Skip to main content
How to Conduct an EU AI Act Risk Assessment (Step-by-Step)
Risk Assessment

How to Conduct an EU AI Act Risk Assessment (Step-by-Step)

AI Comply HQ Team12 min read

Risk assessment is where EU AI Act compliance begins. Everything else hangs off one decision: what risk tier does your AI system fall into? Documentation, conformity assessment, human oversight, all of it flows from that single answer. Get it wrong and you go one of two ways. You pour money into compliance a minimal-risk system never needed, or, far worse, you under-build for a high-risk one and find out the hard way.

So we wrote this to keep you on the right side of that line. We walk you through the full risk assessment process exactly as the EU AI Act (Regulation (EU) 2024/1689) lays it out, the same way seasoned compliance professionals work it. The goal: a defensible, auditable classification for every AI system you run.

Why Risk Assessment Must Come First

The EU AI Act is a risk-based regulation. Other frameworks bolt the same requirements onto everything regardless of context. This one does the opposite: it calibrates obligations to the level of risk a system poses to health, safety, and fundamental rights.

So risk assessment is not box-ticking. It is the gate that decides:

  • Whether your system is banned outright (Article 5 prohibited practices)
  • Whether you must comply with the full high-risk regime (Chapter III, Section 2)
  • Whether you face limited transparency obligations (Article 50)
  • Whether you are exempt from mandatory requirements (minimal risk)

A flawed risk assessment does not stay contained. The error ripples through your entire compliance programme. Spend the time up front and get it right.

Step 1: Build Your AI System Inventory

You cannot assess what you have not listed. So before anything else, build a complete inventory of every AI system your organisation develops, deploys, imports, or distributes. Most teams underestimate how long that list turns out to be.

What Counts as an AI System?

The EU AI Act defines an AI system broadly in Article 3(1) as a machine-based system designed to operate with varying levels of autonomy, that may exhibit adaptiveness after deployment, and that infers from inputs how to generate outputs such as predictions, content, recommendations, or decisions that can influence physical or virtual environments.

This definition captures:

  • Deep learning models and neural networks
  • Traditional machine learning classifiers (random forests, gradient boosting, SVMs)
  • Natural language processing systems (chatbots, document analysers, summarisers)
  • Computer vision systems (image classification, object detection, facial recognition)
  • Recommendation engines
  • Robotic process automation with adaptive decision-making components
  • Generative AI systems (LLMs, image generators, code assistants)

It does not capture simple rule-based systems with no learning or inference capability, though that boundary gets blurry fast. Our rule of thumb: when in doubt, put the system on the list and assess it.

Information to Capture

For each AI system, document at minimum:

FieldPurpose
System name and versionUnique identification
Business ownerAccountability
Technical teamDay-to-day responsibility
Intended purposeWhat the system is designed to do
Deployment contextWhere and how it is used
Affected populationsWho is impacted by the system's outputs
Data sourcesWhat data the system ingests
Output typePredictions, classifications, recommendations, decisions, content
Autonomy levelDoes a human review outputs before action?
Current statusDevelopment, testing, production, deprecated

This inventory becomes your master register. Every compliance activity that follows gets tracked against it.

Step 2: Screen for Prohibited Practices

The first gate is binary. Is this system prohibited under Article 5? If the answer is yes, no amount of compliance engineering will rescue it. The system must be redesigned or decommissioned.

So work through the eight categories of prohibited practices one by one:

Prohibition Checklist

  1. Social scoring: Does the system evaluate or classify natural persons based on social behaviour or predicted personality characteristics, leading to detrimental treatment unrelated to the context in which the data was generated?

  2. Subliminal manipulation: Does the system deploy subliminal techniques beyond a person's consciousness to materially distort behaviour in a manner that causes or is likely to cause harm?

  3. Exploitation of vulnerabilities: Does the system exploit vulnerabilities related to age, disability, or social or economic situation to materially distort behaviour?

  4. Untargeted facial image scraping: Does the system create or expand facial recognition databases through untargeted scraping of facial images from the internet or CCTV footage?

  5. Emotion recognition in restricted contexts: Does the system infer emotions of natural persons in workplaces or educational institutions, except for medical or safety reasons?

  6. Biometric categorisation on sensitive attributes: Does the system categorise natural persons based on biometric data to deduce race, political opinions, trade union membership, religious beliefs, sex life, or sexual orientation?

  7. Predictive policing: Does the system make risk assessments of natural persons to predict criminal offences based solely on profiling or personality traits?

  8. Real-time remote biometric identification in public spaces: Does the system perform real-time biometric identification in publicly accessible spaces for law enforcement purposes, outside the narrow exceptions in Article 5(1)(h)?

For each system in your inventory, record a yes/no answer to every question, with supporting evidence behind it. And a "maybe"? Escalate it to legal review straight away.

Step 3: Evaluate Against High-Risk Categories

Cleared the prohibition screen? Good. Now the next question: does the system qualify as high-risk? The Act gives you two pathways into that tier, and a system only needs to hit one of them.

Pathway 1: Safety Component (Article 6(1))

An AI system is high-risk if it is:

  • A safety component of a product covered by EU harmonised legislation listed in Annex I (e.g., machinery, medical devices, vehicles, toys, lifts, pressure equipment), and
  • The product is required to undergo a third-party conformity assessment under that legislation

This pathway is about AI tucked inside physical products that are already regulated.

Pathway 2: Annex III Standalone Systems (Article 6(2))

An AI system is high-risk if it falls into one of the use-case categories listed in Annex III:

  1. Biometrics: remote biometric identification (not real-time in public for law enforcement, which is prohibited), biometric categorisation, emotion recognition
  2. Critical infrastructure: management and operation of road traffic, water, gas, heating, electricity supply, and digital infrastructure
  3. Education and vocational training: determining access, assessing learning outcomes, monitoring prohibited behaviour during exams, adaptive learning that affects education path
  4. Employment and worker management: recruitment, screening, hiring decisions, task allocation, performance monitoring, promotion, termination
  5. Access to essential services: creditworthiness assessment, risk pricing for life and health insurance, evaluation of emergency call reliability, eligibility for public assistance
  6. Law enforcement: individual risk assessment, polygraph-adjacent tools, evidence evaluation, profiling in criminal investigations
  7. Migration, asylum, and border control: risk assessment, document authentication, visa application processing
  8. Administration of justice: researching and interpreting facts and law, applying law to facts

The Article 6(3) Exception

Even if a system falls into an Annex III category, Article 6(3) provides a narrow exception: a system is not high-risk if it does not pose a significant risk of harm to health, safety, or fundamental rights, including by not materially influencing the outcome of decision-making. This exception does not apply if the system performs profiling of natural persons.

Planning to lean on this exception? Then document your reasoning in full. Regulators will pick apart any claim that an Annex III system somehow is not high-risk, so make the case airtight.

Step 4: Assess Limited-Risk Transparency Obligations

Not prohibited, not high-risk: you are not off the hook yet. A system in this band can still trigger transparency requirements under Article 50:

  • Chatbots and conversational AI: Users must be informed they are interacting with an AI system
  • Emotion recognition systems: Individuals must be informed when such a system is applied to them
  • Deep fakes: Synthetic content depicting real persons or events must be labelled
  • AI-generated content: Text, images, audio, or video generated by AI must be marked in a machine-readable format

Check each system against these obligations, and write down whether they apply.

Step 5: Document Your Classification Decision

Here is where you make the work defensible. For every AI system in your inventory, produce a risk classification record that captures:

  • System identifier from your inventory
  • Risk classification: Prohibited, High-Risk (Pathway 1 or 2), Limited Risk, or Minimal Risk
  • Rationale: The specific articles and annexes that support the classification
  • Evidence reviewed: What information you considered (system architecture, intended purpose, deployment context, affected populations)
  • Reviewer: Who conducted the assessment and their qualifications
  • Date: When the assessment was completed
  • Review schedule: When the classification will be re-evaluated

This record does double duty. It shows regulators you did the diligence, and it gives you solid ground to stand on if anyone challenges the classification later.

Step 6: Plan Compliance Activities Based on Classification

Classifications in hand, you can now map each system to the compliance work it actually requires:

Risk TierRequired Actions
ProhibitedDecommission or fundamental redesign
High-RiskFull Chapter III, Section 2 compliance: risk management (Art. 9), data governance (Art. 10), technical documentation (Art. 11, Annex IV), record-keeping (Art. 12), transparency/instructions for use (Art. 13), human oversight (Art. 14), accuracy/robustness/cybersecurity (Art. 15), EU database registration (Art. 71), conformity assessment (Art. 43)
Limited RiskTransparency obligations (Art. 50)
Minimal RiskNo mandatory obligations; voluntary codes of conduct encouraged

Put your high-risk systems first. They carry the heaviest burden and the steepest penalties when something slips.

Step 7: Establish Ongoing Monitoring and Re-Assessment

Classify once and forget it? That is how compliance quietly goes stale. The EU AI Act requires ongoing monitoring, and the real world rarely sits still:

  • System capabilities evolve through retraining or fine-tuning
  • Deployment contexts shift as business needs change
  • New regulatory guidance or case law may alter classification boundaries
  • Data from real-world use may surface risks nobody had identified yet

Establish a review cadence (quarterly at minimum for high-risk systems, annually for others) and define triggers for ad-hoc re-assessment (significant model updates, new deployment contexts, incident reports).

Common Pitfalls to Avoid

Under-scoping the inventory. This one bites almost everyone. Teams routinely miss AI buried in third-party SaaS tools, legacy systems with ML components quietly running underneath, or AI a single team spun up without central IT ever knowing.

Conflating "intended purpose" with "actual use." The Act requires you to assess risks under both intended use and reasonably foreseeable misuse. A system designed for customer segmentation that could plausibly end up powering discriminatory pricing needs to be assessed for exactly that misuse.

Relying too heavily on the Article 6(3) exception. The exception for Annex III systems that pose no significant risk is narrow, and regulators will read it strictly. Default to treating Annex III systems as high-risk unless you have overwhelming evidence to the contrary.

Treating risk assessment as a legal exercise only. It is not just a legal job. Good risk assessment leans on a real understanding of the system, its data, and the ways it can fail. Get your engineers in the room alongside legal and compliance, not after them.

Assess Your Compliance Today

A rigorous risk assessment asks a lot of you: expertise, structure, and documentation that holds up under scrutiny. We built AI Comply HQ to carry the heavy parts for you.

Our guided compliance interview walks you through every assessment step in this article. You answer plain-language questions about your AI system, its purpose, deployment context, affected populations, data sources, and we map each answer straight onto the EU AI Act's risk classification framework. No regulatory law degree required.

At the end, you receive:

  • A definitive risk classification with the specific articles and annexes that apply
  • A gap analysis identifying which compliance requirements you have met and which remain open
  • An action plan with prioritised steps to close compliance gaps
  • An audit-ready report you can present to regulators, clients, or your board

The interview runs 11 sections, around 70 questions per AI system. It adapts as it goes and skips whatever does not apply to you, so most people answer well under the full 70.

The August 2026 deadline is not going to wait for you. Map your first system now, while you still have room to fix what the assessment turns up.

Start your free 7-day trial and classify your first AI system today.

Update: Where the Digital Omnibus Stands (June 12, 2026)

A quick note before you act on any date in this article. The Digital Omnibus is a simplification package the European Commission proposed on November 19, 2025. It would amend several EU digital laws at once, and for the AI Act it proposes two big changes: the high-risk obligations would apply later (December 2, 2027 for the stand-alone high-risk systems listed in Annex III, and August 2, 2028 for high-risk AI embedded in regulated products), and a number of requirements would be simplified along the way.

Here is the part that matters: none of this is law yet. The European Parliament and the Council reached a provisional agreement on May 7, 2026, and formal adoption is expected, but until the final text is adopted and published, nothing changes. The dates and obligations described in this article are the ones in force today. And the rules that already apply, like the prohibited practices and the AI literacy duty, stay exactly where they are no matter what happens to the Omnibus.

We are watching this closely. The moment the Omnibus is adopted, amended, or rejected, we will update this article to reflect the new EU AI compliance dates. Check back, or run the free 90-second risk check to see your obligations under the rules as they stand right now.

Ready to assess your EU AI Act compliance?

Start a guided compliance interview, get your AI system's risk classification, and generate an audit-ready report.

Start Your Free 7-Day Trial

Not ready to sign up? Take the free 90-second risk check →