Quick answer

Article 9 of the EU AI Act mandates that providers of high-risk AI systems implement a continuous, iterative risk management system throughout the entire lifecycle of the AI system. This system must identify, analyse, estimate, and mitigate risks, and be documented as part of the technical documentation required under Annex IV.

Updated June 2026 · MmowW AI Compliance

EU AI Act Article 9: Risk Management System Requirements

Overview of Article 9 Risk Management Obligations

Article 9 of Regulation (EU) 2024/1689, commonly known as the EU AI Act, establishes one of the most critical compliance requirements for providers of high-risk AI systems. The provision mandates the establishment and maintenance of a risk management system that operates as a continuous iterative process planned and run throughout the entire lifecycle of a high-risk AI system. This requirement applies from the design phase through deployment, monitoring, and eventual decommissioning.

The risk management system is not a one-time assessment. It requires regular systematic updating to account for new information, changes in the operating environment, and evolving understanding of the AI system's behaviour. Providers must ensure that this process is integrated into their organisational quality management practices and forms part of the technical documentation described in Annex IV of the Regulation.

Identification and Analysis of Known and Foreseeable Risks

The first substantive obligation under Article 9 requires the identification and analysis of known and reasonably foreseeable risks that the high-risk AI system can pose to health, safety, or fundamental rights. This analysis must consider the intended purpose of the system as well as conditions of reasonably foreseeable misuse.

Providers must take into account risks arising from the interaction of the AI system with other systems or with the environment in which it operates. The analysis should cover risks to individuals who are subject to the AI system's output, risks to operators and deployers, and broader societal risks where applicable. The scope of risk identification extends beyond purely technical failures to include risks related to bias, discrimination, and the erosion of fundamental rights as protected under the Charter of Fundamental Rights of the European Union.

Estimation and Evaluation of Risks

Once risks have been identified, Article 9 requires their estimation and evaluation. This step involves assessing the likelihood of each identified risk materialising and the severity of potential harm. The evaluation must consider the specific context in which the high-risk AI system will be deployed, including the characteristics of the persons or groups of persons on whom the system is intended to be used.

Risk estimation should employ appropriate methodologies, which may include quantitative approaches where sufficient data exists, or qualitative expert assessments where quantitative data is limited. The evaluation must account for the cumulative effect of multiple risks and the potential for cascading failures. Providers are expected to maintain records of their risk estimation methodologies and the rationale behind their risk evaluations as part of the ongoing documentation requirements.

Risk Mitigation Measures and Residual Risk

Article 9(2) requires providers to adopt suitable risk management measures in light of the state of the art. These measures must ensure that the residual risk associated with each hazard, as well as the overall residual risk of the high-risk AI system, is judged acceptable. When deciding on the most appropriate risk management measures, the provider must consider the effects and possible interactions resulting from the combined application of the requirements set out in Chapter III, Section 2 of the Regulation.

Risk mitigation follows a hierarchy of controls. Providers must first seek to eliminate or reduce risks through adequate design and development. Where elimination is not feasible, adequate technical mitigation measures must be implemented. Where residual risks remain despite these efforts, providers must ensure that deployers and affected persons receive adequate information and, where appropriate, training. Residual risk must be communicated clearly to deployers through the instructions of use required under Article 13.

The concept of acceptable residual risk is evaluated in relation to the intended purpose of the high-risk AI system and the overall risk management context. Providers must give due consideration to the expected level of experience and knowledge of the intended deployers and the environment in which the system will operate.

Testing Procedures and Validation

Article 9(5) through 9(7) address testing requirements. High-risk AI systems must be tested for the purposes of identifying the most appropriate and targeted risk management measures. Testing must ensure that the system performs consistently for its intended purpose and that it complies with the requirements of the Regulation.

Testing procedures must be suitable to achieve the intended purpose of the AI system and do not need to go beyond what is necessary to achieve that purpose. Testing must be performed at appropriate points throughout the development process and, in any event, prior to the placing on the market or putting into service. Testing must be carried out against prior defined metrics and probabilistic thresholds that are appropriate to the intended purpose of the high-risk AI system.

For high-risk AI systems that continue to learn after being placed on the market or put into service, the testing obligations extend to the post-market phase. Providers must establish procedures for monitoring and testing the system's performance in real-world conditions, including through post-market monitoring plans as required under Article 72.

Interaction with Article 10 Data Governance

The risk management system under Article 9 is closely interconnected with the data governance requirements of Article 10. Risks identified through the Article 9 process may directly relate to data quality issues such as bias in training datasets, insufficient representativeness, or inadequate data collection practices. Conversely, the data governance measures implemented under Article 10 serve as risk mitigation measures within the Article 9 framework.

Providers must ensure that their risk management and data governance activities are coordinated. For example, where the risk assessment identifies potential discrimination risks, the data governance framework must include specific measures to examine training, validation, and testing datasets for possible biases. The documentation of both processes should cross-reference each other to demonstrate a coherent and integrated approach to compliance.

This integrated approach reflects the broader structure of the EU AI Act, where the requirements of Chapter III, Section 2 are designed to function as a system rather than as isolated obligations. Effective compliance with Article 9 therefore requires a holistic understanding of how risk management connects to data governance, transparency, human oversight, accuracy, robustness, and cybersecurity requirements.

Check your AI compliance readiness — free.

Take the Readiness Check 3 minutes · 10 questions · no signup required

This article is for informational purposes only and does not constitute legal advice. Regulatory requirements change frequently — verify current rules with official sources. Built by Sawai Gyoseishoshi Office, Hiroshima, Japan.