Navigating the EU AI Act: A CTO's Guide to Risk Classification and Compliance (Part 1)

In a global market, the biggest elephant in the room regarding compliance and regulation for AI systems at the moment is the EU AI Act. This broad legislation aims to reduce bias and unfair disadvantage from systems which make decisions about people.

It's especially critical to review, as it may be used as a basis for similar regulations around the world. I think it should still be on your radar, even if you don't anticipate expansion into the EU any time soon.

If you offer a product or service that is sold or used in the EU, and it uses AI, you will have to consider the Act.

This is Part 1 of a series on EU AI Act compliance, and sharing my thoughts on how to ensure your products and services align with the letter and spirit of the Act.

What is the EU AI Act?

The EU AI Act was created to establish a framework for a risk-based approach to evaluating and legislating for AI use. Its main purpose is to ensure that automated systems do not make unfair decisions that disadvantage people.

The Act defines 4 levels of risk for AI systems.

Prohibited Systems

Prohibited systems represent the types of AI services that can cause the most harm to society. These AI uses are banned outright in the EU, and include:

• Social scoring systems deployed by governments
• Real-time biometric identification in public spaces (with narrow exceptions for serious crimes)
• AI that exploits vulnerabilities of specific groups
• Subliminal manipulation techniques

For most CTOs building commercial products, prohibited practices aren't relevant, as they're narrow and extreme. The risk tier that matters most is "High Risk."

High Risk Systems

High Risk systems have the potential to cause great harm or disadvantage to individuals or society as a whole. These systems require the most scrutiny under the AI Act, and are grouped into 2 categories:

1. Safety-critical AI: any AI system that is used in regulated products / industries. This covers things like medical products, aviation and vehicles.
2. Annex III use-cases: this covers any AI system that makes decisions about people in sensitive areas, and includes:
   1. Employment and worker management (recruiting, promotion, task allocation)
   2. Access to essential services (credit scoring, benefits eligibility)
   3. Education and training (exam scoring, admission decisions)
   4. Law enforcement and border control
   5. Biometric identification and categorization
   6. Critical infrastructure management

The complete list of high-risk use cases is defined in Annex III of the AI Act, and the European Commission maintains updated guidance at https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai.

For high-risk systems, the Act requires:

• Risk management processes throughout the system lifecycle
• High-quality training data with bias testing
• Technical documentation and logs
• Human oversight mechanisms
• Transparency to users about how the system works

The classification of systems as High Risk can change over time. The EU Commission may add or remove categories based on evidence of risk. Keep your knowledge current by:

• Monitoring EU AI Office announcements
• Consulting with legal counsel familiar with the Act
• Reviewing your risk assessment annually or when your product capabilities change significantly
• Check the Regulatory Framework (AI) section of the European Commission.

Limited Risk Systems

Limited Risk systems are those that can potentially be used to mislead the public or may have a small scope to cause harm. These include systems such as:

• Chatbots and conversational AI must disclose that end users are talking to an AI.
• Deepfakes and synthetic / generated content must be clearly labelled at being artificially generated.
• Emotion recognition systems must inform users that they are being analyzed (and disclose any training usage, etc).
• Biometric categorization systems which must disclose when inferring characteristics like a person's race or their political views.

Essentially all these have one thing in common, it must be clearly and transparently disclosed to the end user that AI is being used. To make sure your disclosures are compliant, you should focus on the four points below:

1. Clear identification: State explicitly that AI is being used
2. Transparency about capability: Explain what the AI does
3. Human oversight reminder: Where appropriate, notes that human judgment is needed
4. Prominent placement: Should appear before or during the AI interaction, and not buried in terms of service

In the context of FacetScore, a compliant disclosure in the application looks like this:

The main takeaway is that the disclosure doesn't need to be particularly lengthy or exhaustive. It just needs to be clearly visible, and ideally visible before your end users interact with AI systems.

Minimal Risk Systems

Anything that doesn't fit neatly into these other categories goes here. These AI systems are not subject to any strict regulation by the EU AI Act, but do still have to comply with other EU regulations such as the GDPR.

If you’re distributing your own foundational model, there are additional transparency requirements to meet , even if your system is otherwise considered “Minimal Risk.”

I consider it best practice to treat all AI systems as at least "Limited Risk" from a pragmatic point of view. The classification listings can change at any time, and the costs for implementing any required changes can quickly mount up if they are performed late in the day.

There are also some strategic advantages to this approach:

• Future changes to product roadmap / development can affect a system's AI Act exposure. By building this in from the start, there is a level of inoculation.
• By publicly going above-and-beyond when it comes to compliance, a company can show itself as a leader in ethical and compliant AI, which puts the safety of its users first.
• Being open and transparent about the use of a potentially sensitive technologies like AI makes it easier for customers to trust a company.

A note about GPAI

If you're building on top of foundation models like GPT-4 or Gemini rather than building and training your own, the AI Act classifies you as a "deployer" not a "provider".

This changes your exposure a little bit, and you need to keep the following in mind:

• Model-level compliance obligations fall primarily on the provider of the model.
• Your responsibility is to ensure your usage of the model complies with the appropriate risk tier.
• Using Llama to screen résumés? You're deploying a high-risk system regardless of whether Llama itself is compliant.

To make it clear, your compliance work needs to be focused on the application's decision making logic, data handling, and user-facing behavior, not on the foundation model itself.

Even if the model provider states that it is fully compliant, you cannot rely solely on that compliance for your own application. You must perform your own evaluation and risk assessment based on your actual usage of the model and the functionality of your application.

You should also document how you assessed the model's suitability for your use case, what guardrails you implemented, and how you monitor performance. The required documentation depth increases with your system's risk classification.

Enforcement and Fines

The AI Act gives the EU Commission some severe options for enforcement when it comes to breaches of the Act. These scale with the level of the breach and noncompliance:

• Prohibited systems development: Up to €35M or 7% of global annual revenue (whichever is higher)
• High-risk systems violations: Up to €15M or 3% of global revenue
• Incorrect information to authorities: Up to €7.5M or 1.5% of global revenue

Enforcement is planned to roll out in the following schedule.

• February 2024: Prohibited practices ban (already in effect)
• August 2025: GPAI obligations begin (already in effect)
• August 2026: High-risk system requirements fully enforced
• August 2027: All provisions in force

If you're building a high-risk system launching in 2025 or 2026, you need to be working on compliance now.

What about older / existing systems or grandfathering?

There is no provision in the EU AI Act to grandfather existing AI systems already on the market before the Act comes into effect. All systems in scope must comply once their risk tier obligations apply, even if they were deployed before the Act's enforcement dates.

This means if you have a High Risk system currently in production, you have until August 2026 to bring it into full compliance, but that deadline applies regardless of when you launched. For CTOs, this removes any incentive to rush systems to market before enforcement deadlines.

Instead, use the time before August 2026 to properly assess and document compliance for existing systems.

Where does FacetScore fit?

FacetScore uses GPAI and its own models to perform its analysis and services. It aggregates data from reviews and other sources such as social media to perform its analysis and reporting.

Facetscore is a product by arkilon ltd

FacetScore uses cutting edge sentiment analysis and other interesting technologies to provide actionable business intelligence and reputation management to bars, restaurants, hotels, and retail stores. Available in English, French, Spanish, Taiwanese Chinese, Japanese, Korean and Thai.

Learn more about FacetScore

The approach to evaluating how the EU AI Act applies to FacetScore isn't so complicated, and I think the method I used can easily be applied to other tools.

1. Check the risk level. I assume you're not doing anything Prohibited, but checking if you're in a High Risk category is critical.
2. Does the service operate in a safety-critical or Annex III regulated industry like healthcare or law enforcement?
3. Is it making decisions automatically in an Annex III applicable industry such as HR or similar?

At this point, my answer for FacetScore is a "no". Here's my rationale for FacetScore not being "High Risk":

1. It uses a mixture of GPAI and its own models to analyze publicly posted social media data and submitted reviews.
2. It doesn't make any decisions or recommendations which can directly affect people.
3. It doesn't operate in either a safety-critical or Annex III regulated industry.
4. The system is designed to protect privacy and anonymity of data.

I'm not 100% sure that it is "Minimal Risk" though, as it has the following features which are a bit of a grey area:

• It can create an overview of all the locations a multi-branch business have, and highlight ones which have consistently bad reviews or customer experience. This could potentially be used by companies to change the management at locations. This isn't a primary function of FacetScore, but it is a side effect that its data processing can lead to. This also needs to be considered, and I will actively monitor the usage of the service to see if this "High Risk" action is being taken, even if it is not intended.
• It has features in the pipeline to suggest promotions or remedial actions which might help improve a location's FacetScore. While none of these recommendations will be "fire the manager" or similar, it might be prudent to allow it to suggest training or schedule changes, which might tip the service closer to "High Risk" later.

Due to the points above, I believe FacetScore is a "Limited Risk" system, and will structure my approach to compliance based on this assumption.

Choosing to handle FacetScore as "Limited Risk" in this case is a good strategy. The compliance requirements are minimal, but it ensures that I can make sure FacetScore remains compliant now and in the future.

Current regulatory situation at FacetScore

At Arkilon Ltd, I had always taken the view that AI systems should be used ethically and would not use any predatory data harvesting or training practices. To achieve that, I put in place the following policies:

• FacetScore's Data Collection Agreement at https://facetscore.com/data_agreement
• FacetScore's Terms of Service at https://facetscore.com/terms

In the context of the AI Act, this early focus on Ethical AI usage has actually already met the main requirements for a Limited Risk system.

• The usage of AI in FacetScore is transparent and documented, as are any training practices.
• Data-use practices are disclosed and documented.
• Users have full control over the data they enter into the system.
• Strong alignment with EU GDPR and UK GDPR.

The Data Collection Agreement explicitly commits to:

• Transparent disclosure of AI usage (GPAI and proprietary models)
• Ethical data processing with no raw data used for AI training
• Data minimization and rapid deletion (24-hour processing window)
• Strong security measures (encryption at rest and in transit)

These weren't written specifically for the AI Act, but they align naturally with Limited Risk transparency requirements because they're built on the same principle.

While our current practices provide a foundation (security, data quality controls, audit logs), High Risk classification would require substantial additional work. Part 2 of this series will cover this is more detail.

Sources, useful information, and further reading

• The EU AI Act office website at https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai
• The content EU AI Act itself is available at https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX%3A32024R1689
• The website explaining the governance and enforcement of the AI Act at https://digital-strategy.ec.europa.eu/en/policies/ai-act-governance-and-enforcement
• The European AI Office website at https://digital-strategy.ec.europa.eu/en/policies/ai-office
• FacetScore's website at https://facetscore.com
• Arkilon Ltd's website at https://arkilon.com