09.07.2025
When is Artificial Intelligence High Risk?
The AI Act mandates the Commission to provide such Guidelines by 2 February 2026. AI systems intended to be used to evaluate the creditworthiness of natural persons or establish their credit score, with the exception of AI systems used for the purpose of detecting financial fraud, will be classified as high risk unless an exemption applies.
Leaseurope plans to prepare input to the Commission’s guidelines and for this purpose we are re-activating our Task Force on AI.
Leaseurope prepares to input to new European Commission guidance
Following the publication of its Guidelines on the definition of an artificial intelligence system as established by the AI Act, the European Commission is preparing its Guidelines on the classification of AI systems as high-risk. The AI Act mandates the Commission to provide such Guidelines by 2 February 2026. Moreover, these guidelines should be accompanied with a comprehensive list of practical examples of use cases of AI systems that are high-risk and not high-risk.
The AI Act sets out that AI systems referred to in Annex III shall be considered to be high-risk, which includes AI systems intended to be used to evaluate the creditworthiness of natural persons or establish their credit score, with the exception of AI systems used for the purpose of detecting financial fraud.
The AI Act provides for exemptions for AI systems that are intended to be used for one of the cases listed in Annex III, but which do not pose significant risk since they fall under one of the following exceptions:
- the AI system is intended to perform a narrow procedural task;
- the AI system is intended to improve the result of a previously completed human activity;
- the AI system is intended to detect decision-making patterns or deviations from prior decision-making patterns and is not meant to replace or influence the previously completed human assessment, without proper human review; or
- the AI system is intended to perform a preparatory task to an assessment relevant for the purposes of the use cases listed in Annex III.
However, this exception cannot be applied if the AI system performs profiling of natural persons.
AI systems that are classified as high-risk must be developed and designed to meet specific requirements set out in relation to data and data governance, documentation and recording keeping, transparency and provision of information to users, human oversight, robustness, accuracy and security. Providers of high-risk AI systems must ensure that their high-risk AI system is compliant with these requirements and must themselves comply with a number of obligations. This is notably the obligation to put in place a quality management system and ensure that the high-risk AI system undergoes a conformity assessment prior to its being placed on the market or put into service.
The AI Act also sets out obligations for deployers of high-risk AI systems, related to the correct use, human oversight, monitoring the operation of the high-risk AI system and, in certain cases, to transparency vis-à-vis affected persons.
The Commissions is looking for input from stakeholders on practical examples of AI systems and issues to be clarified in the Commission’s guidelines on the classification of high-risk AI systems and in future guidelines on high-risk requirements and obligations, as well as responsibilities along the AI value chain.
Leaseurope is re-activating its Task Force on AI.