AI Content Moderation and the EU AI Act: Risk Classification Guide
AI content moderation is typically minimal-risk under the EU AI Act — not Annex III. The DSA governs platforms. Article 50 applies from August 2026.
Automated content moderation is one of the most widespread AI applications on the internet, and one of the most commonly misclassified from a regulatory standpoint. The short answer: AI content-moderation systems are generally not listed in Annex III of Regulation (EU) 2024/1689, which means they typically fall into the minimal- or limited-risk tiers of the EU AI Act. The heavier compliance regime for content moderation on online platforms comes from the Digital Services Act (DSA) — a separate piece of EU law that most compliance teams need to address in parallel but keep analytically distinct.
That said, the EU AI Act does touch content moderation in two important ways: through the Article 50 transparency obligations that apply when AI interacts with users or generates content visible to them, and through the Article 5 prohibitions that cap what any AI system can do regardless of sector. Neither creates the full high-risk stack, but both create real obligations. Understanding which law does what is the starting point for any classification exercise.
Is AI content moderation high-risk under the EU AI Act?
Annex III of the AI Act lists eight areas where AI systems are presumed high-risk. Run through the list against a standard content-moderation system — one that detects spam, harmful speech, or policy-violating content on a hosting platform — and it does not fit.
Annex III covers biometrics, critical infrastructure safety, education and vocational training, employment and worker management, access to essential private and public services (including credit scoring and insurance pricing), law enforcement, migration and border control, and administration of justice. Content moderation on a social network, marketplace, or hosting service falls outside every one of those categories. A system that flags a post for spam, detects a copyright violation, or removes coordinated inauthentic behaviour is performing a platform-governance function, not a function in any Annex III area.
That makes such systems minimal-risk by default — meaning the EU AI Act imposes no mandatory obligations. The Article 6 classification rules confirm this: high-risk status under Article 6 requires either (a) that the system is a safety component in a product covered by Annex I product law, or (b) that it falls within an Annex III area and performs its intended purpose there. Standard content moderation does neither.
One procedural note: even if a system were to fall into a borderline Annex III area, Article 6(3) provides a filter. A system is not high-risk if it does not pose a significant risk of harm to health, safety, or fundamental rights — for example, because it performs a narrow procedural task or improves the result of a previously completed human activity. For content moderation, this filter would almost always confirm the non-high-risk outcome. Providers invoking the Article 6(3) filter must document the assessment and register the system under Article 49.
The current compliance calendar matters here too. Obligations for stand-alone high-risk systems under Annex III apply from 2 December 2027 under the Digital Omnibus agreed in May 2026 (pushing back the original 2 August 2026 date). Article 50 limited-risk transparency obligations apply from 2 August 2026. Article 5 prohibitions have been in force since 2 February 2025. For a company operating a content-moderation system today, Article 5 and Article 50 are the AI Act provisions that demand immediate attention.
The Article 50 transparency angle
Article 50 is where the EU AI Act does apply to content moderation in some configurations. It sets disclosure obligations for systems in the limited-risk tier — not because they are dangerous in the Annex III sense, but because they interact with natural persons or produce content that reaches them.
Article 50(1) requires that providers of AI systems intended to interact directly with natural persons disclose that the person is interacting with AI, in a clear and timely manner. If a content-moderation system communicates with users — sending automated removal notices, issuing AI-generated appeals decisions, or routing users through an automated resolution flow — that disclosure obligation applies. The obligation sits with the provider of the AI system; deployers have a parallel duty under Article 50 to pass that information on.
Article 50(3) covers emotion-recognition and biometric-categorisation systems. If a content-moderation pipeline includes a component that infers the emotional state or identity characteristics of a person from biometric data — say, to flag distressed users or categorise accounts — the operator must disclose that fact to the natural persons concerned.
The marking obligation under Article 50(4) is particularly relevant where AI generates the content itself rather than merely evaluating it. Where an AI system produces text, image, audio, or video content intended for publication, operators must label that content as AI-generated or synthetic. A platform that auto-generates policy-violation notices, automated appeals responses, or moderation reports using a generative model must mark those outputs accordingly. This obligation applies from 2 August 2026.
The practical upshot: review your moderation pipeline for any user-facing touchpoint where AI communicates a decision or generates visible content. Those touchpoints need Article 50 disclosures. The moderation logic itself — the classifier that makes the decision behind the scenes — does not trigger Article 50 on its own.
The DSA is the main regime (separate law)
For online platforms, the Digital Services Act (Regulation (EU) 2022/2065) is the primary legal framework governing content moderation. It imposes obligations that are distinct from, and more operationally demanding than, anything in the EU AI Act for this use case. Do not conflate them.
Under the DSA, hosting services (Article 17) must provide users with a statement of reasons whenever they remove, restrict the visibility of, or demote content. The statement must explain which terms of service provision was violated, the geographic scope, the duration, and the facts and circumstances that led to the decision. This is a legal obligation under the DSA, not the AI Act.
Platforms with very large online platform (VLOP) or very large online search engine (VLOSE) status face an additional layer. The DSA requires them to conduct annual risk assessments of systemic risks arising from their systems — including algorithmic amplification — and to implement risk-mitigation measures. Transparency reporting obligations (DSA Article 15 for hosting services, and more detailed reports under DSA Article 42 for VLOPs/VLOSEs) require periodic publication of the number of automated content-moderation decisions, error rates, and appeals data.
There is an important structural point here: the DSA's content-moderation obligations apply to the platform's conduct in moderating content, regardless of whether automated systems or human reviewers carry out that moderation. The EU AI Act, by contrast, applies to the AI system as a product or service. A platform may owe DSA notice-and-action duties and AI Act Article 50 transparency duties simultaneously, but for entirely different reasons and under separate enforcement regimes. The DSA is enforced by the Digital Services Coordinator in the member state where the platform is established (with the European Commission for VLOPs/VLOSEs); the AI Act is enforced by national market-surveillance authorities and, for GPAI models, by the AI Office.
Keep your DSA compliance program and your EU AI Act compliance program in separate workstreams. The documentation they require is different; the enforcement authorities are different; the remedies are different.
When moderation AI could be high-risk
There are narrow scenarios where a content-moderation system does attract high-risk obligations under the EU AI Act. They share a common thread: the moderation function is being used to make decisions about people in an Annex III context, not simply to manage content.
Law enforcement (Annex III, point 6). If a platform's moderation system is deployed by or in support of a law-enforcement authority — for example, scanning communications to detect criminal behaviour and producing outputs that inform law-enforcement decisions — it may fall within Annex III point 6(a) or 6(b) (assessing the likelihood of offending, evaluating evidence reliability, profiling natural persons). In that configuration, the full high-risk stack applies: risk management under Article 9, technical documentation under Article 11, human oversight under Article 14, and a conformity assessment under Article 43 before deployment.
Migration and border control (Annex III, point 7). Content screening used in the context of asylum applications, visa processing, or border-control decisions could fall within Annex III point 7 if it examines application-relevant content in a way that influences the outcome.
Administration of justice (Annex III, point 8). A moderation system that assists a judicial authority in assessing evidence — for example, providing automated analysis of social-media content for court proceedings — could fall within Annex III point 8(a).
In each case the high-risk designation attaches not because the system moderates content, but because the context of its use places it in an Annex III area. A system deployed by a law-enforcement body to screen communications is not the same product as a system deployed by a social network to enforce community guidelines, even if the underlying model is identical. Article 25 of the AI Act is relevant here: where a deployer substantially modifies a system's intended purpose or puts it to a new use, that deployer may become the provider for the repurposed system.
Finally, Article 5 applies unconditionally. A moderation system that deploys real-time remote biometric identification in publicly accessible spaces for law-enforcement purposes is prohibited under Article 5(1)(h). A system that sorts users into sensitive categories using biometric data — religion, political opinion, sexual orientation — is prohibited under Article 5(1)(g). These prohibitions have been in force since 2 February 2025 and carry fines up to €35,000,000 or 7% of total worldwide annual turnover, whichever is higher.
What to do
Step 1: classify under the EU AI Act. Run each component of your moderation stack through the Article 6 framework. For each system, identify its intended purpose and check whether that purpose places it in an Annex III area. For the vast majority of content-moderation systems, the answer will be no, and the outcome is minimal risk with no mandatory AI Act obligations. Document the classification either way — a brief record of why you concluded the system is not Annex III high-risk is worth maintaining.
Step 2: screen Article 5. Regardless of tier, confirm that your system does not engage any prohibited practice under Article 5. Check in particular for any use of real-time remote biometric identification, sensitive biometric categorisation, or practices that manipulate users through subliminal techniques. This step is not optional — the prohibitions apply now.
Step 3: handle Article 50 disclosure. Audit every user-facing touchpoint in your moderation workflow. Where the AI communicates with users (automated notices, appeals, resolution messages), add Article 50(1) disclosure. Where it generates visible content (auto-drafted notices, reports), add Article 50(4) marking. Build this into your product before 2 August 2026.
Step 4: run your DSA compliance separately. Statement-of-reasons obligations, transparency reporting, and risk assessments under the DSA are separate obligations with their own documentation requirements. Operate them in parallel, not merged with your AI Act work.
Step 5: document everything. Even for minimal-risk systems, a short classification record — what the system does, why it is not Annex III, who made the determination, and when it was reviewed — provides a defensible paper trail if an authority asks.
How Confir helps
Confir runs the Article 5 and Article 6 / Annex III classification logic as a plain-English checklist. Answer a series of scenario questions about your system's purpose, deployment context, and outputs, and Confir's rule-based engine derives the risk tier and the applicable role (provider under Article 16 or deployer under Article 26). For systems that land in the minimal-risk tier — as most content-moderation systems will — the result is a documented classification record. For any system that reaches the high-risk tier, Confir drives the structured compliance assessment across risk management (Article 9), technical documentation (Article 11 / Annex IV), transparency and human oversight (Articles 13 and 14), and post-market monitoring (Article 72).
The engine is deterministic and rule-based: the same answers produce the same finding every time, and the rule that fired is human-readable. That makes the output audit-defensible — which matters when a market-surveillance authority asks how you determined your system was not Annex III high-risk.
Confir starts at €600 per year. Details at confir.eu.
Frequently Asked Questions
Is an AI content-moderation system automatically high-risk under the EU AI Act?
No. Content moderation does not appear in Annex III of Regulation (EU) 2024/1689, which lists the eight areas where AI systems are presumed high-risk. A standard moderation system — one that detects spam, harmful speech, or policy violations — is minimal-risk by default. High-risk obligations under the Annex III stand-alone track apply from 2 December 2027 under the Digital Omnibus agreed in May 2026.
Does the EU AI Act or the DSA govern content moderation for online platforms?
Both can apply, but for different reasons and to different things. The Digital Services Act (Regulation (EU) 2022/2065) imposes notice-and-action, statement-of-reasons, and transparency-reporting duties on hosting platforms — these are the primary content-moderation obligations and apply regardless of whether AI is used. The EU AI Act applies to the AI system as a product: Article 50 transparency obligations apply where the system interacts with users or generates content, and Article 5 prohibitions apply unconditionally. Keep the two compliance workstreams separate.
What Article 50 obligations apply to a content-moderation system?
Article 50(1) requires disclosure when an AI system communicates directly with natural persons — for example, automated removal notices or AI-generated appeals responses. Article 50(4) requires marking where the AI generates content (text, images, audio, video) intended for publication. Both obligations apply from 2 August 2026. The classification logic of the moderation system itself — the classifier running in the background — does not trigger Article 50 unless it produces user-facing outputs.
Can a content-moderation system ever be high-risk?
Yes, in narrow circumstances. If the system is deployed by or in direct support of a law-enforcement authority (Annex III point 6), or used in migration and asylum processing (point 7), or assists a judicial authority (point 8), high-risk obligations attach — not because the system modifies content, but because the context of its use falls in an Annex III area. The same model can be minimal-risk on a social network and high-risk in a law-enforcement setting. Article 25 of the AI Act also means a deployer who repurposes a system for an Annex III context may become the provider of a high-risk system.
What are the penalties for breaching Article 5 with a moderation system?
A content-moderation system that violates an Article 5 prohibition — for example, by conducting real-time remote biometric identification in public spaces or sorting users using sensitive biometric categories — faces fines up to €35,000,000 or 7% of total worldwide annual turnover, whichever is higher (Article 99(3) of Regulation (EU) 2024/1689). These prohibitions have been in force since 2 February 2025. For companies under the SME threshold, Article 99(6) caps the fine at the lower of the percentage or the fixed amount.
Do we need an Article 27 Fundamental Rights Impact Assessment for content moderation?
In most cases, no. Article 27 applies to deployers who are public bodies or who deploy systems in the creditworthiness (Annex III point 5(b)) or life and health insurance (point 5(c)) categories. A private-sector platform deploying a content-moderation system does not fall within those categories, so no FRIA is required. If the platform is a public body using moderation in a public-service context, the analysis changes — consult the Article 27 conditions directly.
Related guides
- EU AI Act risk classification overview
- Limited-risk AI systems and Article 50 transparency
- Article 50: transparency obligations for AI systems
- Annex III: the full list of high-risk AI use cases
- Article 5: prohibited AI practices
- Is my AI system high-risk? A classification walkthrough
Manage your EU AI Act compliance in one place
Confir automates risk classification, technical documentation, and audit trails for any company. No consultants. No 6-month projects. 7-day free trial.
Start free trial →