EU AI Act \u2014 Self-Classification

AI System Classification Document

Classification of AI Attest under Regulation (EU) 2024/1689 (EU AI Act). This document assesses whether AI Attest constitutes a high-risk AI system under Annex III and documents the reasoning behind the classification.

Published: April 13, 2026 \u2014 Version 1.0.0

1. System description

Product name: AI Attest

URL: aiattest.io

Purpose: AI Attest is a compliance documentation platform that helps organizations assess, build, and document compliance with EU regulations (EU AI Act, GDPR DPIAs, and Cyber Resilience Act). It uses AI in its audit mode to classify uploaded documents against regulatory requirements. Build mode, compliance reports, and the cryptographic audit trail are deterministic (non-AI) systems.

AI components: AI Attest uses third-party general-purpose AI models (Anthropic Claude, OpenAI GPT-4o, Google Gemini) via their hosted APIs to perform document classification and field-level coverage assessment in Audit Mode, and to generate draft content in AI Drafting. Users supply their own API keys.

Intended users: Compliance officers, DPOs, AI governance leads, CTOs, and legal teams at organizations subject to EU regulations.

2. Annex III assessment

The EU AI Act (Article 6) defines high-risk AI systems as those listed in Annex III. We assess AI Attest against each category:

1. BiometricsNot applicable

AI Attest does not process biometric data or perform identification/categorisation of natural persons.

2. Critical infrastructureNot applicable

AI Attest does not manage, operate, or make decisions about critical infrastructure (water, gas, electricity, transport, digital infrastructure).

3. Education and vocational trainingNot applicable

AI Attest does not determine access to education, evaluate learning outcomes, or monitor student behavior.

4. Employment, workers managementNot applicable

AI Attest does not make recruitment, promotion, termination, or task allocation decisions. It is not used in employment contexts.

5. Access to essential servicesNot applicable

AI Attest does not evaluate creditworthiness, set insurance premiums, or determine access to public assistance, emergency services, or essential private services.

6. Law enforcementNot applicable

AI Attest is not used for risk assessment of natural persons, polygraphs, evidence evaluation, profiling, or crime analytics.

7. Migration, asylum, border controlNot applicable

AI Attest does not process visa applications, assess security risks at borders, or assist in migration-related decisions.

8. Administration of justiceNot applicable

AI Attest does not assist judicial authorities in researching, interpreting, or applying the law to facts.

3. Classification determination

AI Attest is classified as a non-high-risk AI system.

AI Attest does not fall under any category listed in Annex III of the EU AI Act. It is a compliance assistance tool that helps organizations document their own compliance \u2014 it does not make decisions about natural persons in any of the high-risk categories.

This classification means AI Attest is not subject to the conformity assessment requirements of Articles 9\u201315. However, as a system that uses AI, it is subject to transparency obligations under Article 50, which are addressed in our AI Transparency Disclosure.

4. Article 50 obligations

Although not high-risk, AI Attest complies with Article 50 transparency requirements:

Compliant

Users are informed they are interacting with an AI system

AI Transparency Disclosure published. Audit Mode explicitly labelled as AI-assisted.

Compliant

AI-generated content is marked as such

Audit reports include provider and model metadata. AI Drafting outputs are clearly labelled.

Compliant

Machine-readable marking of AI-generated content

JSON exports include provider, model, and generation metadata.

5. Review schedule

This classification will be reviewed upon any of the following events: material changes to AI Attest's functionality or intended purpose, publication of new harmonised standards or implementing acts affecting classification, issuance of guidance by the AI Office or national competent authorities, or at minimum annually. Next scheduled review: April 2027.

6. Related documents

Terms of Service \u2014 liability, data handling, beta terms

Privacy Policy \u2014 data collection, processors, retention, rights

AI Transparency Disclosure \u2014 Article 50 compliance, AI vs deterministic features

AI Attest \u2014 AI System Classification Document v1.0.0 \u2014 Published April 13, 2026 \u2014 Regulation (EU) 2024/1689, Article 6 and Annex III