EU AI Act and Payment Systems: High-Risk vs Limited-Risk Use Cases

The EU AI Act is not a future regulatory consideration for payment operators with EU exposure. Prohibited practices have been illegal since February 2025. GPAI obligations have applied since August 2025. The full framework applies from August 2026.

The challenge for payment operators is classification — understanding which of your AI systems fall into which risk tier, and what each tier actually requires. The common mistake is applying blanket “high-risk” framing to all payment AI, which overstates compliance requirements for some systems and potentially understates governance expectations for others.

This article builds the correct classification framework for every major payment AI use case.

The EU AI Act Timeline

Getting the timeline right matters — different obligations apply at different dates.

Date	What applies
1 August 2024	Act enters into force
2 February 2025	Prohibited AI practices banned; AI literacy obligations for deployers
2 August 2025	GPAI (General Purpose AI) model obligations
2 August 2026	Act generally fully applicable (most high-risk obligations)
2 December 2027	Certain high-risk areas under Annex III
2 August 2028	High-risk AI embedded in regulated products (Annex I — medical devices, machinery, etc.)

For payment operators, the practical implication: the prohibited practices and AI literacy obligations are already in force. The full high-risk compliance framework for most systems must be operational by August 2026.

The Four-Tier Risk Framework

The Act establishes four risk tiers. Only one requires formal conformity assessment and registration.

Tier 1 — Unacceptable risk (prohibited): AI practices that are banned outright. This includes social scoring by public authorities, real-time remote biometric identification in public spaces, subliminal manipulation, and exploitation of vulnerabilities. None of these apply to payment AI in legitimate commercial deployments.

Tier 2 — High-risk (Annex III): AI systems that pose significant risk to health, safety, or fundamental rights. Requires conformity assessment, technical documentation, registration, human oversight, and explainability. The list is defined by Annex III.

Tier 3 — Limited-risk: AI systems with specific transparency obligations only. Chatbots, AI-generated content, emotion recognition systems. No conformity assessment required — just transparency to users.

Tier 4 — Minimal risk: no specific obligations under the Act. Most payment AI falls here.

The Annex III Classification for Payment AI

Annex III lists the high-risk categories. The ones relevant to payment systems:

Creditworthiness assessment and credit scoring for natural persons — this is the primary high-risk category relevant to payments. It covers AI systems that determine whether a natural person can access credit, the terms on which they access it, and affordability assessment. The key phrase is natural persons — consumer-facing credit decisions.

Critical carve-out: the Act explicitly excludes AI systems used for detecting financial fraud from this creditworthiness high-risk category. This is not an ambiguity — it is a deliberate exclusion that removes transaction fraud scoring from Annex III high-risk classification.

Biometric identification and categorisation: remote biometric identification systems in public spaces are prohibited in most circumstances. One-to-one biometric verification (confirming a person matches their enrolled template) has carve-outs from the most restrictive provisions. Continuous biometric monitoring raises the most concern.

Access to essential services: AI that determines access to or denial of essential services for natural persons. Financial services access decisions — blocking an account, denying a payment product — could qualify depending on how the decision is structured and what role the AI plays.

Use Case Classification

Transaction fraud scoring

Classification: Minimal to governance-risk (NOT automatically high-risk)

This is the most widely mischaracterized case. Transaction fraud scoring — ML models that assess whether an individual payment transaction is fraudulent — is explicitly carved out from the Annex III creditworthiness high-risk category. The exclusion for AI used to detect financial fraud is clear.

This does not mean fraud scoring models have no governance requirements. Good governance includes: model drift monitoring (covered in the payment AI MLOps piece), fairness testing to ensure the model does not systematically disadvantage protected groups, explainability for significant false positive patterns (why are certain legitimate transactions declining?), and audit trail maintenance. But these are governance best practices, not EU AI Act conformity assessment obligations for most fraud scoring deployments.

The nuance: if a fraud scoring system is used to make consequential access decisions — permanently blocking a payment account for a natural person — the access-to-essential-services provision may come into play depending on how the decision is characterised.

BNPL and consumer credit affordability scoring

Classification: High-risk (Annex III)

BNPL affordability models that determine whether a natural person can access buy-now-pay-later financing, and on what terms, squarely meet the Annex III creditworthiness assessment definition. The subject is a natural person; the output determines access to credit.

Operators running BNPL products with AI-based affordability assessment should be building their conformity assessment documentation now. The full high-risk obligations apply from August 2026 — that is not much runway for systems that are already in production.

Biometric authentication for payment authorization

Classification: Limited-risk to high-risk depending on deployment

One-to-one biometric verification at point of sale — confirming that the person presenting a card matches the face on file — is a verification use case with carve-outs from the most restrictive biometric provisions. This is structurally different from one-to-many identification (matching an unknown face against a database).

Continuous biometric monitoring or authentication systems that operate in public spaces without explicit consent face far more restrictive treatment. Payment operators using behavioral biometrics (BioCatch-style typing cadence and device interaction monitoring) should assess whether their deployment constitutes biometric categorisation of natural persons under Article 3 definitions.

Automated merchant onboarding and KYB scoring

Classification: Governance-risk (not automatically high-risk)

As covered in the AI in merchant onboarding piece, KYB automation assesses legal entities — not natural persons in the consumer credit sense. It does not automatically fall into Annex III high-risk classification.

The governance expectations are rising regardless: auditability, explainability of risk scores, human review triggers, and defensible decision documentation are increasingly expected by AML supervisors and enterprise clients even where formal high-risk classification does not apply.

Payment routing ML models

Classification: Minimal risk

Intelligent routing models — ML systems that select the optimal processing path for each transaction — are operational optimization tools. They affect processing economics but do not make consequential decisions about individual consumers. Classification: minimal risk.

AML transaction monitoring

Classification: Governance-risk (ambiguous but likely not high-risk for detection purpose)

AML transaction monitoring AI — LLMs and ML in AML monitoring — sits in a gray zone. The fraud detection carve-out from creditworthiness covers systems designed to detect financial crime. AML monitoring’s primary purpose is crime detection and regulatory reporting, which falls within the spirit of that carve-out.

However, when AML systems generate Suspicious Activity Reports that lead to account freezes or termination for natural persons, the access-to-essential-services provision may be implicated. Financial institutions are applying precautionary governance to AML AI regardless of formal classification — explainability for SAR-generation decisions and human review of automated account restrictions are already expected by financial supervisors.

AI support agents and payment chatbots

Classification: Limited-risk (Article 50 transparency obligations)

Payment support chatbots and AI-generated customer communications fall under Article 50 transparency obligations. Users must be informed they are interacting with an AI system unless this is obvious from context. This obligation is relatively straightforward to implement: a disclosure at the start of the interaction satisfies the requirement.

This obligation has applied since August 2026 — the general application date. Payment operators running AI-powered customer service should confirm this disclosure is in place.

What High-Risk Classification Actually Requires

For systems that do qualify as high-risk — primarily BNPL consumer credit scoring — the obligations are:

Before deployment:

• Technical documentation describing the system: its purpose, design, training data characteristics, performance metrics, known limitations
• Conformity assessment: for most financial AI use cases, this is a self-assessment against the high-risk requirements (not a third-party audit, though third-party audits are optional)
• Registration in the EU AI Act database (operated by the European Commission)

At deployment and ongoing:

• Human oversight mechanism: a natural person must be able to understand, monitor, and where necessary override or shut down the system
• Accuracy, robustness, and cybersecurity specifications maintained throughout the lifecycle
• Logging capability: logs sufficient to identify the system’s outputs and contributing inputs for incidents
• Post-market monitoring plan: defined process for detecting performance degradation or adverse impacts after deployment

For individual decisions:

• Explainability to affected natural persons: if a consumer is denied credit through an AI-assisted decision, they have rights relating to explanation of that decision

The Governance Gap

The most practically important concept in the Act for payment operators is what might be called the governance gap — the space between formal high-risk classification and good governance practice.

Even for AI systems in the minimal or limited-risk tiers, the direction of regulatory and market expectation is clear: monitoring, fairness testing, explainability, and human oversight are increasingly expected by financial supervisors, auditors, and enterprise clients regardless of formal EU AI Act obligations.

Payment operators who build governance infrastructure — model cards, monitoring dashboards, explainability layers, human override capability — for all their AI systems are better positioned for whatever regulatory development follows the Act’s general application in August 2026. The operators who take a narrow “we’re not high-risk, we’re done” position are likely to face a second compliance cycle when supervisor guidance fills the governance gap the Act left open.

The practical starting point: inventory, classify, document. Know what AI you have, know which tier it belongs in, and document why. That documentation — which takes weeks to produce correctly — is the foundation for everything that follows.