AI Act for Telecommunications: Which AI Systems Are High-Risk and What You Must Do

Under the EU AI Act (Regulation 2024/1689), the following AI applications in Telecommunications are classified as high-risk and require full conformity assessment before August 2, 2026:

Network security AI as critical infrastructure, automated customer service, fraud detection

These systems fall under Annex III category 2(a) critical infrastructure, NIS2 interaction. Providers must implement risk management (Article 9), maintain technical documentation (Article 11), ensure data governance (Article 10), and enable human oversight (Article 14).

Critical infrastructure conformity. NIS2 + AI Act dual compliance. Network resilience requirements. Customer transparency.

Providers (developers of AI systems) bear primary compliance responsibility: conformity assessment, CE marking, EU database registration, and post-market monitoring.

Deployers (companies using AI systems) must ensure human oversight, conduct Fundamental Rights Impact Assessments where required, and maintain usage logs.

AI Act enforcement begins August 2, 2026. No precedent currently exists. This page will be updated as enforcement cases emerge.

Penalties for non-compliance range up to EUR 35 million or 7% of global annual turnover for prohibited practices, and EUR 15 million or 3% for other violations.

• AI Act High-Risk Classification Guide
• Conformity Assessment: Step-by-Step
• Fines and Penalties Across EU
• August 2026 Deadline Checklist