What are the EU AI Act risk tiers?

Four: prohibited (banned practices like social scoring), high-risk (e.g. hiring, credit, biometrics — heavy obligations), limited-risk (transparency duties, e.g. chatbots), and minimal-risk (no mandatory obligations).

Is this a substitute for legal advice?

No. It's an indicative classification to orient you early. High-risk and borderline cases should always be confirmed with qualified counsel before deployment.

Does the EU AI Act apply to my company?

If you put an AI system on the EU market or its output is used in the EU, it generally applies regardless of where you're based — similar reach to GDPR.

AI Risk Assessment Generator — free EU AI Act risk-tier classifier

Does the system do any of: social scoring, subliminal manipulation, untargeted facial-image scraping, real-time public biometric ID, or emotion recognition at work/school?

These are prohibited practices under Article 5.

Is it used in any of these domains?

Tick all that apply — any one makes it high-risk.

Recruitment, hiring, or employee evaluationCreditworthiness or credit scoringInsurance pricing or risk assessmentAccess to education or exam scoringAccess to essential public or private servicesSafety component of critical infrastructureBiometric identification or categorisationLaw enforcement, migration, or justiceMedical device or health diagnosis

Does it interact directly with people (e.g. a chatbot) or generate/manipulate image, audio, or video content?

Triggers transparency obligations.

How to use it.

1. Have one use case in mind

Assess a single, specific AI system — 'a chatbot for support' or 'CV-screening for hiring' — not your whole AI strategy. The tier depends on what the system does and where it's used.

2. Answer the three checks

Prohibited practices, high-risk domains, and whether it interacts with people or generates content. Each answer maps directly to the EU AI Act's risk categories.

3. Read your tier and obligations

You'll get one of four tiers with the concrete obligations attached — from 'do not deploy' for prohibited uses to transparency-only for limited-risk systems.

4. Download it for legal/the board

Email yourself the branded one-pager — it summarises the tier and obligations in a format you can forward to compliance or leadership before you build.

Frequently asked questions.

What are the EU AI Act risk tiers?: Four: prohibited (banned practices like social scoring), high-risk (e.g. hiring, credit, biometrics — heavy obligations), limited-risk (transparency duties, e.g. chatbots), and minimal-risk (no mandatory obligations).
Is this a substitute for legal advice?: No. It's an indicative classification to orient you early. High-risk and borderline cases should always be confirmed with qualified counsel before deployment.
Does the EU AI Act apply to my company?: If you put an AI system on the EU market or its output is used in the EU, it generally applies regardless of where you're based — similar reach to GDPR.

More free AI tools.

Data Readiness for AI Assessment

Score your data readiness for AI across access, quality, structure, governance, and volume — and find out the one thing to fix before you build.

AI Readiness Assessment

A 25-point self-assessment across data, process, team, and governance that tells you whether you're ready to ship AI — and what to fix first if you're not.

Is This Workflow Worth Automating?

Answer a few questions about a workflow and get a 0–100 fit score with a clear build, pilot, or skip verdict — before you spend a euro on it.

What's your AI system's EU AI Act risk tier?