Free tool

What's your EU AI Act risk tier?

Answer six questions, get your likely risk tier under Regulation (EU) 2024/1689, your nearest compliance deadline, and what to fix first. About 60 seconds.

Runs entirely in your browser. Nothing is sent or stored. Indicative only — not legal advice.

Gate 1 of 2 · Scope — Question 1 of 6

Do you develop, sell, or deploy an AI system — or a general-purpose AI model?

Gate 1 of 2 · Scope — Question 2 of 6

Is the AI system used, or its output relied upon, within the EU?

Gate 2 of 2 · Risk tier — Question 3 of 6

Does your AI do any of the following? (subliminal manipulation; social scoring of individuals; untargeted scraping of facial images from the internet; inferring emotions in workplaces or schools; predictive policing based on profiling alone)

Gate 2 of 2 · Risk tier — Question 4 of 6

Is your AI used in any of these high-stakes areas? (recruitment or HR decisions; credit scoring or insurance pricing; education admissions or grading; critical infrastructure safety; law enforcement; migration or border control; administration of justice; biometric identification)

Gate 2 of 2 · Risk tier — Question 5 of 6

Is your system one people interact with directly (e.g. a chatbot), or does it generate or manipulate image, audio, or video content — including deepfakes?

Gate 2 of 2 · Risk tier — Question 6 of 6

Is your AI a general-purpose or foundation model that you train or substantially fine-tune?

0 of 6 answered
Indicative only — not legal advice. This tool produces a preliminary classification to help you orient, not a legal determination. Confirm your obligations against Regulation (EU) 2024/1689 and qualified legal counsel. We are a management consultancy, not a law firm.

How the EU AI Act classifies AI systems

Regulation (EU) 2024/1689 uses a risk-tiered approach. At the top, prohibited practices (Art. 5) are banned outright from 2 February 2025. High-risk systems (Art. 6 and Annex III) — covering recruitment, credit, education, critical infrastructure, law enforcement, migration, justice, and biometrics — face the heaviest obligations: risk management, data governance, technical documentation, logging, transparency to users, human oversight, and conformity assessment; Annex III obligations apply from 2 August 2026. Limited/transparency-tier systems (Art. 50) — chatbots, emotion-recognition systems, synthetic media — must disclose what they are. Minimal-risk systems face no mandatory requirements. General-purpose AI models (GPAI, Art. 51–55) have their own regime, with additional systemic-risk obligations for very large models. For the full operator's guide, see the EU AI Act compliance playbook.

Common questions

What are the EU AI Act risk tiers?

Four tiers: unacceptable/prohibited (Art. 5) — banned outright; high-risk (Art. 6 + Annex III) — heavy obligations including risk management, documentation, logging, human oversight, and conformity assessment; limited/transparency (Art. 50) — disclosure and transparency obligations for chatbots and synthetic-media generators; and minimal risk — no mandatory requirements under the Regulation.

When does the EU AI Act apply?

The Regulation is phased under Art. 113: prohibited practices apply from 2 February 2025; GPAI model rules and governance provisions from 2 August 2025; high-risk systems under Annex III (e.g. recruitment, credit, education, law enforcement) from 2 August 2026; and high-risk systems that are safety components of regulated products listed in Annex I from 2 August 2027.

What is a high-risk AI system under the EU AI Act?

A system listed in Annex III — covering recruitment and HR decision-making, credit scoring, insurance pricing, education admissions and grading, critical infrastructure safety, law enforcement, migration and border control, administration of justice, and biometric identification — or a safety component of a regulated product covered by Annex I. High-risk systems must implement risk management systems, data governance, technical documentation, automatic logging, transparency measures, human oversight, and pass conformity assessment before deployment.

Is this assessment legal advice?

No. This tool is indicative only: it helps you orient your thinking about where you may fall under Regulation (EU) 2024/1689, but it does not constitute legal advice and does not create any professional-client relationship. Confirm your obligations against the Regulation itself and qualified legal counsel before making compliance decisions.