The takeaway in one sentence
Under the European Commission’s draft guidelines on high-risk AI classification, the language used to market and document an AI system is a regulatory factor that can determine whether the product falls into the high-risk category of the EU AI Act, with consequences that go well beyond regulatory compliance.
Why this matters now
On May 19, the Commission published draft guidelines clarifying how AI systems should be classified as high-risk under the AI Act. The guidelines are still in stakeholder consultation, but the direction is clear: classification is not driven solely by what the system technically does. It is driven to a significant degree by how the provider describes it.
For founders, executives, and investors in AI startups that could plausibly touch a high-risk use case, this shifts where compliance work needs to begin. Compliance work begins with the website, the sales deck, the terms of service, and the technical documentation, along with training the teams that produce these materials.
The updated timeline: more breathing room, but the work has not changed
Under the political agreement reached on the AI Omnibus on 7 May 2026, the application of the AI Act’s high-risk regime has been postponed. Subject to formal adoption, the new dates are:
- 2 December 2027: high-risk obligations apply to standalone high-risk AI systems listed in Annex III of the AI Act (for example, AI used in recruitment, credit scoring, education, access to essential services, or law enforcement support).
- 2 August 2028: high-risk obligations apply to AI systems that are products or safety components of products covered by EU product safety legislation (Annex I, for example, medical devices, machinery, toys, or radio equipment).
The Omnibus also narrowed the definition of “safety component”, clarifying that AI features that merely assist users or optimise performance will not automatically trigger high-risk classification if their failure or malfunction does not pose a risk to health or safety.
The 16-month postponement for Annex III systems and the 12-month postponement for Annex I systems are often welcomed, but the work itself does not get easier with time. Identifying every AI system in the organisation, classifying it correctly, and aligning marketing, contractual, and technical documentation is the hard part, and none of it depends on the standards being final. Starting now leaves around 18 months to refine and take necessary action.
The rule: intended purpose drives classification
The AI Act ties high-risk classification to the “intended purpose” of the system, and the intended purpose is defined by what the provider says, across instructions for use, contracts, terms of service, usage policies, promotional and sales materials, and technical documentation.
This has two practical effects:
- A general-purpose AI tool becomes a high-risk system the moment the provider’s materials position it for a listed high-risk use case (for example, recruitment, credit scoring, education, access to public services, or law enforcement support).
- An AI feature embedded in a regulated product can be treated as a safety component depending on how it is described and used. For example, “predictive maintenance” may simply mean helping a factory reduce downtime. But if the same feature is marketed as preventing dangerous equipment failures, avoiding injury, or triggering safety interventions, it starts to look like a safety function. You should ask yourself what happens if the AI gets it wrong. If the answer is “the customer loses efficiency,” that is different from “someone may get hurt“.
For safety components, the analysis is less about the label the provider gives the feature and more about what happens if the AI system fails or malfunctions. The trigger is not merely that the AI supports a regulated product, but that its failure or malfunction could endanger health, safety, or property, which means the provider has less room to shape the outcome through marketing language than in intended-purpose cases of Annex III.
In both cases, the provider’s own materials remain highly relevant. But for safety components, those materials matter most when they describe a function whose failure could create real-world safety or property risks.
The practical effect: broad positioning leads to high-risk classification by default
The draft guidelines make clear that broad marketing may expand the system’s intended purpose and make it harder to defend a non-high-risk classification, unless the provider has actively and consistently excluded the high-risk uses across all of its materials.
Three consequences follow:
1. Marketing breadth carries a regulatory cost. Positioning a product as a versatile, all-purpose AI tool, a common approach in growth-stage SaaS marketing, pulls high-risk use cases into the system’s intended purpose by default.
2. Disclaimers buried in terms of service are insufficient on their own. A clause excluding high-risk uses will not hold up if the rest of the website, sales deck, and case studies effectively promote such uses.
3. Consistency is required across all materials. Any limitations of use must be coherent across the website, contracts, terms of service, sales materials, and technical documentation. One channel contradicting another reopens the high-risk classification.
For a broader overview of how the EU AI Act applies, see our comprehensive EU AI Act guide.
The commercial impact: why high-risk classification can shape revenue and valuations
Most of the public discussion of high-risk classification focuses on regulatory consequences: conformity assessments, technical documentation, post-market monitoring, registration in the EU database, and so on. These are real and expensive. But for many AI companies, the commercial impact of high-risk classification will arrive earlier and bite harder than the regulatory one.
Corporate buyers are already pushing high-risk status into procurement. Enterprise procurement teams, especially at regulated customers such as banks, insurers, hospitals, and government agencies, have started to ask AI vendors a binary question: Is your system high-risk under the AI Act, yes or no? A growing number of standard procurement templates and DPAs include a vendor warranty that the AI system is not high-risk. Where the vendor cannot give that warranty, the buyer typically asks instead for a warranty of full compliance with the AI Act’s high-risk obligations, including conformity assessment, documentation, transparency, human oversight, and post-market monitoring.
The practical effect for a vendor is straightforward:
- If you can credibly warrant that you are not high-risk, deals close on standard terms.
- If you are high-risk and can credibly warrant full compliance, deals close with additional contractual obligations.
- If you cannot give either warranty cleanly, the deal stalls. Procurement will either walk away or require carve-outs, indemnities, and audit rights that founders are often not prepared to give.
Sloppy marketing copy is often the single factor that pushes a deal from the first category into the third. A vendor whose engineering and product reality are squarely outside high-risk territory can still fail a buyer’s diligence if the website, sales deck, or customer case study suggests otherwise.
Investors apply similar pressure during financing rounds. Term sheets and SPAs for AI companies increasingly include representations and warranties on AI Act status, including whether the company places high-risk AI systems on the EU market and, if so, whether it complies with the applicable obligations. Inability to give a clean rep typically leads to one of three outcomes: a remediation plan with milestones tied to closing, broader indemnities, or in worst cases a re-cut of valuation. The companies that come through diligence cleanly are those that have aligned their external positioning with a defensible classification before the lawyers arrive.
The combined regulatory and commercial picture changes the calculus. Even where a founder might be willing to accept some regulatory risk because the substantive obligations are still 18 or 30 months away, the commercial gating is happening now, across every enterprise deal and every financing round involving an AI company.
What this means in practice
For founders and executives placing AI systems on the EU market, the draft guidelines make copywriting a compliance discipline. Five practical implications follow:
1. Audit existing materials before the classification self-assessment. Before assessing whether an AI system is high-risk, read the website, sales deck, demo scripts, contracts, and technical documentation as a regulator, an enterprise buyer, and an investor’s diligence counsel would. Look for claims of versatility across domains, examples that touch high-risk use cases, and any language that could be read as a safety function in a regulated product.
2. Define a narrow, written intended purpose, and maintain it. A clear, specific intended purpose is the single most important compliance artefact a provider controls. Vague positioning maximises the addressable market on the marketing side and also increases regulatory and commercial exposure. This trade-off should be made deliberately.
3. Exclude high-risk uses consistently and credibly. If a system is not intended for high-risk use, this should be stated across all channels, supported by technical controls where feasible, and reflected in the marketing examples and case studies. A single sales deck showcasing a high-risk deployment can undo a carefully worded clause in the terms of service, and can also block a vendor warranty in a procurement negotiation.
4. Treat marketing, sales, product, legal, and commercial teams as one workflow. Under the AI Act, the boundary between commercial messaging and regulatory positioning has effectively disappeared. A new use case in a sales pitch, a new vertical on the website, or a new feature description in release notes can change the system’s intended purpose, its classification, and the warranties that can be given to buyers and investors.
5. Train and sensitise the teams that produce these materials. Marketing, sales, product, and technical writers need a working understanding of how the AI Act treats the concept of intended purpose. Without this, well-meaning copy decisions, an added vertical on the homepage, a customer story repurposed from a regulated industry, or a new feature description in a press release, can shift the system into high-risk territory before legal has had any opportunity to review. Recurring training, clear internal guidelines, and a defined review process for external-facing AI content are practical safeguards against accidental reclassification.
Key takeaways
- The intended purpose of an AI system is the central determinant of high-risk classification under the AI Act, and it is defined by the provider’s own marketing, contractual, and technical documentation.
- Subject to formal adoption of the AI Omnibus, high-risk obligations apply from 2 December 2027 for Annex III systems and from 2 August 2028 for Annex I products. The postponement does not change the substantive work required.
- Broadly positioned AI systems are classified as high-risk by default unless high-risk uses are consistently and credibly excluded across all materials. Boilerplate disclaimers in terms of service do not work on their own.
- Classification is not only a regulatory question. Enterprise buyers increasingly require warranties that vendors are either not high-risk or fully compliant, and investors apply the same logic in reps and warranties during financing rounds.
- Compliance work for the AI Act should begin with a coordinated review of marketing, contractual, and technical documentation, supported by training and sensitisation of the teams that produce them.
Schedule a consultation
If you are a founder, executive, or investor in an AI company and want to understand how the EU Commission’s draft guidelines affect your classification, your customer warranties, and your investor reps, and how to align your marketing, contractual, and technical documentation with the AI Act, schedule a consultation with the LEXR AI team.
FAQs
How does the EU Commission’s draft guidance determine whether an AI system is high-risk?
The draft guidelines determine high-risk classification primarily by reference to the AI system’s intended purpose, as set by the provider across its website, contracts, terms of service, sales materials, and technical documentation.
When do the AI Act’s high-risk obligations apply?
Under the political agreement on the AI Omnibus reached on 7 May 2026, and subject to formal adoption, high-risk obligations apply from 2 December 2027 for standalone Annex III AI systems and from 2 August 2028 for AI systems that are products or safety components covered by Annex I product safety legislation.
What happens if a provider markets an AI system broadly without excluding high-risk uses?
Broadly positioned AI systems are classified as high-risk by default unless the provider has actively and consistently excluded high-risk uses across all materials.
Why is high-risk classification a commercial issue and not only a regulatory one?
Enterprise buyers increasingly require AI vendors to warrant that their systems are not high-risk under the AI Act or that they are fully compliant with the applicable high-risk obligations. Investors apply similar logic in representations and warranties during financing rounds. A vendor whose external positioning is inconsistent with a defensible classification can lose deals or face valuation adjustments, regardless of the product’s technical reality.
Are disclaimers in the terms of service sufficient to avoid high-risk classification?
No. A clause excluding high-risk uses will not hold up if the overall presentation, examples, or product positioning effectively promote such uses.
Can customers or commercial partners not complying with the intended use become subject to provider obligations under the AI Act?
Yes. Modifying the intended purpose of an AI system already on the market, including by repositioning a third-party tool for a high-risk context in marketing materials, can transfer the full provider obligations to whoever made the change. A reseller, integrator, deployer, or other operator that modifies the intended purpose of a third-party system so that it becomes high-risk may become the provider of that modified high-risk system
Why is staff training relevant for AI Act compliance?
Because the intended purpose is shaped by materials produced by marketing, sales, product, and technical teams, those teams need a working understanding of how the AI Act treats classification. Without training and clear internal review processes, routine copy decisions can shift an AI system into high-risk territory before legal has reviewed them.
