REGULATION (EU) 2024/1689 · AUGUST 2026 · HIGH-RISK

AI Act on the Shop Floor: Vision, Predictive Maintenance & Collaborative Robots.

Regulation (EU) 2024/1689 classifies by risk the AI systems already running on your production line. IgeraIndustria answers which article applies, what documentation is required, and which transitional deadline applies to each system.

Regulation 2024/1689 indexed Annex III industrial systems <3s response

Three numbers every industrial quality lead should know

The AI Act does not regulate "AI" in the abstract — it classifies concrete systems by risk level. On the factory floor this directly affects quality vision, predictive maintenance, and cobots.

Aug 2, 2026

Deadline for full compliance with high-risk system obligations under Annex III.

€35M / 7%

Maximum fine for prohibited AI practices: €35 million or 7% of global turnover, whichever is higher.

Annex III

The high-risk systems list. Covers AI embedded as a safety component in machinery already subject to CE marking.

Risk classification of industrial AI systems

The AI Act uses a pyramid approach: prohibited practices, high-risk, limited risk, and minimal risk. Most industrial applications fall between high-risk and minimal risk, depending on whether the system acts as a safety component.

Machine-vision quality control

High-risk when accept/reject decisions affect the safety of the final product (e.g. detecting cracks in structural parts). Minimal risk when the check only covers aesthetics or labelling.

Predictive maintenance

Minimal risk when it only generates alerts for a human decision. High-risk when it can automatically stop the machine or change safety parameters without oversight.

Collaborative robots (cobots)

High-risk when the AI system autonomously sets force, speed or proximity limits affecting operator safety, integrated with the Machinery Regulation.

Process optimisation and demand forecasting

Generally minimal risk: no impact on physical safety or fundamental rights, though the classification decision should still be documented.

AI in recruitment and staff evaluation

Explicitly high-risk under Annex III, even in an industrial context: candidate screening or operator performance-evaluation systems.

Plant access security systems

High-risk if they use biometric identification; limited risk (transparency obligations) if they only perform 1:1 verification with explicit consent.

Obligations for high-risk systems (Art. 8-15)

When an industrial AI system qualifies as high-risk, the provider — and, to a lesser extent, the deployer — must meet a specific set of requirements before it goes into service.

Risk-management system (Art. 9)

A continuous, iterative process throughout the system's lifecycle, identifying, estimating and mitigating known and foreseeable risks.

Technical documentation (Art. 11, Annex IV)

Description of the system, training data, accuracy metrics, robustness and cybersecurity, and the human-oversight architecture.

Automatic event logging (Art. 12)

Logging that allows the system's operation to be traced throughout its lifetime — essential for investigating incidents on the shop floor.

Transparency and information to the deployer (Art. 13)

Clear instructions for use that allow the plant operator to correctly interpret the system's outputs.

Effective human oversight (Art. 14)

Technical measures allowing a natural person to intervene in or disable the system — especially relevant for cobots and stop functions.

Accuracy, robustness and cybersecurity (Art. 15)

Adequate accuracy levels declared in the documentation, resilience against errors, and protection against manipulation of input data.

Frequently asked questions — AI Act for manufacturing

Which industrial AI systems count as "high-risk" under the AI Act?

Annex III of Regulation (EU) 2024/1689 classifies as high-risk any AI system used as a safety component of a product already covered by EU harmonisation legislation (machinery, toys, lifts, pressure equipment) where third-party conformity assessment is mandatory. In practice this covers: machine-vision systems that decide accept/reject on safety-critical parts, predictive-maintenance AI integrated into a machine's safety functions, and collaborative robots (cobots) that autonomously set force or speed limits. AI systems that optimise processes without a safety impact — demand forecasting, for example — typically do not qualify as high-risk.

When do the high-risk obligations actually take effect?

The Regulation entered into force on 1 August 2024 with staggered application. Prohibited AI practices have applied since 2 February 2025. Governance obligations and codes of conduct for general-purpose AI models apply from 2 August 2025. Full obligations for Annex III high-risk systems — which cover most industrial applications — apply from 2 August 2026, with an additional transitional period until August 2027 for high-risk systems already embedded in products regulated under harmonisation legislation such as machinery or medical devices.

What technical documentation does a high-risk AI system require?

The provider of a high-risk system must maintain a continuous risk-management system (Art. 9), detailed technical documentation (Art. 11 and Annex IV) describing the system design, training data, and accuracy metrics, automatic event logging (Art. 12), clear instructions for the deployer (Art. 13), effective human oversight (Art. 14), and guarantees of accuracy, robustness and cybersecurity (Art. 15). The deployer — the company using the system on the shop floor — has narrower obligations but must still ensure human oversight, use in line with instructions, and incident logging.

Who is the "provider" and who is the "deployer" when a factory buys a vision-AI system from a vendor?

The company that develops the vision-AI software (the defect-detection algorithm, for example) is the "provider" and takes on the full obligations of Article 16. The manufacturing company that buys and integrates that system into its production line is the "deployer" (Art. 26), with narrower obligations: use in line with the provider's instructions, adequate human oversight, monitoring of operation, and reporting of serious incidents. If the manufacturer substantially modifies the system or places it on the market under its own brand, it can itself become a provider and inherit the full obligations.

What penalties does the AI Act impose for non-compliance?

Maximum fines reach up to €35 million or 7% of global annual turnover (whichever is higher) for the use of prohibited AI practices. For breaches of high-risk system obligations, the maximum fine is €15 million or 3% of global turnover. Supplying incorrect information to authorities can be fined up to €7.5 million or 1% of turnover. SMEs benefit from proportionally lower caps within these ranges.

Do I need a conformity assessment if I integrate AI into machinery that already has CE marking?

In most cases, yes. When an AI system is integrated as a safety component of a machine already subject to Machinery Regulation (EU) 2023/1230 and CE marking, the AI Act conformity assessment is combined with the machinery conformity assessment into a single harmonised process. The notified body reviews mechanical safety requirements and AI Act requirements — risk management, accuracy, human oversight — together before issuing the certificate.

Is a predictive-maintenance system that only generates alerts high-risk?

Generally not. An AI system that analyses sensor data and generates maintenance alerts for a technician to act on typically does not qualify as high-risk, because it does not act as an autonomous safety component. Classification changes if the system can automatically stop the machine or modify safety parameters without human intervention — in that case it is evaluated as a machinery safety component and may fall under Annex III.

How does IgeraIndustria help prepare AI Act compliance?

IgeraIndustria indexes the full text of Regulation (EU) 2024/1689 alongside your internal technical documentation for AI systems — vendor data sheets, risk assessments, human-oversight logs — letting your quality or digitalisation lead ask in plain language whether a specific system falls under Annex III, what documentation the applicable article requires, and which transitional deadline applies, always citing the exact article.

Are your shop-floor AI systems AI Act compliant?

  • Free 14-day trial — no credit card required
  • Full Regulation (EU) 2024/1689 preindexed from day one
  • Upload AI vendor data sheets, risk assessments and oversight logs
  • Answers cite the exact article and applicable transitional deadline
Start free trial