Agnes reviews a screen showing four AI Act risk categories while classifying AI tools used by her company

EU AI Act Risk Classification for SMEs: How to Determine Your AI's Risk Class

AI Act, Compliance

Say your marketing team uses Copilot to write content. HR runs job applicants through an AI screening tool. Customer service has a chatbot running. Three AI tools, three different risk categories. But which is which?

That is exactly where the EU AI Act starts. The regulation sorts AI systems into four risk categories, and each one brings different obligations. From "no action needed" to "this is outright banned."

This post explains the four categories in plain language, shows you how to work out where your tools land, and covers the most common mistakes to avoid.

Why risk classification is the starting point for AI Act compliance

The risk category determines everything else you need to do under the AI Act. It dictates whether you need documentation, whether human oversight is required, whether you need to register in an EU database, and in some cases whether you are allowed to use the system at all.

Get it wrong and you either do too little (risking enforcement) or too much (wasting time on procedures that were never needed).

Most SMBs use AI tools that fall into the lighter categories. That is good news. But you need to be able to back it up. "We think it is minimal risk" is not enough. You need to show how you reached that conclusion.

The 4 EU AI Act risk categories explained

The AI Act works on a pyramid model. The greater the potential risk to people's rights and safety, the stricter the rules.

1. Prohibited (unacceptable risk)

Some AI practices are simply not allowed in the EU. Enforcement began in February 2025.

Examples: social scoring by public authorities, real-time remote biometric identification in publicly accessible spaces (with very narrow law enforcement exceptions), and AI that exploits people's vulnerabilities to manipulate their behaviour.

For most SMBs this category is not directly relevant. But it is worth knowing where the line sits. Read more about EU AI Act prohibited practices.

2. High risk

This is where most compliance attention lands. AI systems under Annex III must meet strict requirements: technical documentation, a risk assessment, human oversight, and registration in the EU database.

What counts as high risk? AI used in recruitment and selection (CV screening, automated candidate scoring), credit scoring, safety components in machinery, and biometric identification in limited contexts.

Using a vendor-provided tool that falls into this category? As the deployer, you have obligations too. You need to organise human oversight and keep records of how the system is used.

3. Limited risk

Transparency obligations apply here. The core requirement: people must know they are dealing with AI.

A chatbot on your website needs to make clear it is not a human. Generate AI content? Deepfakes and synthetic media must be labelled. Use ChatGPT, Copilot, or Gemini as a writing assistant? That lands here.

The obligations are manageable. No heavy documentation, no registration. Just be transparent.

4. Minimal risk

The vast majority of AI applications fall into this category. Spam filters, recommendation engines (think Netflix or Spotify), basic analytics, automatic email categorisation. No specific AI Act obligations.

That does not mean you can ignore them. They still need to be in your AI inventory so you can demonstrate you have consciously assessed them as minimal risk.

High-risk AI systems: which tools fall under Annex III?

Annex III of the AI Act lists the high-risk application areas. The most relevant ones for SMBs:

  • Recruitment and selection: AI that screens CVs, ranks candidates, or analyses job interviews
  • Credit assessment: AI that determines whether someone receives a loan, mortgage, or credit
  • Employee evaluation: AI that assesses staff performance or recommends promotions
  • Access to education: AI that assigns students or grades exams
  • Biometric identification: facial recognition and other biometric systems in limited contexts

Using Salesforce Einstein for lead scoring? Probably minimal risk. But using an AI tool that automatically decides which applicants advance to the next round? That is high-risk territory.

The distinction comes down to impact on people's rights and opportunities.

How to determine the risk class of an AI system

Classification does not need to become a legal project. Work through these four steps:

Step 1: Inventory all AI systems Map out every AI tool your organisation uses. Do not forget tools that come bundled with vendor software, like built-in AI features in your CRM, HR platform, or accounting software. Read how to set up an AI system register for a structured approach.

Step 2: Identify the purpose and type for each system What does the AI actually do? Does it write text? Screen CVs? Assess creditworthiness? The purpose of the AI largely determines the risk category.

Step 3: Check against the prohibited list and Annex III First, check whether the system falls under the prohibited category (Article 5). If not, check whether its purpose appears in the Annex III high-risk list. Not there? Then it is limited or minimal risk.

Step 4: Document your assessment Record which risk category you assigned and why. Set a review date. This is your evidence if a regulator or auditor asks questions later.

This is a self-assessment tool, not legal advice. The final risk classification is your organisation's own responsibility.

ComplianceHive AI risk classification input screen with suggestion based on AI type selection ComplianceHive captures risk class per system and suggests a classification based on the AI type you select.

In ComplianceHive you work through these steps for each system in a guided wizard. The platform suggests a risk category based on the AI type you select, and you can confirm or override the suggestion. All changes run through a ChangeRequest audit trail, so you can always trace back who decided what. Find out more about the AI Act compliance software.

Common mistakes in risk classification

"We only use ChatGPT, so we have nothing to do." Not accurate. ChatGPT falls under limited risk, which means transparency obligations apply. And if you use ChatGPT for high-risk purposes (like assessing job applicants), the classification changes with it.

"Our vendor takes care of that." The AI Act places obligations on both providers and deployers. The fact that your vendor built the system does not release you from your own responsibilities as a user. You need to organise human oversight yourself and track how you use the system. Make sure your vendor documentation is in order.

"We classify everything as minimal risk and move on quickly." That is actually risky. If a regulator determines that one of your systems is high risk while you labelled it minimal, the situation looks bad. The documentation of your assessment process matters as much as the outcome.

"AI Act does not apply until 2027, we have time." The prohibitions on unacceptable AI have been in force since February 2025. Rules for high-risk systems are coming into effect in stages through 2025 and 2026. Waiting until 2027 is too late.

"We do it once and it is done." Risk classification is not a one-time exercise. If you start using a tool for a different purpose, if the vendor updates the AI functionality, or if the legislation changes, you need to reassess.

Frequently asked questions

Is ChatGPT high-risk under the EU AI Act?

No. ChatGPT and similar general-purpose AI models like Copilot and Gemini are typically limited risk. That means transparency obligations apply: users must know they are interacting with AI. If you use ChatGPT for a high-risk purpose (for example, screening job applicants) the classification changes. It is not about the tool itself, but about how you use it.

Do I need to assess every AI tool my company uses?

Yes. The AI Act expects organisations to maintain an inventory of all AI systems in use, including vendor-provided tools. You do not need a detailed report for every tool, but you do need to know which AI you are using, what it is used for, and which risk category it falls into. Start with a complete list and work from there.

What are the consequences of misclassifying an AI system?

Classifying too low means you miss required steps like documentation and human oversight. If checked, this can result in enforcement action and fines. Classifying too high leads to unnecessary work and wasted resources. In both cases, a well-documented assessment process helps. Even if the outcome is not perfect, the documentation shows you worked through the process carefully.

How often should I review the risk classification?

The AI Act does not prescribe a fixed frequency. But review makes sense when something changes: you use a tool for a new purpose, the vendor updates the AI functionality, or the legislation changes. An annual review is a practical starting point. Note a review date when you first classify each system so you do not lose track.

What is the difference between limited risk and minimal risk?

Limited risk comes with transparency obligations. Chatbots must disclose they are AI. Deepfakes and synthetic media must be labelled. Minimal risk carries no specific AI Act obligations. The difference is practically small, but the label determines whether you need to act on transparency. Spam filters and recommendation engines? Minimal risk. A chatbot on your customer service? Limited risk.

Start gaining control over your vendors and software today

Let ComplianceHive help you with ISO 27001, GDPR, vendor management, and more. No hassle, no spreadsheets, just clarity. Start now with a free 1-month trial. No credit card required, no hidden fees. Discover the Busy Hive plan and manage up to 25 tools and vendors in one overview.

Try 1 month for free