The EU high-risk AI guidelines published by the European Commission on May 19, 2026 do not rewrite the EU AI Act, but they do sharpen the practical classification test that many deployers and vendors will use before the June 23 consultation deadline. The draft matters because it clarifies the split between product-safety AI and stand-alone Annex III systems, while signaling where biometrics, employment, education, essential services, and law-enforcement use cases are most likely to trigger high-risk obligations.
A draft with a short clock and a broad audience
May 19, 2026
Draft guidelines published
European Commission
June 23, 2026
Consultation deadline
35-day public comment window
5
Annex III domains highlighted here
Biometrics, education, employment, essential services, law enforcement
Aug. 2, 2026
Separate activation date in broader AI Act timeline
Often associated with GPAI obligations
On May 19, 2026, the European Commission published the Draft Commission Guidelines on Classification of High-Risk AI Systems and opened a 35-day public consultation that runs until June 23, 2026. The document is a companion to a separate draft on transparency requirements released the same day. For companies that have treated the EU AI Act as a future compliance project, this is the more immediate operational signal: the Commission is now spelling out how it expects firms to decide whether a system falls into the Act’s high-risk bucket.
That makes the EU high-risk AI guidelines more than a legal explainer. They are a practical map for product teams, procurement leaders, and counsel trying to determine whether a model-enabled workflow sits inside Article 6. The draft does not create new categories beyond the Act itself, but it does clarify where the line is likely to be drawn in real deployments.
The timing matters because many companies still associate the EU AI Act’s near-term milestones with general-purpose AI providers and the August 2, 2026 activation date covered in earlier enforcement reporting. These draft classification guidelines point to a different compliance surface: application-level AI systems used in products and business processes. For a large share of software vendors selling into Europe, that is the more immediate exposure.
The public consultation on the draft guidelines closes June 23, 2026.
“High-risk systems are subject to a detailed set of requirements and obligations designed to address risks to health, safety and fundamental rights.”
Hunton Andrews Kurth analysis of the Commission draft
What the draft changes in practice: Article 6 has two lanes
The cleanest takeaway from the Commission draft is that Article 6 has two distinct routes into high-risk status, and they should not be collapsed into one compliance conversation. Under Article 6(1) and Annex I, a system is high-risk when it is a safety component of a product covered by specified EU product-safety legislation, or when the AI system itself is such a product. This is the hardware-adjacent lane: medical-device AI, automotive advanced driver-assistance systems, and machinery-safety contexts are the standard examples.
Under Article 6(2) and Annex III, the focus shifts to stand-alone systems used in listed domains. This is where the draft matters most for software companies. The legal analysis is less about CE-marking inheritance from an existing product regime and more about the purpose, context, and function of the AI system in a regulated decision flow. That is the newer terrain for many enterprise vendors.
The EU high-risk AI guidelines therefore do not simply expand the scope of the Act. They make the legal split easier to operationalize. Category 1 follows familiar product-safety logic. Category 2 is where software-and-data deployments become the center of gravity, and where many companies that do not think of themselves as ‘AI companies’ may still be pulled in because their tools are used for hiring, credit, eligibility, or biometric identification.
Article 6(1) is product-safety and safety-component logic; Article 6(2) is stand-alone AI in Annex III use cases.
| Route | Legal basis | What it covers | Typical examples |
|---|---|---|---|
| Category 1 | Article 6(1) + Annex I | AI systems that are safety components of regulated products, or are such products themselves | Medical-device AI, automotive ADAS, machinery safety |
| Category 2 | Article 6(2) + Annex III | Stand-alone AI systems used in listed high-risk domains | Hiring screening, creditworthiness, admissions, predictive policing |
The five Annex III domains most companies need to check now
The Commission draft, as summarized in the May 19 materials and legal analyses, clarifies five Annex III domains that deserve immediate review: biometrics, education, employment, essential services, and law enforcement. The list matters because it captures a large share of production machine-learning systems already embedded in enterprise workflows. In practice, the chokepoint is not frontier-model training. It is whether a deployed system is helping make or shape consequential decisions about people.
Biometrics remains one of the clearest triggers. The draft points to remote biometric identification and emotion-recognition systems in non-consent contexts. A vendor offering face-based identity checks, workplace monitoring, or behavioral inference in public or semi-public settings should be testing whether the use case lands inside Annex III rather than assuming it is just another computer-vision feature.
Education is narrower in volume but still material. Admissions systems, assessment tools, and AI used to determine access to vocational training can fall into the stand-alone high-risk category. A scoring model that ranks applicants or influences educational progression is not the same thing, legally, as a generic tutoring assistant.
Employment is where the EU high-risk AI guidelines are likely to hit the broadest set of software vendors. Recruitment screening, performance evaluation, and task allocation are all named areas. That reaches beyond resume parsers. It can touch interview scoring, internal productivity ranking, shift assignment, and systems that recommend who gets what work. For HR-tech providers, this is the category that turns a feature decision into a regulatory one.
Essential services is the other major enterprise chokepoint. The draft highlights creditworthiness, public-benefits eligibility, and dispatch priorities. For fintech, insurtech, and public-sector software suppliers, that means models used to rank applicants, route scarce resources, or influence access to services deserve immediate classification review. Even where a vendor is not the final decision-maker, its software may still sit inside the regulated process.
Law enforcement is the most politically visible category, covering predictive policing and risk profiling of individuals. Many commercial vendors will treat this as a niche market, but the broader lesson is that the Commission is focused on systems that shape state power or materially affect rights. That framing also helps explain why biometrics, employment, and essential services are receiving such close attention.
| Annex III domain | Examples cited in the draft context | Why it matters commercially |
|---|---|---|
| Biometrics | Remote biometric identification; emotion recognition in non-consent contexts | Touches identity, surveillance, and workplace monitoring products |
| Education | Admissions; assessment; access to vocational training | Affects edtech scoring and progression systems |
| Employment | Recruitment screening; performance evaluation; task allocation | Covers core HR-tech and workforce-management workflows |
| Essential services | Creditworthiness; public benefits eligibility; dispatch priorities | Reaches fintech, insurtech, and public-sector SaaS |
| Law enforcement | Predictive policing; risk profiling of individuals | High scrutiny where AI shapes state decisions |
Once a system is high-risk, the obligations chain gets heavy fast
The draft is about classification, not a new standalone enforcement regime. Still, classification is the gateway to a substantial compliance stack. Hunton Andrews Kurth notes that high-risk systems are subject to requirements and obligations aimed at risks to health, safety, and fundamental rights. In broad terms, that includes registration in the EU database, a risk-management system, data-governance controls, technical documentation, transparency measures, human oversight, and standards around accuracy, robustness, and cybersecurity.
That sequence matters operationally because it turns a product question into a lifecycle question. Teams need to know not only whether a use case is high-risk, but also who in the chain is responsible for documentation, testing, oversight, and post-market controls. A company that discovers late in the sales cycle that its feature is being used for creditworthiness or hiring may find that its current product logs, model cards, and contractual terms are not enough.
This is where the EU high-risk AI guidelines could have an outsized effect even before they are finalized. They give legal and compliance teams a stronger basis to ask engineering and go-to-market teams narrower questions: What is the intended purpose? Who is the deployer? Is the system influencing a listed decision? Is there human oversight in a meaningful sense, or only a nominal review step?
If a system is classified as high-risk, compliance obligations extend far beyond disclosure and into governance, documentation, oversight, and registration.
How this fits with the broader EU AI Act timeline
One source of confusion in the market is timing. The August 2, 2026 activation date often cited in coverage is tied to another part of the EU AI Act rollout and has been discussed heavily in the context of general-purpose AI providers. The May 19 draft on high-risk classification is different. It speaks to application-level systems and the organizations that place them on the market, put them into service, or deploy them in regulated contexts.
That distinction matters because many businesses that do not build foundation models still deploy AI into Europe. For them, the relevant question is not whether they are a GPAI provider. It is whether their software is being used in one of the Annex III domains, or whether it functions as a safety component under Annex I-linked product legislation. The EU high-risk AI guidelines are the document that helps answer that narrower but more common question.
The strategic implication is straightforward: a company can be outside the frontier-model debate and still be inside the high-risk compliance perimeter. That is why the draft deserves attention from SaaS vendors, systems integrators, and enterprise buyers, not just model labs and policy teams.
Why US and other non-EU vendors should care now
The draft’s practical reach extends well beyond Brussels. If a US software company sells a workflow tool, scoring engine, or model-enabled API to an EU customer, the customer’s use case may determine whether the system falls into Annex III. That creates contractual exposure even for vendors with no European headquarters. Product descriptions, intended-use clauses, audit rights, documentation commitments, and allocation of compliance responsibilities all become more important when a buyer is using the tool for hiring, admissions, benefits eligibility, or credit decisions.
This is not just a question for regulated incumbents. Many B2B SaaS companies market generic AI features that can be repurposed by customers. The Commission draft increases the pressure to understand downstream use. A vendor may not control every deployment, but it can no longer assume that broad platform language will insulate it if the product is clearly sold into a high-risk function.
For that reason, the EU high-risk AI guidelines should prompt a contract review as much as a policy review. Sales teams need to know which use cases trigger escalation. Counsel needs to know whether customer terms address classification, documentation support, and role allocation under the Act. Product teams need to know whether logging, testing, and human-oversight features are adequate if a customer lands in a high-risk category.
If your EU customer uses your software for an Annex III purpose, your contracts and product documentation may become part of the compliance chain.
What companies should do before June 23
Bottom line: classification is becoming operational
The immediate task is not to guess the final political outcome of the consultation. It is to map products and deployments against the two Article 6 routes while there is still time to comment. Companies should separate safety-component use cases from stand-alone Annex III use cases, then identify whether any current or planned deployments touch biometrics, employment, education, essential services, or law enforcement.
The second step is evidence collection. Teams should inventory intended-purpose language, product documentation, model evaluation records, human-oversight controls, and customer-facing terms. If a company believes a use case should not be treated as high-risk, it will need a reasoned position grounded in the Act and the draft, not a vague claim that a human remains in the loop.
The third step is governance. The June 23 deadline is short, and many companies will miss it because they still think AI Act compliance is mainly about frontier models. The May 19 draft suggests the opposite for a large part of the market. In practical terms, the first wave of impact may land on ordinary software workflows that shape access to jobs, services, education, and identity checks.
Map use cases, review contracts, gather documentation, and decide whether to submit comments before June 23, 2026.
{
"before_june_23": [
"Map products to Article 6(1) or Article 6(2)",
"Check Annex III exposure across biometrics, education, employment, essential services, law enforcement",
"Review intended-purpose language and customer contracts",
"Inventory risk management, documentation, oversight, and logging controls",
"Decide whether to submit consultation feedback to the Commission"
]
}Frequently asked questions
Under Article 6 of the EU AI Act, a system can be high-risk either because it is a safety component of a product covered by specified EU product-safety legislation, or because it is a stand-alone system used in an Annex III high-risk domain.
The European Commission’s draft guidelines on classification of high-risk AI systems were published on May 19, 2026, and the public consultation runs until June 23, 2026, according to the official Commission page.
Because a non-EU vendor can still be affected if its product is used by an EU customer in a high-risk context such as hiring or creditworthiness. The legal baseline is in the EU AI Act, and the practical classification issues are discussed in the Commission’s May 19 draft guidelines.
Primary sources
- European Commission: Draft Commission Guidelines on Classification of High-Risk AI Systems — European Commission
- EU AI Act text on EUR-Lex — EUR-Lex
- Hunton Andrews Kurth analysis of the Commission draft — Hunton Andrews Kurth
- Reed Smith background on EU AI Act changes — Reed Smith
- Hogan Lovells — Hogan Lovells
Last updated: May 23, 2026. Related: Governance.
