§ AI Act · Article 9

Risk Management System for High-Risk AI Systems

Regulation (EU) 2024/1689 · Article 9 · Source
Plain-language summary
Providers of high-risk AI systems must establish, implement, document, and maintain a continuous risk management system throughout the AI system's lifecycle. This system requires regular reviews and updates to identify, analyze, and evaluate risks to health, safety, or fundamental rights, including those affecting vulnerable groups. Providers must estimate and assess these risks, implement measures to mitigate them, and ensure remaining risks are acceptable. The system must also include testing to validate risk management measures and confirm the AI system operates as intended.
Who it applies to
providers of high-risk AI systems
Compliance deadline
Phased application of Regulation (EU) 2024/1689 — most provisions apply from 2 August 2026.
§ What Fontvera found

Documents that cite Article 9

edpb EU Fetched 2026-06
EDPB-EDPS Joint Opinion 03/2022 on the Proposal for a Regulation on the European Health Data Space
edpb EU Fetched 2026-06
EDPB-EDPS Joint opinion 1/2026 on the Proposal for a Regulation as regards the simplification of the implementation of harmonised rules on artificial intelligence (Digital Omnibus on AI)
edpb EU Fetched 2026-06
EDPB-EDPS Joint opinion 2/2026 on the Proposal for a Regulation as regards the simplification of the digital legislative framework (Digital Omnibus)
edpb EU Fetched 2026-06
EDPB-EDPS Joint Opinion 3/2026 on the Proposal for a European Biotech Act
edpb EU Fetched 2026-06
EDPB: Opinion 28/2024 on certain data protection aspects related to the processing of personal data in the context of AI models
edpb EU Fetched 2026-04
EDPB: Legal basis
edpb EU Fetched 2026-04
EDPB: Automated decision & profiling
edpb EU Fetched 2026-04
EDPB: Controller
§ Cross-references

Related articles

Article 5
Prohibited AI Practices
Article 6
Classification Rules for High-Risk AI Systems
Article 11
Technical Documentation for High-Risk AI Systems
Article 13
Transparency and Provision of Information to Deployers

Related Fontvera intelligence

DEADLINE
EU AI Act August 2026 Deadline: Complete Compliance Checklist
DIAGNOSTIC
AI Act High-Risk Classification: Annex III Categories and How to Determine if Your AI System Qualifies
COMPARISON
GDPR vs AI Act: Where Personal Data and AI Compliance Collide
COUNTRY
AI Act in France: National Authority and Compliance Requirements
Need a cross-border briefing on Article 9?
Search Fontvera ↵ Run the AI Act diagnostic
AI Act Article 50 transparency
50 days
until 2026-08-02, when Article 50 transparency obligations apply (unchanged). Annex III high-risk obligations move provisionally to 2 December 2027 under the Digital Omnibus agreement of 7 May 2026, pending formal adoption.
Preparing for 2 August 2026? Read the EU AI Act August 2026 deadline requirements checklist.
Intelligence · About · Pricing · Privacy · Terms
100% European infrastructure