Is my AI high-risk under Annex III?

AI is high-risk under Annex III if it relates to decisions in 8 areas: employment, credit/essential services, education, healthcare, biometric ID, critical infrastructure, law enforcement, migration/justice. Full decision tree at aiactaudit.pl/blog-annex-iii-decision-tree.html

What's the EU AI Act deadline?

Aug 2, 2026 = enforcement deadline for high-risk AI systems (Annex III). Banned uses (Article 5) and transparency (Article 50) are already live since Feb 2, 2025. Article 99 penalty: €15M or 3% global turnover for high-risk violations.

How is this different from Vanta?

Vanta ($10-50k/yr) targets SOC 2/GDPR/ISO 27001. EU AI Act is an add-on. aiactaudit.pl is EU AI Act-specific (Annex III + Article 11/14/50/72/99) for €799 one-time. Complementary, NOT replacement.

Is this legal advice?

NO. The audit is informational. Each report includes a mandatory legal disclaimer + recommendation 'final review by qualified EU AI Act counsel' before final compliance decisions. Provider is NOT a lawyer.

Can I get a refund if not satisfied?

Yes. 30-day money-back guarantee, no questions asked. Full refund via bank transfer or Stripe.

EU AI ACT · ENFORCEMENT AUG 2, 2026

AI Act audit for EU SMB SaaS|

€799 one-time. 4 hours of work. Clarity in 5 days. Annex III classification + fix roadmap. No "100% compliant" claims — honest clarity.

Penalty €15M / 3% turnover · Aug 2, 2026 deadline · 60%+ EU SMBs haven't started compliance

Audit now €799 → View sample report

Annex III classification
Severity ranking + roadmap
PDF report (legal-ready)
30-day money-back

audit_report.pdf · 5 systems

Sample classification output

resume_screener.ai HIGH RISK

support_chatbot LIMITED

ats_resume_screen HIGH RISK

marketing_personalize MINIMAL

spam_filter MINIMAL

// THE PROBLEM

Why is the AI Act a problem?

of EU SMBs haven't started compliance
(multiple compliance surveys 2025-2026)

€15M

Maximum penalty for high-risk
(or 3% global turnover)

Annex III high-risk areas
(HR, credit, education, healthcare...)

$10-50K

Vanta enterprise pricing
out of reach for SMBs

The EU AI Act is the first comprehensive law regulating AI. Every company selling or using AI in the EU must meet requirements based on risk level. Most SMBs don't know:

Is their AI "high-risk"? Annex III: employment, credit, education, biometrics, critical infrastructure, law enforcement, migration, justice.
What exactly do they need to do? Risk management, technical documentation, human oversight, transparency, CE marking, EU database registration.
How much does it cost? Self-assessment €9,500-14,500. Vanta enterprise $10-50k/yr. Freelance audit €4,500+.
What's the penalty for non-compliance? €15M or 3% global turnover (Article 99 EU AI Act).
Will the Digital Omnibus push the deadline? EU decision May 13, 2026 — uncertain.

Most SMB AI is "minimal risk" (chatbots, marketing personalization, recommenders). Compliance burden = low. BUT if you use AI in HR / credit / healthcare / education = compliance burden = heavy.

→ A 4-hour audit will tell you exactly where you stand.

// QUICK CHECK

Is your AI high-risk? Check in 30 seconds.

3 questions, instant result. No email capture. No sales pitch.

Question 1 of 3

1. Does your AI use BANNED practices?

Social scoring by gov · real-time biometric ID in public spaces · emotion recognition in the workplace · predictive policing · facial scraping · subliminal manipulation

2. Does your AI make decisions in any of the 8 Annex III areas?

Employment (HR/recruitment) · credit scoring · education (admission/grading) · biometrics · critical infrastructure · law enforcement · migration · justice · healthcare

3. Does the end user interact with the AI?

Chatbot · AI-generated content · deepfakes · emotion recognition (informational) · biometric categorization (non-prohibited)

Full audit €799 →

⚠️ This quiz is a simplified guide. Full classification requires manual review per system. The full €799 audit gives you precise classification of every AI system with documentation.

// WHAT YOU GET

Full sample audit — fictional Acme HR-Tech

Don't take my word for it. See exactly what you get in 5-7 days. Sample report: Acme HR-Tech GmbH (fictional German HR-tech, 35 emp), 3 AI systems, 11-page PDF.

EXECUTIVE SUMMARY

8 findings · €15M penalty exposure

1 Critical 2 High 3 Medium 2 Low

Headline risk: CV ranker without human-in-loop on rejections (Art. 14 violation)

ANNEX III CLASSIFICATION

3 AI systems → 2 high-risk + 1 limited

CV Ranker — Annex III #4 employment HIGH

Interview Summarizer — Annex III #4 worker eval HIGH

Marketing Chatbot — Art. 50 transparency LIMITED

REMEDIATION ROADMAP

Critical → High → Medium, anchored Aug 2, 2026

Wk 1-2 Human review process for CV rejections (Art. 14)

Wk 3-4 Candidate transparency disclosure (Art. 13)

Mo 2-3 Annex IV technical documentation (Art. 11)

Mo 3+ Post-market monitoring system (Art. 72)

View full sample audit (11-page PDF) →

Opens in new tab. Cmd-P (Mac) / Ctrl-P (Win) → Save as PDF.

// TIMELINE

EU AI Act — rollout calendar

Most companies think the deadline is "sometime in 2026". In reality, penalties can already be issued (prohibitions live since Feb 2, 2025).

Feb 2, 2025

Prohibitions live

Banned AI practices enforceable. €35M / 7% turnover.

Aug 2, 2025

Governance + GPAI

EU AI Office operational. General-purpose AI obligations applicable (GPT-4, Claude, Gemini).

May 13, 2026

Digital Omnibus trilogue

EU decision — push the high-risk deadline? Apr 28, 2026 trilogue = FAIL without agreement.

Aug 2, 2026

High-risk obligations

Annex III enforcement. €15M / 3% turnover. 3 months from today.

Dec 2, 2027

Possible deferral target

If Digital Omnibus passes — high-risk deadline pushed by 16 months.

// WHAT'S ON THE MARKET

Why €799?

The compliance market is bipolar: enterprise (Vanta-tier, $10-50k/yr) or DIY (€9,500+ of your time). The SMB layer is missing. My Pricora stack is reusable + Claude automation = low my cost = low your price.

Vanta / Drata

Enterprise

$10,000-50,000 / year
Setup: 4-12 weeks
SOC 2 / ISO / GDPR — primary focus
EU AI Act: add-on, not core
Sales call required before purchase
For mid-market 100+ emp with compliance team
Annual contract

aiactaudit.pl

SMB · self-serve

€799 one-time (founding rate)
Setup: 5-7 days
EU AI Act specifically (Annex III + Art. 50/99)
PDF report + Loom video walkthrough (5-10 min)
Self-serve: buy, audit starts Day 1
For SMB SaaS 10-150 emp without compliance team
30-day money-back guarantee

DIY self-assessment

In-house

€9,500-14,500 of your time
Setup: 4-6 weeks
Reading regulations + research
Annex IV documentation = 30+ categories per system
No external validation
Plus €5-9k legal review at the end
Risk: missing key Articles

Cold honest: if you have a compliance team and €10k+/yr budget — Vanta is better. If you have 100+h free per week and like reading regulations — DIY works. aiactaudit.pl is for SMB SaaS founders who have neither.

// PRICING

Packages

30-day money-back guarantee — no questions asked. All tiers include a legal disclaimer + sources.

Quick Audit

€799 one-time

Founding · standard €1,499

4h audit of your AI stack
Annex III classification
Top 10 violations + severity
Roadmap fix plan
Loom video walkthrough (custom)
PDF report
30-day money-back

Buy €799 →

Best Value

Audit + Quick-Fix

€1,999 one-time

Founding · standard €3,999

Everything in Quick Audit
Documentation templates
AI consent screen template
Logging setup guidance
2 weeks email support
Re-audit post-fix
30-day money-back

Buy €1,999 →

Continuous Monitoring

€299/mo

Founding · standard €499/mo

Quarterly re-audit
Member State updates
Slack/email alerts
Priority support 48h
Apple/Google policy alerts
12-month lock-in

Subscribe →

Studio Partner

€699/mo

Founding · standard €1,499/mo

Unlimited AI systems
Monthly 1h call
Compliance custodian role
Priority response 24h
Custom workflow integration
12-month lock-in

Contact →

Why so accessible? Vanta = $10-50k/yr enterprise. Freelance EU AI Act audit = €4,500+. DIY self-assessment = €9,500-14,500. I deliver this for €799 (founding) because the Pricora stack is reusable and Claude automation keeps cost low — which keeps your price low. Same depth, lower price.

// HOW IT WORKS

From purchase to PDF in 5 days

Async delivery. No sales calls, no setup overhead. Your time = 30 minutes (form + walkthrough).

You buy the audit

Pick a package, pay via Stripe. Fill out a short form about your company and AI stack.

I run the audit

4 hours of work: Claude skill ai-act-audit + manual review. Annex III classification, gap analysis, roadmap.

You get the PDF + call

Ready in 3-5 days. Severity ranking + fix recommendations + sources. Plus Loom video walkthrough.

Optional upgrade

High-risk → upgrade to Quick-Fix or Monitoring. Minimal/limited → relax.

// WHO BUILDS THIS

Who I am

Piotr Reder — solo founder, Malaga.

Just made it through the regulatory gauntlet with LocalBite (Apple DSA + EAA + Spanish autónomo). Built Pricora SaaS for Polish accountants from zero to live in 2 weeks.

15+ years in offshore industry, Anthropic Claude expertise, EU regulatory research (PL + EN markets).

WHAT I'M NOT

I'm not a lawyer

I don't provide legal services
I don't issue legal opinions
I don't represent clients before regulators
I don't promise "100% compliant" status
I don't eliminate penalty risk

WHAT I DO

I'm an auditor

I classify AI systems per Annex III
I deliver severity ranking + roadmap
I identify compliance gaps and fix costs
I'm actively looking for qualified EU AI Act counsel as legal partner
Each report includes mandatory disclaimer + recommendation for counsel review before final compliance decisions

Radical honesty: if someone is selling you "100% AI Act compliance" for €799 — they're lying. Compliance is a process, not a product. The €799 audit buys you clarity (classification + severity + roadmap), not insurance. Final legal sign-off always requires a lawyer.

// LEGAL

Legal Disclaimer

This audit is informational and does not replace legal advice. A final compliance determination requires review by qualified EU AI Act counsel.

Penalties under Article 99 EU AI Act:

€35M / 7% turnover (unacceptable risk)
€15M / 3% turnover (high-risk)
€7.5M / 1% turnover (incorrect information)

Sources (Q2 2026):