Your HR team just adopted a new AI-powered recruiting tool. It screens resumes, ranks candidates, schedules interviews. The works.
But here’s the question that matters: does this count as a high-risk AI system under the EU AI Act?
Because if it does, you’re looking at conformity assessments, fundamental rights impact assessments, bias mitigation protocols, and August 2026 deadlines. If it doesn’t, you can skip most of that.
The problem? Classification boundaries are complex and partly subjective. You’ve got a regulatory grey zone where seemingly similar systems face vastly different compliance burdens. This high-risk classification challenge is one of several critical implementation tensions outlined in our comprehensive EU AI Act implementation guide.
Article 6(3) of the EU AI Act carves out exemptions for “narrow procedural or preparatory tasks” that don’t involve profiling. Sounds straightforward. Until you realise that any profiling activity overrides the exemption. Resume screening that ranks candidates? That’s profiling. Performance dashboards that score productivity? Also profiling. Interview scheduling without evaluation? That might be exempt.
Get your classification wrong and you’re either wasting resources on unnecessary compliance or exposing yourself to penalties up to €15 million or 3% of global turnover.
So in this article we’re going to give you a framework to classify your HR AI systems accurately, understand when the Article 6(3) exemption applies, and map out your compliance obligations before the August 2026 enforcement deadline hits.
What Qualifies an AI System as High-Risk Under the EU AI Act?
High-risk classification triggers when your AI system falls under one of the use cases listed in Annex III of the EU AI Act. For employment, that’s AI used in recruiting, CV screening, performance evaluation, work allocation, promotion decisions, termination, and contract modification.
There’s a two-tier test you need to pass. First, does your system fall under an Annex III category? Second, do the Article 6(3) exemptions apply? Both questions need answers before you know your compliance path.
When your system qualifies as high-risk, you’re required to complete conformity assessment, affix CE marking, prepare technical documentation, establish a quality management system, implement human oversight, and conduct a fundamental rights impact assessment.
Here’s what matters: high-risk is a legal classification, not a technical risk assessment. Low-complexity AI can still be high-risk if you use it for Annex III purposes. A simple rule-based resume screening system that ranks candidates? High-risk. A sophisticated machine learning system that only formats documents for human review? Might not be.
The enforcement timeline is August 2, 2026 for Annex III systems. Providers must complete conformity assessment before market placement, and deployers must conduct fundamental rights impact assessments before deployment.
The distinction between providers and deployers matters. If you’re developing the AI system for others to use, you’re a provider facing conformity assessment obligations. If you’re purchasing and deploying someone else’s AI system in your organisation, you’re a deployer facing fundamental rights impact assessment requirements.
Don’t confuse high-risk classification with prohibited AI practices like social scoring or manipulative systems. Those are banned outright. High-risk systems are allowed but regulated.
How Does Article 6(3) Preparatory Tasks Exemption Work?
Article 6(3) creates a carve-out for “narrow procedural or preparatory tasks” – but only if they don’t involve profiling of natural persons, decisions on employment access or termination, or work relationship management affecting rights.
Four categories qualify: narrow procedural tasks like scheduling, detecting decision-making procedure deviations, preliminary filtering or flagging, and anonymised aggregated analytics.
But here’s the key limitation: any profiling activity overrides the exemption, even for otherwise procedural tasks.
What does “narrow” mean? Single-purpose, non-evaluative, no discretionary outputs affecting employment decisions. An interview scheduling chatbot that coordinates calendar availability without evaluating candidates? That likely qualifies. Resume screening AI that ranks candidates involves profiling and is not exempt.
The Digital Omnibus amendments from December 2024 tightened these boundaries further. The clarifications emphasised the “narrow” requirement and made it explicit that preliminary filtering or flagging still counts as profiling if the system ranks or scores candidates.
Providers must document their reasoning in technical documentation and risk assessment procedures. When a supervisory authority challenges your exemption claim, your documentation needs to withstand scrutiny.
The regulatory risk calculus is simple: aggressive exemption claims are subject to supervisory authority challenge, while conservative classification reduces enforcement exposure. If your system sits in a grey zone, classifying it as high-risk might cost you compliance resources but it protects you from penalties.
What Constitutes Profiling Under Article 6 and Why Does It Override Exemptions?
Profiling comes from GDPR Article 4(4): automated processing of personal data to evaluate personal aspects like performance, economic situation, preferences, behaviour, or work capacity.
The EU AI Act invokes this concept to limit the preparatory tasks exemption. Any profiling triggers high-risk classification.
Performance evaluation systems that automatically assess employee productivity, quality metrics, or competency ratings constitute profiling. So do resume screening tools that score, rank, or categorise candidates based on qualifications or experience.
Here’s the key principle: profiling exists even if a human makes the final decision. The AI’s evaluative intermediate output is sufficient to trigger high-risk classification. You can’t escape by claiming “but a recruiter reviews everything.” If your AI ranks the candidates first, that’s profiling.
The technical distinction matters. Rule-based sorting without evaluation isn’t profiling. An AI that categorises resumes by years of experience into “0-2 years,” “3-5 years,” and “5+ years” buckets without scoring might not be profiling if it’s purely descriptive. But ML-based scoring or prediction that evaluates whether a candidate is suitable? That’s profiling.
When your employment AI profiles personal data, you face overlapping obligations. Both a fundamental rights impact assessment under the AI Act and a data protection impact assessment under GDPR. The practical approach is conducting an integrated FRIA-DPIA assessment to satisfy both frameworks efficiently.
How Do I Know If My HR Technology Falls Under High-Risk Classification?
Start with a systematic process: identify your AI system’s use case, check for Annex III employment category match, evaluate Article 6(3) exemption eligibility, and confirm profiling presence or absence.
Resume screening AI is high-risk if it scores, ranks, or filters candidates based on qualifications. The only exemption? Purely logistical processing like formatting resumes for human review without evaluation.
Performance management systems are high-risk if they’re evaluating employee productivity, quality, or competency through automated metrics. This includes keystroke monitoring, code contribution analysis, and sales performance dashboards with AI-generated insights.
Interview scheduling tools generally qualify for Article 6(3) exemption if they’re solely coordinating calendar availability without candidate evaluation. A chatbot that asks “What time works for you?” and books a slot? That’s not evaluating anything.
Interview analysis software is high-risk if it’s assessing communication skills, personality traits, sentiment, or cultural fit from video, audio, or text. These tools explicitly profile candidates even when they claim to only “assist” human decisions.
Applicant tracking systems present a classification challenge because functionality varies widely. Administrative workflow management is exempt while candidate scoring or ranking is high-risk. If your ATS merely tracks candidate progress through hiring stages without evaluation, it’s likely exempt. If it recommends which candidates to interview based on resume analysis, it’s high-risk.
Edge cases require conservative interpretation. What if your system provides “recommendations” versus “decisions”? Recommendations based on profiling still trigger high-risk classification.
Multi-purpose systems need particular attention. If your HR software has both exempt functionality like scheduling and non-exempt functionality like performance evaluation, treat the entire system as high-risk for compliance safety.
When you’re using AI hiring tools, companies often ask vendors about how they mitigate bias and whether they’ve had third-party fairness audits. Add classification questions to that list. What does the system do? Does it evaluate, score, rank, or predict? Does it profile individuals?
What Is a Fundamental Rights Impact Assessment (FRIA) and When Is It Required?
FRIA is a mandatory assessment procedure for high-risk AI deployers – not providers – to identify, analyse, and mitigate risks to fundamental rights before deployment.
The fundamental rights scope is broader than data protection. It covers non-discrimination based on gender, race, age, disability, and other protected characteristics. It includes privacy and data protection, human dignity, and workers’ rights like fair working conditions and collective bargaining.
FRIA procedure involves five steps: stakeholder consultation with workers, unions, and your data protection officer, fundamental rights identification relevant to your AI system, impact severity assessment, mitigation measures design, and ongoing monitoring plan development.
Stakeholder consultation requirements are not optional. You must involve workers’ representatives, your DPO, and HR leadership. This requires substantive engagement that informs your deployment decisions.
Impact severity assessment uses a framework of likelihood of harm multiplied by magnitude of impact on affected individuals. A resume screening system that occasionally misranks candidates has lower severity than a performance evaluation system that systematically underscores certain demographic groups leading to terminations.
DPIA concentrates on data protection and privacy concerns while FRIA examines all fundamental rights affected by AI systems. For employment AI processing personal data, you need both. The practical integration approach is conducting a combined FRIA-DPIA assessment addressing both frameworks to avoid duplicative work.
FRIA becomes mandatory in August 2026, so you should audit your current AI systems, develop integrated templates, and establish monitoring procedures now. FRIA typically requires three to six months for complex employment AI depending on stakeholder engagement scope.
How Do I Conduct a Conformity Assessment for My Employment AI System?
Conformity assessment is a mandatory verification procedure providers must complete before placing high-risk AI on the EU market or putting it into service.
If you’re buying HR AI systems from vendors, this is their problem. If you’re building them, it’s yours.
Two routes exist: internal self-assessment using the Annex VI procedure if you have a quality management system, or third-party notified body assessment. Employment AI typically qualifies for the Annex VI self-assessment route, which is less expensive and faster than notified body review.
The self-assessment procedure breaks down into six phases: establish a quality management system, complete technical documentation, implement human oversight, conduct bias testing, verify Article 10 data governance requirements, and assess compliance with all Chapter III Section 2 obligations.
Technical documentation requirements are comprehensive. You need system design specifications, data governance protocols, training datasets and methodologies, testing and validation results, risk management procedures, and human oversight mechanisms.
After you complete the appropriate procedure, you must draw up an EU Declaration of Conformity and affix the CE mark before marketing the system. CE marking is your conformity certificate.
Timeline expectations: first-time conformity assessment typically requires six to twelve months for complex employment AI systems. Quality management system establishment takes two to three months, technical documentation completion takes two to four months, bias testing protocols take one to two months, and final compliance verification takes one to two months. These timelines translate into significant compliance budget requirements that CTOs need to factor into planning.
Provider-deployer coordination matters. Providers must supply sufficient technical documentation to deployers for FRIA purposes. If you’re a deployer, demand this documentation from your vendors. If they can’t provide it, they’re not compliant.
How Do I Implement Bias Mitigation for Recruitment AI?
Bias mitigation is an Article 10 requirement for high-risk AI systems to detect, prevent, and correct discriminatory outputs concerning protected characteristics.
Three phases structure bias mitigation: pre-deployment bias testing, ongoing monitoring, and corrective action protocols.
Pre-deployment testing assesses training datasets for representation gaps – are any demographic groups underrepresented? Test AI outputs across demographic groups for disparate impact. Measure fairness metrics like demographic parity, equal opportunity#Equal_opportunity), and equalised odds#Equalized_odds).
Dataset governance is foundational. If your AI training data came from past hires who were mostly male, the AI might conclude male candidates are preferable and actively downgrade resumes containing indicators of being female. This actually happened in recruiting AI developed at one major tech company. Upon discovering gender bias, they scrapped the tool entirely.
Historical bias assessment asks whether past hiring favoured certain demographics. If yes, using historical data to train AI perpetuates that bias. Mitigation strategies include data augmentation to increase underrepresented groups, re-weighting to balance representation, and fairness constraints in model training.
Many vendors now conduct bias audits by running algorithms on subsets of candidates by gender or ethnicity to see if scores significantly differ without job-relevant reason. Demand evidence of these audits from your vendors.
Monitoring protocols track AI recommendations and decisions by protected characteristics, establish acceptable disparity thresholds, and trigger alerts when thresholds are exceeded.
Corrective actions include human oversight intervention procedures, model retraining with augmented data, fairness constraint adjustments, and system deactivation if bias is uncorrectable.
Article 10 bias mitigation requirements apply even for anonymised data if system outputs influence employment decisions affecting identifiable individuals. Focus on output fairness – do AI-driven decisions exhibit disparate impact – rather than just input data privacy.
What Happens If My AI System Is Reclassified Mid-Development?
Reclassification triggers come from three sources: significant functionality changes like adding profiling capability, regulatory interpretation evolution such as Digital Omnibus clarifications, and supervisory authority guidance from national AI offices.
The Digital Omnibus impact from December 2024 amendments narrowed Article 6(3) exemptions, potentially reclassifying systems previously considered exempt.
Mid-development scenario one: low-risk to high-risk reclassification. You must halt deployment, initiate conformity assessment, establish a quality management system, conduct FRIA if you’re a deployer, and complete technical documentation before market placement or deployment. This adds six to twelve months to your timeline and €50,000 to €150,000 in compliance costs.
Legacy systems you placed on market before February 2, 2025 have modified transition timelines but must achieve full compliance by August 2, 2026 for Annex III employment systems. If you launched your HR AI before the AI Act’s general enforcement date, you have until August 2026 to come into compliance.
Risk mitigation strategies reduce reclassification exposure. Conservative initial classification means classifying as high-risk if ambiguous. Modular system design isolates potentially high-risk components. Ongoing regulatory monitoring tracks supervisory authority guidance.
Change management protocols should establish classification review triggers for feature additions and deployment context changes. Document your classification rationale. Maintain a regulatory change log tracking when interpretations shift.
Cost implications of mid-development reclassification to high-risk can add six to twelve months timeline and €50,000 to €150,000 in compliance costs. Factor contingency costs into project risk budgets for potential reclassification.
FAQ Section
Does my employee performance dashboard require FRIA if it only tracks metrics without making firing recommendations?
If your dashboard uses AI to evaluate employee performance through automated metrics like productivity scores, quality ratings, or attendance patterns, it involves profiling and qualifies as high-risk under Annex III employment category, requiring FRIA.
“Not making final decision” is insufficient exemption if the system profiles employees.
Can I claim Article 6(3) exemption for resume screening AI that flags missing qualifications without ranking candidates?
Likely no. Flagging candidates based on qualification assessment involves profiling – evaluating personal aspects like education and experience – which overrides Article 6(3) exemption even if your system doesn’t produce final rankings. Conservative classification means treating this as high-risk.
What’s the difference between self-assessment and notified body conformity assessment routes?
Self-assessment under Annex VI allows providers with quality management systems to verify their own compliance and affix CE marking without third-party review. This is faster and less expensive, typically €15,000 to €50,000. Notified body assessment requires independent conformity verification and costs €50,000 to €150,000 or more.
Do I need both FRIA and DPIA for employment AI processing personal data?
Yes. FRIA is required by the AI Act for high-risk systems and assesses fundamental rights risks, while DPIA is required by GDPR for high-risk data processing and assesses data protection risks. The practical approach is conducting an integrated FRIA-DPIA assessment satisfying both frameworks.
How long does conformity assessment take for typical HR recruitment AI?
First-time self-assessment using the Annex VI route typically requires six to twelve months for complex employment AI. This includes quality management system establishment taking two to three months, technical documentation completion taking two to four months, bias testing protocols taking one to two months, and final compliance verification taking one to two months.
What if my AI vendor claims their system is not high-risk but I think it involves profiling?
As a deployer, you bear liability for using non-compliant high-risk AI. Verify your vendor’s classification reasoning through technical documentation review. Ask: does the system evaluate candidate or employee personal aspects? Does it score, rank, or predict performance or suitability? If yes to either, treat as high-risk regardless of vendor claims.
Are interview scheduling chatbots exempt from high-risk classification?
Generally yes under Article 6(3) if the chatbot performs purely logistical tasks like coordinating calendar availability and sending meeting invitations without evaluating candidates. However, if the chatbot assesses candidate communication style, sentiment, or responsiveness as input to hiring decisions, it involves profiling and becomes high-risk.
What bias mitigation is required if my AI only processes anonymised data?
Article 10 bias mitigation requirements apply even for anonymised data if system outputs influence employment decisions affecting identifiable individuals. Focus on output fairness – do AI-driven decisions exhibit disparate impact – rather than input data privacy.
Can I deploy high-risk employment AI in the EU if my company is based outside the EU?
Yes, but as a third-country provider you must comply with full AI Act obligations if your system is placed on the EU market or outputs are used in the EU. This includes conformity assessment, CE marking, EU database registration, and appointing a legal representative in the EU.
What happens if a supervisory authority disagrees with my Article 6(3) exemption claim after deployment?
Supervisory authorities can challenge your exemption claim through market surveillance powers. They may require reclassification to high-risk, halt deployment pending conformity assessment completion, or impose penalties up to €15 million or 3% of global turnover for non-compliance with high-risk obligations.
Do performance evaluation systems monitoring remote worker activity count as high-risk AI?
Yes. AI systems tracking remote worker productivity through keystroke monitoring, application usage, meeting attendance, or output metrics evaluate employee performance aspects, constituting profiling under Annex III employment category. These require conformity assessment if you’re a provider, FRIA if you’re a deployer, human oversight, and bias mitigation.
How do I know when to update my FRIA after initial deployment?
FRIA updates are required when AI system functionality changes significantly through new features or different deployment context, post-market monitoring reveals new fundamental rights risks, affected workforce composition changes substantially such as expansion to new countries or demographics, or regulatory guidance evolves. Establish annual FRIA review as a minimum.
Next Steps
High-risk classification determines your compliance path for employment AI systems. Classification errors create either wasted resources or penalty exposure.
Start with conservative classification: when Article 6(3) exemption eligibility is ambiguous, classify as high-risk. Document your classification rationale. Establish ongoing regulatory monitoring for supervisory authority guidance.
For employment AI processing personal data, integrate FRIA and DPIA assessments to avoid duplicative work. For systems already in production, audit current AI tools against Annex III categories and initiate compliance procedures before the August 2, 2026 deadline.
High-risk classification represents just one dimension of EU AI Act compliance complexity. For broader context on implementation tensions, timeline uncertainty, and strategic compliance planning across all AI Act requirements, see our comprehensive EU AI Act implementation guide.
