AI System Risk Classification

Last updated: Edit on GitHub

How the Aikraft Classifier Works

Aikraft’s classifier maps your AI system to the EU AI Act’s risk framework using a structured questionnaire combined with a rule-based inference engine trained on the Act’s recitals, annexes, and the European Commission’s published guidelines.

The process has three stages:

  1. Domain pre-screening: Your system’s domain and purpose are checked against Annex III’s eight high-risk categories. If a potential match exists, the questionnaire is extended with domain-specific questions.
  2. Questionnaire scoring: Each answer contributes to a risk signal. Signals are weighted by their regulatory significance (for example, processing biometric data carries a higher weight than processing anonymised data).
  3. Tier determination: The aggregated signals are resolved against the Act’s decision logic to produce a final tier. The classifier explains every factor that influenced the outcome.

Classification results are versioned. If you update a system and re-run classification, both versions are retained in the audit log.

The Four EU AI Act Risk Tiers

TierDefinitionRegulatory consequence
Unacceptable RiskSystems that pose a clear threat to fundamental rights (e.g., social scoring by public authorities, real-time biometric surveillance in public spaces)Prohibited outright. These systems cannot be placed on the EU market.
High RiskSystems listed in Annex III or embedded in products covered by specific EU safety legislationFull compliance obligations: conformity assessment, technical documentation, human oversight, registration in the EU database
Limited RiskSystems with transparency obligations only (e.g., chatbots, deepfake generators)Must inform users they are interacting with an AI system
Minimal RiskAll other AI systemsNo mandatory obligations under the Act, though voluntary codes of conduct apply

Annex III: The Eight High-Risk Categories

If your system falls into any of the following categories, it is classified as high risk regardless of other factors:

  1. Biometric identification and categorisation — real-time or post-hoc remote identification of individuals
  2. Critical infrastructure — AI managing water, gas, electricity, transport, or financial networks
  3. Education and vocational training — systems determining access to educational institutions or assessing students
  4. Employment and workforce management — recruitment tools, performance evaluation, task allocation, promotion, and termination decisions
  5. Essential private and public services — creditworthiness assessment, insurance pricing, public benefit eligibility
  6. Law enforcement — predictive policing, evidence reliability assessment, crime analytics
  7. Migration and border control — risk profiling, asylum eligibility, document verification
  8. Administration of justice — systems assisting in judicial decisions or dispute resolution

The Classification Questionnaire

The questionnaire contains 10 to 15 questions. The first five are asked for every system; additional questions are triggered based on your answers.

Core questions (all systems):

  1. What is the primary output of this system? (prediction, recommendation, decision, content generation, optimisation)
  2. Who are the subjects of the system’s outputs? (individuals, organisations, no direct subjects)
  3. Is the system’s output used to make or inform decisions that significantly affect individuals?
  4. Does a human review outputs before they are acted upon? If so, can that human meaningfully override the system?
  5. In which country or countries is the system deployed?

Extended questions (triggered by domain or earlier answers):

  1. Does the system process biometric data, health records, or financial history?
  2. Is the system used in hiring, performance evaluation, or termination decisions?
  3. Does the system operate in a safety-critical environment where errors could cause physical harm?
  4. Is the system used by or on behalf of a public authority?
  5. Does the system rank, score, or filter individuals from a pool?
  6. Is the system’s decision-making process explainable to the affected individual?
  7. What is the scale of deployment? (pilot, single organisation, multi-tenant, EU-wide)

Interpreting Your Results

After classification, the results screen shows:

  • Risk tier badge with the governing legal basis
  • Annex III match (if applicable) with the specific category and sub-point cited
  • Key factors list — the specific answers that drove the classification, each linked to the relevant article or recital
  • Obligations summary — a plain-English list of what you must do next

A confidence indicator (High / Medium / Low) reflects how clearly the system fits the tier. A Medium or Low confidence rating means borderline factors exist; you may want to consult a legal adviser before proceeding.

Classification Examples

CV Screening Tool → High Risk (Annex III, Category 4)

A tool that automatically ranks job applicants based on CV text and structured interview scores falls under Annex III Category 4 (employment and workforce management). Even if a human recruiter makes the final call, the system is high risk because its output materially influences an employment decision affecting individuals. Obligations include: technical documentation, human oversight measures, a conformity assessment, and registration in the EU AI Act database before deployment.

Customer Service Chatbot → Limited Risk

A chatbot that handles billing enquiries and routes escalations to human agents does not fall into any Annex III category. It does, however, have a transparency obligation: users must be informed they are interacting with an AI system, not a human. No conformity assessment or technical documentation is required, but Aikraft recommends maintaining voluntary documentation as a best practice.

Appealing or Re-Classifying a System

If you believe a classification is incorrect:

  1. Navigate to Classify > [System Name] > Classification History.
  2. Click Request Re-classification and describe the basis for the appeal (e.g., a misunderstood question, a system change, or a legal interpretation).
  3. Aikraft’s compliance team reviews the request within 3 business days and may request additional information.
  4. If you change the system itself (new training data, new use case, new deployment country), click Re-run Classification directly — no appeal process is needed.

Re-classification resets the documentation status for high-risk systems because the underlying compliance obligations may have changed. Existing documentation drafts are archived, not deleted.