.

Why it matters: the Annex I high-risk route

The relevance of the definition flows directly from Article 6(1), which sets out one of the two routes by which an AI system becomes high-risk. Under Article 6(1), an AI system is classified as high-risk where two conditions are both satisfied.

The first condition is that the AI system is intended to be used as a safety component of a product covered by the Union harmonisation legislation listed in Annex I — or is itself such a product. The Annex I list is broad. It includes the Machinery Regulation (EU) 2023/1230, the Medical Devices Regulation (MDR, 2017/745), the In-Vitro Diagnostic Medical Devices Regulation (IVDR, 2017/746), the Low Voltage Directive, the Radio Equipment Directive, the Toy Safety Directive, the Lifts Directive, and the Automotive sector type-approval frameworks, among others. If the product in which the AI operates is governed by any of these instruments, the first condition is potentially engaged.

The second condition is that the product governed by that Annex I legislation is required to undergo a third-party conformity assessment under that legislation — typically by a notified body, not by internal self-assessment alone. This condition matters because it confines the Article 6(1) route to the higher-stakes product categories where EU product law already demands independent verification. Where the underlying product law permits internal self-assessment only, the two-condition test under Article 6(1) is not met by that route alone, though the system might still be high-risk via the Annex III use-case route under Article 6(2).

Both conditions must be satisfied simultaneously. An AI safety component in a machine covered by the Machinery Regulation will be high-risk via Article 6(1) only if that particular machine is subject to a notified-body conformity assessment under the Machinery Regulation. For machines where internal self-assessment is permitted under the Machinery Regulation, the Article 6(1) route is not triggered — although depending on what the AI does, an Annex III category may apply.

When Article 6(1) applies, the AI system carries the full high-risk obligation stack: a risk management system under Article 9, data governance requirements under Article 10, technical documentation under Article 11 and Annex IV, logging under Article 12, transparency information for deployers under Article 13, human oversight measures under Article 14, accuracy and cybersecurity requirements under Article 15, plus the provider obligations under Article 16, quality management under Article 17, and the conformity assessment procedure under Article 43. That conformity assessment for Annex I product AI is generally the integrated route under Article 43(3) — it runs alongside, and feeds into, the product-level conformity assessment for the Annex I legislation.

On timing: under the Digital Omnibus agreed in May 2026, high-risk AI systems that are safety components of products covered by Annex I legislation must comply by 2 August 2028. This is a later deadline than the 2 December 2027 date that applies to stand-alone high-risk AI under Annex III. The extended timeline reflects the complexity of integrating AI Act compliance into existing product certification procedures. It is not an invitation to delay — technical documentation, risk management systems, and the conformity assessment process all require months of preparation.

Annex I route vs Annex III route

Article 6 creates two distinct paths to high-risk classification, and understanding their relationship is essential.

Article 6(1) — the Annex I product route — asks whether the AI system operates as a safety component inside a regulated product. It is a product-safety trigger. The list in Annex I names specific EU product-safety legislative instruments. The industries it touches are manufacturing, medical devices, diagnostics, automotive, construction, and telecommunications hardware, among others.

Article 6(2) — the Annex III use-case route — asks whether the AI system is used for a purpose listed in one of the eight high-risk categories in Annex III: biometrics, critical infrastructure, education, employment and worker management, access to essential services, law enforcement, migration and asylum, and justice and democratic processes. This route is independent of whether the system is embedded in a physical product.

An AI system can satisfy both routes simultaneously. An AI diagnostic system in an MDR-regulated medical device, for instance, is high-risk via Article 6(1) because it is a safety component in an Annex I product undergoing notified-body assessment. Depending on whether it falls within a recognised Annex III category, it may also be high-risk via Article 6(2). The higher obligations prevail; compliance with one route does not discharge obligations under the other if both apply.

The deadlines differ. Annex III stand-alone systems: 2 December 2027. Annex I product-embedded systems: 2 August 2028. Where a system sits on both routes, the provider must be ready by the earlier date for the applicable obligations — practically, by 2 December 2027 for any use-case obligations that trigger independently.

The conformity assessment routes also differ. Most Annex III categories (points 2 through 8) use the Annex VI internal self-assessment procedure. Annex III point 1 (biometrics) requires the Annex VII notified-body route where harmonised standards are not applied. For Annex I product AI, the conformity assessment under Article 43(3) is integrated with the product-level procedure — the same notified body can assess both.

Examples

An AI subsystem integrated into an autonomous emergency braking system for a passenger vehicle meets both Article 6(1) conditions: the vehicle requires type-approval under an Annex I instrument, that approval involves third-party assessment, and the braking component fulfils a safety function. High-risk classification follows, with the 2 August 2028 deadline.

An AI image-analysis component in a CT scanner regulated under the MDR is in the same position. The MDR is an Annex I instrument; CT scanners in the relevant class require notified-body assessment. The AI assists radiologists by flagging anomalies — if it fails, patient safety could be affected. Article 6(1) applies, deadline 2 August 2028, with an integrated conformity assessment alongside the MDR procedure.

Contrast these with an AI recommendation engine in the mobile app of a machinery manufacturer. The app lets users configure product specifications; the AI suggests compatible accessories. No safety function is performed. Even though the manufacturer's products are Annex I items, this particular AI component is not a safety component within any product. Article 6(1) is not triggered. Absent an applicable Annex III use case, the system is likely minimal-risk.

A boundary case: an AI-based predictive maintenance tool that monitors a lift's operating parameters and flags anomalies to a service technician. Whether this is a "safety component" turns on whether its failure could endanger persons. The classification is fact-specific. Providers facing this question should document their rationale either way, since Article 6(3) requires providers claiming a non-significant-risk finding to register that assessment.

Frequently Asked Questions

Does "safety component" only cover hardware components?

No. The definition in Article 3, point 14 refers to a component of a product or of an AI system. An AI system embedded in software that runs on a regulated physical product can be a safety component. What matters is function and consequence — whether the component fulfils a safety function or whether its failure would endanger persons or property — not whether the component is a physical part.

If an AI system is a safety component but the Annex I product only requires internal self-assessment, does Article 6(1) apply?

Not via Article 6(1). Both conditions of Article 6(1) must be satisfied: the AI must be a safety component in an Annex I product, AND that product must be required to undergo third-party conformity assessment under the Annex I legislation. If the product legislation allows internal self-assessment only, the second condition is not met, and Article 6(1) does not apply by that route. The AI system may nonetheless be high-risk under Article 6(2) if it falls within an Annex III use-case category.

Can a deployer of an AI safety component face high-risk obligations, or only the provider?

Both face obligations. The provider carries the heaviest duties under Article 16 — including Articles 9–15 and the Article 43 conformity assessment. The deployer must comply with Article 26: follow the provider's instructions, maintain human oversight, monitor operation, report incidents to the provider, and retain logs for at least six months. If a deployer substantially modifies the system or repurposes it beyond its intended use, Article 25 may shift provider-level obligations to the deployer.

What is the deadline for AI safety components in Annex I products?

Under the Digital Omnibus, agreed between the European Parliament and Council in May 2026 and pending formal adoption, high-risk AI systems that are safety components of products covered by Annex I legislation must comply by 2 August 2028. This is later than the 2 December 2027 deadline for stand-alone Annex III high-risk systems. The original deadline of 2 August 2026 has been deferred for both categories; it now applies only to limited-risk transparency (Article 50) and general application.

Does the Annex I route require a separate conformity assessment on top of the existing product assessment?

Not necessarily. Article 43(3) provides for an integrated procedure — the AI Act assessment runs alongside the Annex I product assessment, often with the same notified body handling both. Duplication is reduced, but the AI Act's documentation requirements (Annex IV technical file, Annex V Declaration of Conformity) must still be satisfied in full.

Does classifying an AI system as a safety component under Article 3, point 14 automatically make it high-risk?

No. Article 3, point 14 provides the definition; classification as high-risk requires both conditions under Article 6(1) to be met. If the AI is a safety component in an Annex I product but that product does not require third-party conformity assessment, Article 6(1) is not triggered. A safety component classification is a necessary but not sufficient condition for the Annex I route to high-risk status.

Related terms

• Article 6: High-risk AI classification rules
• High-risk AI: obligations and classification
• Manufacturing AI compliance under the EU AI Act
• Healthcare AI and medical devices
• Intended purpose
• Annex III: the stand-alone high-risk use-case list