The EU AI Act (Regulation (EU) 2024/1689) entered into force on 1 August 2024, with high-risk system obligations applying from 2 August 2026. Whistleblower-channel vendors and their customers are now confronting a question that the Act does not answer cleanly: are AI features for case triage, summarisation, and category suggestion high-risk? This piece sets out the analysis, the practical configuration that keeps a deployment outside the high-risk classification, and the documentation that has to exist regardless.
Direct answer
The EU AI Act classifies AI systems used for “employment, workers management and access to self-employment” as high-risk under Annex III, point 4. AI used in a whistleblower channel is high-risk only where the AI materially influences an employment decision affecting the data subject — typically a disciplinary or dismissal decision in respect of the subject of the report. Pure triage assistance (summarisation, category suggestion, severity scoring) where a human compliance officer reviews every AI output and makes every decision is not high-risk under the Annex III definition. The boundary is human oversight: the AI must be advisory, not autonomous, and the human reviewer must have the information, time, and authority to override.
What the AI Act says and what Annex III covers
Article 6 of Regulation (EU) 2024/1689 classifies an AI system as high-risk in two situations: (a) it is a safety component of a product covered by Union harmonisation legislation listed in Annex I, or (b) it is one of the use cases listed in Annex III.
Annex III, point 4 covers AI for employment, workers management, and access to self-employment, with two sub-points: (a) AI intended to be used for recruitment or selection, in particular to place targeted job advertisements, to analyse and filter job applications, and to evaluate candidates; (b) AI intended to be used to make decisions affecting terms of work-related relationships, the promotion or termination of work-related contractual relationships, to allocate tasks based on individual behaviour or personal traits, or to monitor and evaluate the performance and behaviour of persons in such relationships.
Sub-point (b) is the one that matters for whistleblower triage. The wording is “AI intended to be used to make decisions”. The European Commission’s draft guidance, expected to publish in mid-2026, is widely understood to interpret “make decisions” as covering systems that materially influence employment decisions, not only systems that take decisions autonomously. The exact boundary is contested.
When AI in a whistleblower channel becomes high-risk
The high-risk classification attaches where AI is used to take or materially influence an employment decision against an individual (the reporter, a witness, or the subject of the report). Concrete examples:
- A system that takes a report against a manager and automatically recommends disciplinary action against that manager based on the AI’s analysis: high-risk.
- A system that scores the credibility of the reporter using behavioural or stylistic features: high-risk on multiple grounds, and also prohibited under Article 5(1)(c) if it amounts to social scoring.
- A system that suggests how to allocate cases between investigators based on each investigator’s past performance: high-risk under point 4(b).
- A system that screens job applicants against a database of past whistleblower complaints they may have made: prohibited under Article 5(1)(f), since it amounts to inferring emotions or evaluating workers in contexts where this is forbidden.
The high-risk classification does not attach where the AI is genuinely advisory and the human reviewer has full information, time, and authority to override. Examples:
- AI summarises a long free-text report so the case handler can read it faster. The case handler reads the full report before any decision. Not high-risk.
- AI suggests a category (harassment / fraud / safety) and a severity. The case handler reviews and overrides freely. Not high-risk.
- AI clusters related reports across cases, surfacing patterns. The clustering is informational; case decisions are made on each case’s merits with human judgement. Not high-risk.
The middle case is summarisation that materially shapes the decision. If a case handler is presented only with the AI summary and not the full source, the AI has effectively taken the decision and the system is high-risk. Confidly’s UI shows the full report content and renders AI summaries as a side panel that the handler must consciously consult; the full text is always primary.
The four pillars of “not high-risk” configuration
To keep a whistleblower AI feature outside the high-risk classification, four pillars need to be in place.
1. Human oversight is not theatre. Article 14 of the AI Act sets the human-oversight standard. The human reviewer must be able to understand the AI’s capacities and limitations, monitor its operation, interpret its output, decide not to use it, intervene or override, and stop the system. In a whistleblower context this means the case handler must read the full case before decisions, must be trained on the AI’s limitations, must be able to disable AI outputs case-by-case, and must have logging that records when AI suggestions were accepted, modified, or rejected.
2. The AI does not materially influence the employment decision. The AI’s output is informational; the decision is on the merits of the underlying evidence. A clean test: if the AI output were removed, would the decision still have the same evidentiary basis? If yes, the AI is not material in the AI Act sense.
3. Documentation exists. Even non-high-risk AI features require documentation under Article 13’s transparency obligations: a description of the system, its purpose, its outputs, the risks, the mitigations, and the audit log of use. Confidly publishes a per-feature documentation pack covering the underlying model, the training data assurance, the safeguards, and the residual risks.
4. The risk classification is itself documented. Article 6 places the onus on the deployer to classify the system. The risk classification should be in writing, supported by analysis, and reviewable. The classification is part of the DPIA package and should be re-examined whenever the AI feature changes.
What high-risk would require if the line is crossed
If a deployment crosses into high-risk, the obligations multiply. Articles 9-15 require: a risk-management system, data-governance including representativeness and bias testing, technical documentation, automatic event-logging, transparency and instructions for use, human oversight, accuracy and robustness, and cybersecurity. The system must be CE-marked and registered in the EU database under Article 71. The supplier must conduct a conformity assessment under Articles 43-44.
For a SaaS whistleblower vendor, this is a substantial compliance program. It is achievable — anti-discrimination AI vendors have already done it — but it is not justified for triage assistance. The right product decision is to design the feature set so it is advisory only, with documentation and audit log to prove it.
What this means for compliance officers
The practical advice for compliance officers in 2026:
- Audit your channel vendor’s AI features against Annex III, point 4. Ask the vendor to provide the written risk classification.
- Confirm that your case handlers read full reports, not AI summaries alone, and that the case-management system enforces this in the UI flow.
- Add an “AI suggestions disabled” toggle to the per-channel configuration so you can disable AI for sensitive channels (executive cases, M&A-related concerns) and document the decision.
- Include the AI feature description in your DPIA and update both when the feature changes.
- Train case handlers on the limitations of the AI features. The Article 14 oversight standard requires that humans understand what the AI can and cannot do.
The AI Act is not designed to prevent AI in whistleblower channels. It is designed to ensure that where AI shapes employment decisions, the structure of the use is documented and the human role is preserved. For triage assistance, the AI Act is mostly a documentation discipline. For autonomous AI decisioning, it is a complete compliance program. Designing the feature in the advisory shape from the start saves both the vendor and the deployer a significant amount of work.