Classification Is the First Legal Obligation. Most Teams Get It Last.

Classification is the decision everything else hangs on, and it is the one organisations most often leave until last. Under the EU AI Act, where a system sits, prohibited, high-risk, transparency-only, or unregulated, determines every obligation that follows. Start the compliance work before settling the tier and you are building on sand.

The tiers differ in kind, not just degree. Prohibited systems under Article 5 are banned outright, with no compliance pathway, and the eight prohibitions have applied since February 2025. High-risk systems under Article 6 and Annex III carry the full weight of the Act. Limited-risk systems owe transparency duties under Article 50. Everything else, the large majority of commercial AI, is effectively unregulated by the Act.

Misclassification is expensive in both directions. Deploying a prohibited system risks fines up to 35 million euro or 7% of global turnover. Classifying a high-risk system as something lighter risks fines up to 15 million euro or 3%, plus the exposure of having shipped an unassessed high-risk system.

The August 2026 deadline for Annex III high-risk obligations is the date most organisations should be planning around, because preparation for a medium-complexity high-risk system runs six to eighteen months. That makes classification urgent now, not next year.

The Article 6(3) exception tempts people, because it can lift a system out of high-risk. It is narrow. It applies only where a system performs a limited procedural task, improves a completed human activity without replacing judgement, or detects patterns without influencing the individual assessment, and it must be documented and defended. It is not a general escape route.

The genuinely hard cases are the modern ones. Agentic AI, dual-use systems, and AI features embedded in commercial software break the assumption that classification is a property of the technology. Classification is use-case specific, so the same model can be high-risk in one deployment and unregulated in another, and a system bought as ordinary software can carry obligations no one flagged at purchase.

A decision tree helps, but it only works if you have inventoried what you run, including the embedded and the agentic. Classification you cannot evidence is classification an authority can challenge.

Our whitepaper, The Classification Decision, walks the four tiers, the prohibitions, the Annex III categories, the Article 6(3) exception, the edge cases, and the decision tree. Settle classification first, and the rest of the programme finally has a target.