2026-05-28·5 min read·sota.io Team

EU AI Act High-Risk Classification Compliance Stack Finale 2026: Complete Annex III Developer Toolkit

Post #1348 in the sota.io EU AI Act Compliance Series — EU-AI-ACT-HIGH-RISK-CLASSIFICATION-2026 Finale (#5/5)

EU AI Act High-Risk Classification Compliance Stack 2026

August 2, 2026 is ten weeks away. If your AI system falls under Annex III of the EU AI Act, you have less than three months to achieve full compliance or face penalties of up to €30 million or 6% of global annual turnover — the highest tier in the regulation.

This is the final post in our five-part EU AI Act High-Risk Classification series. Rather than introducing new concepts, this article does what finales do best: it synthesises the entire compliance journey into one authoritative developer toolkit. You'll find the complete classification decision framework, the full compliance stack, tooling recommendations, a 16-week implementation timeline, and cost estimates — everything a SaaS developer needs to navigate Annex III before enforcement begins.

What the Series Covered

Over the past four posts, we built up the complete high-risk compliance picture from scratch:

Post	Focus	Key Deliverables
#1344 — Developer Self-Assessment	Annex III classification	8-domain decision tree, exclusion logic, edge cases
#1345 — Annex III Deep Dive: HR/Healthcare/Recruiting	Domain-specific rules	What triggers high-risk in employment, healthcare, education
#1346 — Conformity Assessment & Technical Documentation	QMS + CE marking	Technical file structure, notified body workflow, EU DoC
#1347 — Post-Market Monitoring & Surveillance	Article 72/73	PMMP, incident reporting, serious incident SLAs

This finale integrates all five layers — adding the compliance stack architecture that connects them.

Part 1: The Definitive Annex III Classification Framework

Before any compliance work begins, you must determine whether your AI system is high-risk. The EU AI Act defines high-risk across eight domains in Annex III. Here is the complete decision framework.

Step 1: Apply the Three-Part Test

An AI system is high-risk under Annex III if all three conditions are true:

It is an AI system (not merely a statistical model or rule-based system without adaptive elements)
It operates in one of the eight Annex III domains (see below)
It presents significant risk to health, safety, or fundamental rights of natural persons

The May 2026 Draft Guidelines from the AI Office introduced additional guidance on step 3: systems that are "limited in functionality, scope, or impact" may qualify for a low-risk exception even if they appear in an Annex III domain. This exception requires documented justification in your technical file.

Step 2: Map to the Eight Annex III Domains

Annex III Domain Map (simplified, always verify against official text)

├── 1. Biometric Systems
│   ├── Real-time remote biometric identification in public spaces → HIGH-RISK (very limited exceptions)
│   ├── Post-remote biometric identification → HIGH-RISK
│   └── Biometric categorisation (assigning people to categories) → HIGH-RISK
│
├── 2. Critical Infrastructure
│   ├── Safety components of infrastructure managed by public/private operators → HIGH-RISK
│   └── Digital infrastructure (power grids, water, transport, financial) → HIGH-RISK
│
├── 3. Education & Vocational Training
│   ├── Access to educational/vocational institutions (admissions) → HIGH-RISK
│   ├── Assessment of students (exams, evaluations) → HIGH-RISK
│   └── Career counselling and guidance → NOT HIGH-RISK (removed in Omnibus)
│
├── 4. Employment & HR
│   ├── Recruitment and selection (CV filtering, ranking, interviews) → HIGH-RISK
│   ├── Promotion, termination decisions → HIGH-RISK
│   ├── Work allocation and monitoring → HIGH-RISK
│   └── Benefits/salary administration → NOT HIGH-RISK
│
├── 5. Essential Services
│   ├── Creditworthiness assessment → HIGH-RISK
│   ├── Social services eligibility → HIGH-RISK
│   ├── Emergency services dispatching → HIGH-RISK
│   └── Life/health insurance pricing → HIGH-RISK
│
├── 6. Law Enforcement
│   ├── Individual risk assessment (crime prediction) → HIGH-RISK
│   ├── Lie detection and psychological analysis → HIGH-RISK
│   └── Evidence reliability assessment → HIGH-RISK
│
├── 7. Migration & Asylum
│   ├── Polygraph/deception detection at borders → HIGH-RISK
│   ├── Risk assessment of persons → HIGH-RISK
│   └── Asylum application examination → HIGH-RISK
│
└── 8. Justice & Democracy
    ├── Factual research/interpretation assistance for courts → HIGH-RISK
    ├── Alternative dispute resolution → HIGH-RISK
    └── Electoral/political campaigns → HIGH-RISK

Step 3: Apply Annex III Exclusions

Three categories are explicitly excluded from Annex III classification even if they operate in the above domains:

Exclusion 1 — Narrow Safety Tasks: AI systems performing well-defined, constrained tasks with limited decision scope (e.g., spell-checkers in HR software, routing suggestions in emergency dispatch) where humans retain full decision authority.

Exclusion 2 — Pattern Detection Without Individual Assessment: AI systems that detect statistical patterns across populations without making individual-level decisions (e.g., workforce analytics dashboards showing aggregate trends, not individual employee risk scores).

Exclusion 3 — Preparatory AI Systems: AI used solely to prepare materials for human review, where the AI output is never used directly in decision-making (e.g., AI that generates a first draft of a performance review that is always substantively rewritten by a manager).

Document which exclusion applies. Vague claims of exclusion without evidence are insufficient — regulators will expect a formal justification in your technical file.

The Classification Decision Template

# classification_decision.py — Document this for your technical file

CLASSIFICATION_RECORD = {
    "system_name": "YourAISystem v2.3",
    "assessment_date": "2026-05-28",
    "assessor": "CTO / AI Compliance Officer",
    
    "step1_is_ai_system": True,  # Not a rule-based deterministic system
    "step1_evidence": "Uses ML model trained on XYZ dataset, adaptive behavior confirmed",
    
    "step2_annex3_domain": "Employment & HR",  # Or None if not applicable
    "step2_subdomain": "Recruitment — CV ranking for shortlisting",
    "step2_evidence": "System ranks candidate CVs before human review",
    
    "step3_risk_to_persons": True,
    "step3_evidence": "Directly affects hiring decisions for natural persons",
    
    "exclusion_claimed": None,  # Or "Exclusion 1/2/3" with evidence
    
    "final_classification": "HIGH-RISK",
    "next_review_date": "2026-11-01",  # After any material system changes
}

Part 2: The Five-Layer Compliance Stack

For systems classified as high-risk, compliance requires five integrated layers. Each layer corresponds to a specific set of legal obligations under the EU AI Act.

EU AI Act High-Risk Compliance Stack
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Layer 5: Post-Market Monitoring (Art. 72/73)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Layer 4: Market Placement (Art. 48-50, EU DoC)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Layer 3: Conformity Assessment (Art. 43-47)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Layer 2: QMS + Technical Documentation (Art. 9-17)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Layer 1: Risk Management System (Art. 9)
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━

Layer 1: Risk Management System (Article 9)

The foundation of high-risk compliance. Article 9 requires a documented, iterative risk management system covering the entire AI lifecycle.

What it requires:

A risk management plan identifying all foreseeable risks to health, safety, and fundamental rights
Risk mitigation measures proportionate to the identified risks
Testing procedures that validate mitigation effectiveness
Residual risk documentation where full mitigation is not feasible
Annual review and update cycle (minimum)

Practical implementation:

Risk Management Documentation Structure
├── risk_register.xlsx           # All identified risks with severity, likelihood, mitigation
├── mitigation_testing.md        # How each mitigation was tested and validated
├── residual_risks.md            # Risks not fully mitigated, with justification
├── stakeholder_consultation.md  # How affected groups were consulted
└── annual_review/
    ├── 2026-review.md
    └── 2027-review.md           # Required at least annually

Tools for Layer 1:

IBM OpenPages — GRC platform with AI risk management modules, EU Frankfurt data centre
OneTrust AI Governance — Risk register + mitigation tracking, GDPR-aligned
ServiceNow GRC (GovCloud DE) — Enterprise-grade, Bundesdruckerei-certified infrastructure
Open source: OWASP AI Security Project risk templates, EU AI Office risk management guidance

Key metric: Every risk in your risk register must have a documented mitigation with evidence of testing. Unmitigated high-severity risks will block conformity assessment.

Layer 2: QMS and Technical Documentation (Articles 9-17)

Article 17 requires a Quality Management System covering development, deployment, and operation. Articles 11-13 specify the technical documentation that must accompany every high-risk AI system placed on the EU market.

Technical Documentation Mandatory Components (Art. 11 + Annex IV):

Technical File: Required Sections
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
1. General Description
   ├── System description and intended purpose
   ├── System architecture (block diagram)
   ├── Version history and change log
   └── Interaction with other AI systems

2. Detailed System Description
   ├── Training methodology and datasets
   ├── Validation and testing procedures
   ├── Hardware requirements
   └── Computational requirements

3. Development Process
   ├── Training data: sources, curation, statistics
   ├── Validation data: representativeness analysis
   ├── Test data: out-of-distribution evaluation
   └── Data governance procedures

4. Performance Metrics
   ├── Accuracy metrics with confidence intervals
   ├── Bias analysis across demographic groups
   ├── Robustness testing (adversarial inputs)
   └── Fairness metrics (equalised odds, demographic parity)

5. Risk Management Documentation
   └── (Links to Layer 1 artifacts)

6. Transparency for Deployers (Art. 13)
   ├── Instructions for use
   ├── Intended purpose and limitations
   ├── Human oversight procedures
   └── Expected maintenance requirements

7. Cybersecurity Measures (Art. 15)
   └── Resilience against adversarial attacks, data poisoning, model evasion

Technical Documentation Tooling:

Confluence + Jira (Atlassian Data Center, EU-hosted) — Documentation + change tracking
DVC (Data Version Control) — Open source, dataset versioning for training data traceability
MLflow (self-hosted, EU sovereign) — Experiment tracking, model registry, run provenance
Weights & Biases Teams (EU data residency option) — Model cards, training documentation
ModelCards Toolkit (Google, open source) — Structured model documentation format

QMS for Software Companies: Most SaaS companies won't have a traditional ISO 9001 QMS. Instead, structure your QMS around your existing software development processes:

ISO/IEC 42001 (AI Management System) — The AI-specific management system standard, aligns directly with Art. 17
ISO 27001 — Information security management, satisfies Art. 15 cybersecurity requirements
IEC 62443 — For critical infrastructure components in your AI system

Layer 3: Conformity Assessment (Articles 43-47)

Conformity assessment is how you formally verify that your AI system meets all EU AI Act requirements before placing it on the EU market.

Two Pathways:

Pathway A — Self-Assessment (most SaaS use cases): Available for all Annex III systems except:

Biometric identification systems
AI systems used for real-time remote biometric identification

Self-assessment involves:

Completing the internal conformity assessment checklist (per Annex VI)
Reviewing all technical documentation for completeness
Executing the testing procedures documented in the technical file
Signing the EU Declaration of Conformity (EU DoC)
Affixing CE marking
Registering in the EU AI Act database

Pathway B — Third-Party Assessment (notified body required): Required for biometric systems and AI in Annex III domains where self-assessment is prohibited. Notified bodies are designated by EU Member States. As of May 2026, approximately 40 notified bodies have been designated across the EU, with concentrations in Germany (TÜV SÜD, TÜV Rheinland), France (Bureau Veritas, AFNOR), Netherlands (Kiwa, DNV), and the Nordics (RISE, SGS).

Conformity Assessment Workflow:

Week 1-4: Gap Analysis
├── Map current documentation against Annex IV requirements
├── Identify missing tests or documentation
└── Prioritise remediation by risk level

Week 5-10: Technical File Completion
├── Complete all missing documentation
├── Execute required tests
└── Document results with evidence

Week 11-12: Internal Audit
├── Independent review of technical file
├── Verify EU DoC is complete and accurate
└── Check CE marking requirements

Week 13-14: Registration
├── Register in EU AI Act database (EUID number)
├── EU DoC signed and archived
└── CE marking affixed to product/documentation

EU Declaration of Conformity (EU DoC) Template:

EU DECLARATION OF CONFORMITY

1. AI system identification: [Name, version, model number]
2. Provider name and address: [Your company details]
3. Statement of conformity: "We declare under our sole responsibility that 
   the AI system described above is in conformity with Regulation (EU) 
   2024/1689 of the European Parliament and of the Council."
4. References to harmonised standards applied: [ISO 42001, IEC 62443, etc.]
5. Notified body details (Pathway B only): [NB name, number, certificate ref]
6. EU AI Act database EUID number: [Issued upon registration]
7. Place and date of issue
8. Signature of authorised representative

Layer 4: Market Placement Requirements (Articles 48-50)

Once conformity assessment is complete, three activities gate market placement.

1. EU AI Act Database Registration (Art. 49)

All high-risk AI systems must be registered in the EU AI Act database before being placed on the EU market. The database captures:

Provider identification
Intended purpose and Annex III category
Summary of risk assessment
Conformity assessment outcome
EU DoC reference

The database generates a unique European AI Identifier (EUID) that must appear on the CE marking documentation. As of Q2 2026, the European Commission's EU AI Act Compliance Portal is operational at eu-ai-act-compliance.europa.eu (in beta as of publication — verify current URL with the AI Office).

2. CE Marking (Art. 48)

CE marking for high-risk AI systems differs from traditional product CE marking:

Applied to the system's documentation, not necessarily a physical product
Must reference the EU DoC
Includes the four-digit year of first affixion

For SaaS: Apply CE marking to your Terms of Service, product documentation, and the EU AI Act database entry. Physical affixion is not required for software-only systems, but the marking must be visible in all technical and commercial documentation presented to deployers.

3. Instructions for Deployers (Art. 13)

Deployers are the businesses that use your high-risk AI system in their products or services. You must provide them with instructions sufficient to enable their own compliance:

## Required Deployer Information (Art. 13 Checklist)

- [ ] Intended purpose of the AI system
- [ ] Level of accuracy, robustness, and cybersecurity tested
- [ ] Known and foreseeable risks relevant to deployers
- [ ] Changes that would constitute "substantial modification" (requiring re-assessment)
- [ ] Performance on different demographic groups (if applicable)
- [ ] Hardware requirements
- [ ] Data retention requirements for monitoring logs
- [ ] Human oversight requirements and procedures
- [ ] Expected operational lifetime
- [ ] Contact point for reporting serious incidents

Layer 5: Post-Market Monitoring System (Articles 72-73)

Once your system is live, the obligation shifts to ongoing surveillance. Layer 5 is not a one-time activity — it runs for the entire operational lifetime of your AI system.

Post-Market Monitoring Plan (PMMP) — Core Elements:

Article 72 requires a documented PMMP. At minimum, it must specify:

PMMP Element	Description	Update Frequency
Data collection scope	What system inputs/outputs are logged	On deployment
Performance baselines	Initial accuracy, fairness, drift thresholds	On deployment
Monitoring frequency	How often metrics are reviewed	Monthly (minimum)
Anomaly response procedures	What triggers escalation	On deployment
User feedback channels	How deployers/users report issues	On deployment
Serious incident definition	What triggers Art. 73 reporting	On deployment
Report distribution	Who receives monitoring reports	Annually (minimum)

Article 73 Serious Incident Reporting:

The most time-sensitive compliance obligation in Annex III. When a serious incident occurs:

Serious Incident Classification & Response

Tier 1: DEATH or SERIOUS IRREVERSIBLE HARM to persons
→ Report to national market surveillance authority
→ Timeline: WITHOUT UNDUE DELAY (in practice: 15 days maximum)
→ Also: Notify European AI Office within same window

Tier 2: SERIOUS INFRASTRUCTURE DISRUPTION
→ Same reporting requirements as Tier 1
→ Includes: Critical infrastructure failure, systemic failures affecting many persons

Tier 3: BREACH OF FUNDAMENTAL RIGHTS
→ Report to national authority + European AI Office
→ Timeline: WITHOUT UNDUE DELAY

Tier 4: SERIOUS HEALTH OR SAFETY RISK (discovered but no harm yet)
→ Report to national authority
→ Timeline: IMMEDIATELY (72 hours for life-threatening situations)

Automated Monitoring Implementation:

# monitoring_dashboard.py — Core metrics to track

MONITORING_CONFIG = {
    "performance_metrics": {
        "accuracy": {"baseline": 0.94, "alert_threshold": 0.90, "critical_threshold": 0.85},
        "demographic_parity_ratio": {"baseline": 0.97, "alert_threshold": 0.90, "critical_threshold": 0.80},
        "false_positive_rate_gap": {"baseline": 0.02, "alert_threshold": 0.05, "critical_threshold": 0.10},
    },
    "drift_detection": {
        "psi_threshold": 0.25,          # Population Stability Index
        "csi_threshold": 0.25,          # Characteristic Stability Index
        "check_frequency_hours": 24,
    },
    "incident_classification": {
        "death_or_serious_harm": "Tier1",
        "infrastructure_disruption": "Tier1",
        "fundamental_rights_breach": "Tier3",
        "serious_health_risk": "Tier4",
    },
    "reporting_contacts": {
        "national_authority": "authority@your-country-nca.gov",
        "eu_ai_office": "ai-office@ec.europa.eu",
        "internal_dpo": "dpo@yourcompany.com",
    }
}

Part 3: The Complete EU AI Act High-Risk Tool Stack

Here is the complete tooling recommendation for each compliance layer, emphasising EU-sovereign options.

Classification & Risk Assessment Tools

Tool	Type	EU Sovereignty	Use Case
IBM OpenPages	Commercial	Frankfurt DC	Enterprise GRC + AI risk register
OneTrust AI Governance	Commercial	EU data residency	Risk management + incident tracking
FAIR-Assess (open source)	Open source	Self-hosted	Factor Analysis of Information Risk
EU AI Office Risk Templates	Government	N/A (templates)	Annex III self-assessment worksheets
DataGuard (Munich)	EU-native	Germany-only	SME compliance management

Technical Documentation Platforms

Tool	Type	EU Sovereignty	Use Case
Confluence Data Center	Commercial	Self-hosted EU	Technical file authoring + versioning
MLflow (self-hosted)	Open source	Your EU cloud	Experiment tracking, model cards
DVC	Open source	Git-based	Dataset versioning, training provenance
ModelCards Toolkit	Open source	Self-hosted	Structured model documentation
Docusaurus (static)	Open source	Any EU host	Public-facing compliance documentation

Conformity Assessment & Testing

Tool	Type	EU Sovereignty	Use Case
TÜV SÜD AI Conformity	Notified Body (DE)	Germany	Pathway B assessment
Bureau Veritas AI	Notified Body (FR)	France	Pathway B assessment
Fiddler AI	Commercial	EU deployment	Bias testing, fairness evaluation
Arthur AI	Commercial	EU deployment	Model performance testing
Giskard (Paris)	EU-native	France	LLM vulnerability scanning + bias testing
pytest + custom	Open source	Any host	Automated conformity test suite

Monitoring & Surveillance

Tool	Type	EU Sovereignty	Use Case
Grafana (self-hosted)	Open source	Any EU host	Monitoring dashboards
Prometheus	Open source	Any EU host	Metrics collection + alerting
Evidently AI	Open source	Self-hosted	Data drift + model performance
WhyLabs	Commercial	EU option	Production ML monitoring
Arize Phoenix	Open source	Self-hosted	LLM observability + tracing
sota.io	PaaS	EU-sovereign	Host all monitoring infrastructure

EU-Sovereign Infrastructure for Compliance Data

High-risk AI compliance generates significant amounts of regulated data:

Technical documentation: Must be accessible to national supervisory authorities for 10 years post-market withdrawal
Monitoring logs: Must be retained for a period proportionate to the system's risk profile (typically 3-5 years minimum)
Incident records: Retained indefinitely for serious incidents involving harm to persons
Training data governance records: As long as the model is in operation + 5 years

All of this data falls under GDPR when it contains personal data — and in high-risk AI contexts, it almost always does. Hosting this compliance data on US cloud platforms introduces CLOUD Act risk: US law enforcement can compel access to data held by US companies regardless of where the data physically resides.

The EU-sovereign compliance infrastructure stack:

Option A: Managed EU PaaS (sota.io)
├── Technical file storage → EU-sovereign object storage
├── MLflow → EU-sovereign container hosting
├── Grafana/Prometheus → EU-sovereign monitoring stack
├── Incident log database → GDPR-compliant EU SQL
└── Audit trail → Tamper-evident EU logging

Option B: EU IaaS (Hetzner/OVHcloud/Scaleway)
├── More control, more operational overhead
├── You manage GDPR compliance architecture
└── Suitable for teams with dedicated DevOps

Option C: Hyperscaler EU Regions (AWS eu-central-1, Azure germanywestcentral)
├── Available but CLOUD Act risk remains
├── Contractual protections do not eliminate US government access
└── ECJ Schrems II ruling implications still apply

Part 4: 16-Week Implementation Timeline

For teams starting from zero, this is a realistic timeline to achieve Annex III compliance before the August 2026 enforcement deadline.

Weeks 1-2: Classification & Gap Analysis

Complete the three-part classification test (Part 1 of this article)
Document classification decision in your technical file
Identify all mandatory Annex IV documentation elements you currently lack
Prioritise remediation items by risk level

Weeks 3-5: Risk Management System

Build initial risk register covering all foreseeable risks
Document mitigation measures for all high/critical risks
Execute mitigation validation tests
Draft residual risk justifications

Weeks 6-9: Technical Documentation Completion

Complete Annex IV technical file elements (see Layer 2 above)
Set up DVC or equivalent for dataset versioning
Run bias analysis and fairness testing across demographic groups
Document training, validation, and test dataset statistics
Write deployer instructions (Art. 13)

Weeks 10-12: Conformity Assessment

Execute internal conformity assessment against Annex VI checklist
Independent internal review of technical file
Draft EU Declaration of Conformity
Register in EU AI Act database (obtain EUID)

Weeks 13-14: Market Placement

Affix CE marking to all applicable documentation
Publish deployer instructions
Brief customer success team on high-risk AI disclosure requirements
Update Terms of Service to reference EU DoC and EUID

Weeks 15-16: Post-Market Monitoring Setup

Deploy monitoring infrastructure (Grafana + Prometheus + Evidently)
Configure alerting thresholds and on-call procedures
Write PMMP and socialise with engineering team
Establish Art. 73 incident reporting workflow (who does what, when)
Run tabletop exercise simulating a Tier 1 serious incident

Part 5: Cost Breakdown

Compliance costs vary significantly by company size and existing infrastructure maturity. Here are realistic estimates:

Small SaaS (1-50 employees, single high-risk AI system)

Component	One-Time	Annual
Legal/compliance counsel (40-80 hrs)	€8,000-€15,000	€3,000-€5,000
Technical documentation (internal effort)	€5,000-€10,000	€2,000-€4,000
Conformity assessment tooling	€2,000-€5,000	€2,000-€5,000
Monitoring infrastructure (EU-hosted)	€1,000-€3,000	€3,000-€8,000
Notified body (if Pathway B required)	€15,000-€40,000	€5,000-€15,000
Total (Pathway A, self-assessment)	€16,000-€33,000	€10,000-€22,000
Total (Pathway B, notified body)	€31,000-€73,000	€15,000-€37,000

Mid-Market SaaS (50-500 employees, 2-5 high-risk AI systems)

Component	One-Time	Annual
Dedicated AI compliance officer (0.5 FTE)	—	€40,000-€70,000
GRC platform (IBM OpenPages or equivalent)	€20,000-€50,000	€15,000-€30,000
Technical documentation infrastructure	€10,000-€20,000	€5,000-€10,000
Monitoring stack (per system)	€5,000-€10,000	€8,000-€15,000
External conformity assessments	€30,000-€80,000	€10,000-€30,000
Total per AI system	€65,000-€160,000	€78,000-€155,000

Cost reduction levers:

ISO/IEC 42001 certification — Amortises documentation effort across multiple AI systems
EU-sovereign PaaS — Reduces infrastructure compliance overhead vs. building on US hyperscalers
Open source monitoring — Grafana + Prometheus + Evidently replaces €20,000+/year SaaS tools
Shared notified body assessments — Industry consortia increasingly offering shared assessment programmes for common AI system types

Part 6: The Minimum Viable Compliance Checklist

If your team is resource-constrained and needs to prioritise, here is the minimum viable checklist for Annex III compliance.

Must-Have by August 2026

Classification decision documented with three-part test evidence
Risk register with mitigation for all high/critical risks
Technical file covering all Annex IV elements (even if brief)
Bias testing results across relevant demographic groups
Deployer instructions (Art. 13) published and accessible
EU AI Act database registration completed (EUID obtained)
EU Declaration of Conformity signed by authorised representative
CE marking on all applicable product documentation
PMMP (Post-Market Monitoring Plan) documented
Art. 73 incident reporting workflow established and tested

Should-Have by October 2026

ISO/IEC 42001 certification (or roadmap to certification)
Automated monitoring with drift detection and alerting
Annual review process for risk management and technical file
Deployer training materials on human oversight requirements
Audit log infrastructure with 10-year retention capability

Nice-to-Have (competitive advantage)

Real-time bias monitoring dashboard visible to deployers
Public AI transparency report (voluntary, builds trust)
EU-sovereign compliance data infrastructure (CLOUD Act risk eliminated)
External annual audit by notified body even when self-assessment suffices

Why EU Hosting Matters for High-Risk AI Compliance Data

High-risk AI systems produce compliance data that is simultaneously:

Legally regulated (GDPR for personal data in training sets and monitoring logs)
Strategically sensitive (technical documentation reveals competitive AI methods)
Regulatorily required (authorities must be able to access it for 10 years)

When this data lives on US-headquartered cloud platforms, the CLOUD Act creates an irresolvable tension: EU law may require data to stay in Europe; US law can compel the platform provider to hand it over to US authorities regardless of physical location. The ECJ's Schrems II ruling and the continuing uncertainty around EU-US data transfers make this a genuine compliance risk.

What EU-sovereign hosting eliminates:

CLOUD Act compelled access by US government without EU judicial oversight
Transfer impact assessment requirements for compliance data
Residual risk of US surveillance exposure for personnel data in training sets
Documentation burden explaining US transfer mechanisms to EU supervisory authorities

For high-risk AI specifically: The stakes are higher than for ordinary SaaS. A regulatory investigation into a high-risk AI system that caused harm will involve intensive technical file review. If your technical file lives on an S3 bucket governed by US law, you may face a compliance paradox: EU authorities need the data, but production of it may create obligations under US law that conflict with GDPR.

The cleanest answer: run your compliance infrastructure on EU-sovereign platforms (Hetzner, OVHcloud, Scaleway, or a PaaS like sota.io) where EU law is the only governing jurisdiction.

Series Retrospective: EU AI Act High-Risk Classification in Five Posts

Over the five posts in this series, we covered the complete journey from "does this apply to me?" to "how do I maintain compliance long-term":

Post	Core Contribution	Biggest Insight
#1344	Three-part classification test + decision tree	Most AI systems that feel high-risk actually aren't — the Annex III exclusions are broader than companies realise
#1345	Domain-specific rules for HR/healthcare/education	The Omnibus removed career counselling from Annex III — significant relief for many HR AI vendors
#1346	Conformity assessment + CE marking workflow	Self-assessment is available for most Annex III systems; notified bodies are only mandatory for biometric identification
#1347	Post-market monitoring + Art. 73 reporting	The 15-day reporting timeline for serious incidents is the most operational challenge — it requires 24/7 on-call readiness
#1348	Complete stack + implementation timeline + costs	€16,000-€33,000 is achievable for small teams on Pathway A — compliance is expensive but not prohibitive

What Comes Next

The EU AI Act high-risk compliance landscape will continue evolving throughout 2026:

June 2026: Consultation closes on the AI Office's Draft Guidelines for Annex III classification. Final guidelines expected Q3 2026. Watch for changes to the education domain (career counselling removal is contested) and the biometric categorisation definitions.

August 2026: GPAI transparency obligations (Article 50) enter enforcement alongside high-risk AI Act compliance. If your high-risk AI system also generates AI content, you have dual obligations.

2027: EU AI Act database becomes mandatory for all high-risk AI systems. Early registrations made in 2026 may need updating as the database specification finalises.

2027-2028: National market surveillance authorities begin active enforcement investigations. Companies with documented, audit-ready technical files will be significantly better positioned than those scrambling to reconstruct documentation retroactively.

The window to do this proactively is now. Ten weeks is enough time for a well-resourced team to achieve Pathway A compliance. Start with the classification decision, build the risk register, and let the technical file grow iteratively rather than trying to produce it all at once.

This is the fifth and final post in the EU-AI-ACT-HIGH-RISK-CLASSIFICATION-2026 series. For the complete series: Developer Self-Assessment, Annex III HR/Healthcare Deep Dive, Conformity Assessment & CE Marking, Post-Market Monitoring.

EU AI Act compliance requirements continue to evolve. Consult qualified legal counsel for advice specific to your AI systems and business context.

EU-Native Hosting

Ready to move to EU-sovereign infrastructure?

sota.io is a German-hosted PaaS — no CLOUD Act exposure, no US jurisdiction, full GDPR compliance by design. Deploy your first app in minutes.

Join the waitlist View pricing