Remind-R Blog
← All articles
Artificial intelligence

The four risk levels of the AI Act

Unacceptable, high, limited, minimal: the AI Act classifies AI systems into four risk levels, each with its own obligations. An overview based on official EU sources.

Rédaction Remind-R · 08/07/2026 · 2 min
Share: LinkedIn X Facebook WhatsApp Email

The AI Act does not treat all artificial intelligence systems the same way. Regulation (EU) 2024/1689 sets out four levels of risk, each carrying different obligations. Understanding these categories helps to place a given use.

Unacceptable risk: the prohibited practices

Some uses are considered a clear threat to people's rights and safety and are therefore banned. The AI Act prohibits eight practices, among them harmful manipulation or deception, exploitation of vulnerabilities, social scoring, assessing or predicting the risk that a person will commit an offence solely on the basis of profiling, building facial-recognition databases through untargeted scraping of images, emotion recognition in the workplace and in education, biometric categorisation revealing sensitive characteristics, and real-time remote biometric identification in public spaces for law-enforcement purposes (with narrowly framed exceptions). These prohibitions have applied since February 2025.

High risk: allowed but strictly regulated

Systems that can seriously affect health, safety or fundamental rights are classified as high-risk. Examples include AI in critical infrastructure, education, employment (CV screening), access to essential services (such as credit scoring), biometrics, law enforcement, migration and asylum, or the administration of justice. These systems must meet strict requirements: risk management, data quality, traceability, documentation, information to deployers, human oversight and robustness.

Limited risk: transparency

Other systems mainly raise a transparency issue. Users must, for instance, be aware that they are interacting with a chatbot, and AI-generated content must be identifiable.

Minimal risk: the vast majority

Most AI systems used today (spam filters, AI in video games) fall under minimal risk and are subject to no new obligations; adherence to voluntary codes of conduct is encouraged.

Conformity and oversight

Before being placed on the market, high-risk systems must undergo a conformity assessment and, for some of them, be registered in an EU database. They are then monitored throughout their lifecycle: providers run post-market monitoring and report serious incidents, deployers ensure human oversight, and authorities carry out market surveillance. Individuals can lodge a complaint with the designated national authority.

Note that the same solution can move from one category to another depending on its use. Providers and deployers should therefore assess the classification of each system against the text and official guidance.

Ask an AI about this article

Sources

  1. The AI Act — the four levels of risk — European Commission — Shaping Europe's digital future
  2. EU AI Act: different rules for different risk levels — European Parliament
  3. Regulation (EU) 2024/1689 (Artificial Intelligence Act) — EUR-Lex — Official Journal of the European Union
Refreshes the article based on the latest sources (once per day).
Article written with the help of artificial intelligence (in accordance with the EU AI Act). Information provided for guidance only, to be validated by a professional before any decision. Sources are listed above.