EU AI Act Self-Classification Risk: What Happens If You Get It Wrong
AI Law · Enforcement Risk
EU AI Act Self-Classification Risk: What Happens If You Get It Wrong
Thousands of AI companies have self-assessed as non-high-risk — without written analysis, without legal review, without Article 6(3) documentation. When a regulator disagrees, the consequences are not administrative. They are operational.
1
4 scenarios where self-classification fails
HR · credit · medical · legal RAG
2
Misclassification risk quiz
3 questions · instant risk score
3
Classification rationale: what to document
8-item checklist · Article 6(3)
4
Get a classification review
WCR Legal · AI Regulatory Opinion
5
Common questions
Enforcement · retroactive review · penalties
!
No documentation = presumed high-risk
Article 6(3) · burden of proof on provider
The EU AI Act does not ask whether you believe your system is high-risk. It asks whether you can prove why it is not. Self-classification is permitted — but it is not self-certification. The law requires documented rationale, per Article 6(3), for every provider claiming the non-high-risk position. Without it, market surveillance authorities and notified bodies treat the system as high-risk by default. The consequences of misclassification — regulatory enforcement, mandatory market withdrawal, and contractual liability to enterprise clients — are not proportionate to the cost of getting classification right the first time. AI Regulatory Opinions from WCR Legal provide the written classification analysis that is the difference between a defensible position and an enforcement target.
Section 1
Four Scenarios Where Self-Classification Goes Wrong
These four scenarios reflect real patterns seen in AI company compliance assessments. In each case, the company’s self-assessed position was reasonable on first impression — and incorrect on legal analysis.
1
HR Tech · Annex III 4(a)
Candidate ranking presented as “keyword search”
Article 6 · Annex III Category 4
Company says
Our system filters CVs by keyword match. It’s a search tool, not an AI decision system. We are not making hiring decisions — HR managers do that.
Regulator sees
The system assigns a score or ranking to candidates, which materially influences which candidates HR managers review. Annex III Category 4(a) covers AI systems used for recruitment, CV sorting, and evaluation of persons in work-related test situations. The functional effect, not the label, determines classification.
The gap
No Article 6(3) documentation exists. The company has no written analysis explaining why the system falls outside Category 4(a). The absence of documentation is itself a compliance violation.
Result: High-risk. Full Article 16 obligations apply retroactively from market placement. See SaaS classification guide.
2
FinTech · Article 25
B2B credit scoring tool where the deployer becomes the provider
Article 25 · Annex III Category 5(b)
Company says
We provide a credit risk API. Our fintech clients are the ones using it to make credit decisions — they are the deployers. We are just the infrastructure provider.
Regulator sees
The API produces creditworthiness assessments used directly in retail lending decisions. The company is a provider under Article 3(3). The fintech clients are deployers. Provider obligations — including Annex IV technical documentation and conformity assessment — rest with the API company, not its clients, unless Article 25 responsibility has been contractually transferred.
The gap
No supply chain analysis. No provider/deployer mapping. No Article 25 contractual allocation. The company assumed it was “just infrastructure” without legal analysis. See provider vs deployer guide.
Result: Provider of high-risk AI system. Full Article 16 obligations apply. EU registration required before August 2026.
3
MedTech · Annex III 5(a)
Medical decision support claimed as “AI-assisted, not AI-decided”
Article 6(3) · Annex III Category 5
Company says
Doctors make the final decision. Our AI only assists. It is a recommendation tool, not a diagnostic tool. Final clinical judgment remains with the physician, so we are not in Annex III.
Regulator sees
Annex III Category 5(a) covers AI intended to be used as safety components in medical devices or to predict health outcomes. “Assistance” is not the test — functional role in clinical decision-making is. Where AI output materially influences clinical workflow, the human oversight frame does not exclude Annex III classification.
The gap
No Article 6(3) memo documenting why Category 5 does not apply. The “doctor decides” argument is a governance design feature, not a classification defence under the AI Act.
Result: Classification in dispute. Without documentation, the system is presumed high-risk pending a formal Article 6(3) analysis. Market surveillance authority can require suspension pending compliance.
4
LegalTech · Annex III 8
Legal RAG search tool sold to law enforcement clients
Annex III Category 8 · Article 6
Company says
We do retrieval-augmented generation over legal databases. It’s a research tool for legal professionals. No decisions are made by the AI. We are minimal risk.
Regulator sees
The system is sold to law enforcement agencies and used to search case databases and identify persons of interest. Annex III Category 8 covers AI used by competent authorities for law enforcement purposes including evidence searches, criminal analytics, and risk assessments of natural persons in a criminal context. The client type, not the technology label, is the classification trigger.
The gap
The company performed classification based on technology (“it’s just search”) rather than intended use and deployer context. The intended use in a law enforcement context was never analysed against Annex III Category 8.
Result: High-risk under Annex III Category 8. Full Article 16 obligations apply. Law enforcement deployers under Article 27 must also conduct a Fundamental Rights Impact Assessment.
Article 6(3) — The burden of proof is yours
Misclassification is not a good-faith excuse under the AI Act. The regulation requires documented classification rationale. Without it, authorities presume high-risk. A verbal or informal assessment does not satisfy Article 6(3). The documentation must exist before the system is placed on the market — not after the regulator asks.
Section 2
How High Is Your Misclassification Risk?
Answer three questions about your current classification posture. Your score indicates the urgency of a formal classification review.
Misclassification Risk Scorer
3 questions · instant result · Article 6(3) basis
Question 1 of 3
1Have you conducted a formal Annex III classification exercise for your AI system?
Yes — documented in writing, reviewed by counsel
Classification memo exists with Annex III category analysis per system
+0 pts
In progress — we have started but it is not complete
Partial analysis exists without a signed-off classification memo
+2 pts
No — we have not formally reviewed Annex III categories
Classification is based on an informal internal assessment or assumption
+4 pts
Question 2 of 3
2Does your product touch any Annex III use case area?
Yes — HR, credit scoring, healthcare, education, biometrics, or law enforcement
Your system operates in or adjacent to at least one Annex III category
+3 pts
Possibly — we serve B2B clients who may operate in these sectors
Your direct use case is general-purpose but clients may deploy in Annex III contexts
+2 pts
No — our use case is clearly outside all Annex III categories
Written analysis confirms no overlap with any of the 8 Annex III category groups
+0 pts
Question 3 of 3
3If you are claiming your system is not high-risk — have you documented why Article 6(3) applies?
Yes — we have a written Article 6(3) memo per system
Each Annex III category is addressed with a written exclusion rationale
+0 pts
No — we have no written documentation for the non-high-risk claim
The classification position exists but is not supported by a written memo
+3 pts
Low Risk
Well-documented. Your classification posture is defensible.
You have conducted a formal classification exercise, have written Article 6(3) documentation, and are outside core Annex III risk areas. Review your classification annually as your product evolves — new features, new client sectors, or new intended use cases can shift your classification position. An AI Regulatory Opinion can formalise your current position for investor or enterprise client requests.
Medium Risk
Gaps in classification documentation. Enforcement exposure is growing.
Your classification is either incomplete, undocumented, or your product operates in proximity to Annex III categories without a formal exclusion analysis. The August 2026 enforcement deadline means this exposure is active, not theoretical. Book a classification review with WCR Legal to produce the Article 6(3) documentation you need before a regulator or enterprise client asks for it.
High Risk
Significant misclassification risk. Act before enforcement begins.
You are operating an AI system in or near Annex III territory without the written documentation that Article 6(3) requires. Under the August 2026 enforcement deadline, market surveillance authorities can require market withdrawal and impose fines for providers who cannot demonstrate a documented classification basis. Contact WCR Legal before enforcement begins — retroactive classification analysis and documentation is possible and materially reduces your exposure.
Section 3
What Classification Rationale Documentation Must Include
Article 6(3) requires documented rationale for any non-high-risk claim. This is not a checklist the regulation spells out — it is what defensible documentation looks like in practice, based on the enforcement criteria used by market surveillance authorities and notified bodies. Mark what your current documentation covers.
Article 6(3) Classification Rationale Checklist
Per AI system · click to mark as covered in your documentation
0 / 8
System description and intended purpose
What the AI system does, what it is designed to do, and in what operational context it is deployed
Art. 11
Annex III category-by-category exclusion analysis
Written review of all 8 Annex III category groups with specific exclusion basis for each — not a blanket statement
Art. 6(3)
Analysis of intended use in deployment context
Classification must address how the system is actually used by deployers and end-users, not just how it was designed
Art. 6
Client sector analysis (B2B deployer risk)
If you sell B2B, document that your client base does not deploy the system in Annex III contexts — or address those contexts explicitly
Art. 25
GPAI component analysis (if applicable)
If the system uses or integrates a GPAI model (OpenAI, Anthropic, etc.), the classification must address whether the integrated use triggers Annex III
Art. 51
Article 5 prohibited practices confirmation
Separate from Annex III: written confirmation that the system does not employ any Article 5 prohibited practice (February 2025 deadline)
Art. 5
Date of classification and version reference
Classification documentation must be dated and version-controlled — reclassification is required when product functionality changes materially
Art. 6(3)
Legal sign-off by qualified AI law counsel
Internal analysis alone is not equivalent to a legal opinion — investors, enterprise clients, and regulators increasingly require counsel-reviewed documentation
Best practice
Classification gaps identified? WCR Legal prepares Article 6(3) classification memos and full AI Regulatory Opinions that document your non-high-risk position in a form that satisfies regulators, investors, and enterprise procurement teams.
Book a classification review →
Frequently Asked Questions
EU AI Act self-classification risk
1
What are the actual enforcement consequences of misclassification?
+
Under Article 99 of the EU AI Act, market surveillance authorities can impose fines of up to €15 million or 3% of global annual turnover (whichever is higher) for non-compliance with provider obligations that result from misclassification. For intentional or grossly negligent violations, the threshold rises to €30 million or 6%. More immediately, authorities can order market withdrawal — requiring the provider to withdraw the system from the EU market until compliance is demonstrated. For a SaaS company with EU enterprise clients, a market withdrawal order is an existential operational event, not a regulatory fine. The fine is the lesser risk.
2
Can we do a retroactive classification review after the system is already deployed?
+
Yes — and it is always better to do a retroactive classification review than to have none at all. The EU AI Act does not provide a grace period for documentation that should have existed at market placement, but producing defensible Article 6(3) documentation before enforcement contact substantially reduces your exposure. Retroactive documentation demonstrates good-faith compliance effort and gives you a defensible position in any regulatory dialogue. It also satisfies immediate enterprise client and investor requests without waiting for a full compliance programme to complete. The window to do this before the August 2026 enforcement deadline is narrowing. An AI Regulatory Opinion can be produced in 2–3 weeks.
3
Does the Digital Omnibus delay change whether we need classification documentation now?
+
No. The Digital Omnibus political agreement (7 May 2026) proposes to delay Annex III high-risk obligations (technical documentation, conformity assessment, registration) to December 2027 for certain categories. It does not propose to eliminate the classification exercise itself or the Article 6(3) documentation requirement. More importantly, the Digital Omnibus is not yet enacted law. Even if enacted, enterprise clients conducting AI Act DD are asking for classification documentation now — the contractual and commercial pressure to produce it is independent of the regulatory timeline. See our VC due diligence article for how investors are framing this question.
4
We changed our product significantly since we last reviewed classification. Do we need to redo it?
+
Yes. Classification is not a one-time exercise. It must be re-evaluated whenever the AI system or its intended use changes materially. Changes that typically trigger reclassification include: new use cases or intended purposes, new client sectors (especially if those sectors touch Annex III categories), new AI components or foundation model integrations, changes to the decision-making role of the AI within a product, and changes to the deployer or supply chain structure. Classification documentation should be version-controlled and dated, with a reclassification trigger built into your product development and client onboarding processes. See our SaaS classification guide for the full methodology.
5
How does an AI Regulatory Opinion differ from our legal team doing the classification analysis internally?
+
An internal classification analysis is valuable and is often the starting point for an AI Regulatory Opinion. The difference is in the formal status of the output. An AI Regulatory Opinion from specialist AI law counsel is a signed legal memorandum that: (1) can be placed in a legal data room and attributed to external legal counsel, (2) satisfies enterprise procurement requirements for a “legal opinion on AI Act status,” (3) provides an investor-grade classification rationale, and (4) creates an attorney-client privilege layer over the analysis that a purely internal document does not. It is the difference between a position and a defensible position. For enterprise SaaS companies with multiple EU clients asking the same question, a single AI Regulatory Opinion often replaces dozens of individual questionnaire responses.
Get Your Classification Documented Before the Regulator Asks
WCR Legal prepares Article 6(3) classification memos and AI Regulatory Opinions that document your non-high-risk position — or map your full provider obligations if the analysis reveals high-risk classification. Produced in 2–3 weeks. Used for regulatory defence, investor DD, and enterprise client questionnaires.
Post Comment