EU AI Act: AML and Fraud Detection AI Not ‘High-Risk’
Did you know that AI systems used specifically for Anti-Money Laundering (AML) and fraud detection in financial services are not classified as ‘high-risk’ under the EU AI Act? This distinction is important for the financial and compliance sectors! Here’s the detailed scoop:
Legal Basis
Regulation (EU) 2024/1689 Recital 58 explicitly states that AI systems designed for fraud detection in financial services, and those used for prudential purposes such as calculating capital requirements for credit institutions and insurance undertakings, should NOT be considered ‘high-risk’ under the AI Act. Annex III of the AI Act (Article 6(2)) lists ‘high-risk’ AI systems, including those evaluating creditworthiness or establishing credit scores, but explicitly excludes AI systems used for fraud detection.
Industry Perspective
The Luxembourg financial supervisory authority, CSSF, in its “Second thematic review on AI in Luxembourg’s financial sector,” notes:
“Regarding the AI Act classification (the AI Act entered into force only after the launch of the survey), we note that only 5% of use cases were rated as “High Risk” and refer mainly to use cases such as credit scoring, Internal Ratings Based (IRB) credit risk model and AML/Fraud detection, whilst the last two are actually excluded from the list of high-risk systems as defined in the Annex III of the AI Act. Indeed, the classification in the survey seems to reflect the perception of the risk of the use case for the entity, rather than its actual classification according to the AI Act.” (p.7)
European Commission’s Insight
The latest report by the EU AI Office analyzing stakeholder feedback stresses:
The clear exemption from prohibitions for AI systems designed for fraud detection and AML is “crucial to ensure that legitimate and necessary uses of AI for public safety and financial integrity are not hindered by overly broad regulations” (p.36). This “tone from the top” ensures that AI innovation in critical areas like fraud prevention is supported within a balanced regulatory framework.
What This Means for You
If you develop or deploy AI solutions for AML/fraud detection, you’re operating in a space recognized as essential and legitimately exempted from the highest regulatory burdens under the EU AI Act. This clarity helps compliance teams manage risks without stifling innovation, enabling smarter, safer financial systems.