EU AI Act & Energy: Critical Infrastructure AI Under Annex III
AI systems managing electricity grids, water networks, and gas infrastructure are explicitly listed as high-risk under Annex III §2 of the EU AI Act. This guide explains who is affected, what obligations apply, and how the regulation interacts with NIS2.
AI systems that manage power grids, water treatment plants, and gas pipelines are among the clearest cases of high-risk AI in the EU AI Act. Unlike some categories where classification requires judgment, Annex III §2 names critical infrastructure management explicitly. If your organisation operates, deploys, or supplies AI for these sectors, you are already in scope — and the compliance clock is ticking.
What Annex III §2 Actually Says
Annex III lists eight categories of high-risk AI. Section 2 covers:
"AI systems intended to be used as safety components in the management and operation of critical digital infrastructure, road traffic, and the supply of water, gas, heating and electricity."
Three points matter here. First, the system does not need to cause an incident — it needs only to be intended as a safety component. Second, the definition follows the NIS2 Directive's understanding of critical infrastructure, which includes energy (electricity, gas, oil), water, and digital infrastructure operators. Third, the threshold is functional: a system that monitors, controls, predicts, or optimises operations in these networks qualifies, whether it is deployed in the control room or embedded in field hardware.
Who Is Affected?
The regulation creates obligations for two distinct actors:
Providers (Article 3(3)) are organisations that develop or commission AI systems and place them on the market or put them into service. For energy, this typically means:
- Software vendors building grid management, SCADA-integrated AI, or demand-forecasting platforms
- OT/IoT platform companies embedding predictive maintenance or anomaly detection
- Startups selling AI-driven fault detection tools to utilities
Deployers (Article 3(4)) are organisations that use those systems in a professional context. In energy, this means:
- Transmission system operators (TSOs) and distribution system operators (DSOs)
- Water utilities and municipal water authorities
- Gas transmission and distribution companies
- Nuclear operators (where AI supports safety-relevant functions)
Both actors carry distinct obligations. Providers bear the heaviest burden; deployers have secondary but enforceable duties under Article 26.
Full High-Risk Obligations: What the Law Requires
Risk Management System — Article 9
Article 9 requires providers to establish, implement, document, and maintain a risk management system throughout the AI system's entire lifecycle. For energy infrastructure AI, this is not a one-time exercise. The system must:
- Identify and analyse known and reasonably foreseeable risks to health, safety, and fundamental rights
- Evaluate risks that emerge during testing and post-deployment
- Implement risk mitigation measures, giving priority to elimination over control
- Test the AI system against the identified risks before market placement
In practice, energy sector providers must consider failure modes specific to operational technology: cascading grid faults triggered by erroneous AI decisions, adversarial inputs designed to destabilise control systems, and edge cases in extreme weather conditions.
Technical Documentation — Article 11 and Annex IV
Before placing a high-risk AI system on the market, providers must prepare technical documentation covering the system's purpose, architecture, training data, performance metrics, and risk management measures. Annex IV lists the 15 required elements in detail.
For energy AI, this documentation must include the operational domain (e.g., frequency regulation in a 220 kV network), the data sources used for training and validation, accuracy benchmarks against the relevant performance KPIs, and a description of the human oversight mechanisms built into the system.
Human Oversight — Article 14
Article 14 is one of the most operationally demanding requirements. High-risk AI systems must be designed and deployed so that natural persons can:
- Fully understand the system's capabilities and limitations
- Monitor the system's operation in real time
- Override, interrupt, or disable the system when necessary
For grid management AI, this means that an operator must be able to intervene at any decision point where the system influences a safety-relevant action — a voltage regulation command, a load shedding trigger, an automated switching sequence. The oversight mechanism cannot be nominal; it must be technically feasible given the speed of the system's actions.
Accuracy, Robustness, and Cybersecurity — Article 15
Article 15 requires that high-risk AI systems achieve appropriate levels of accuracy, be resilient against errors and faults, and resist adversarial manipulation. For critical infrastructure AI, the cybersecurity dimension is particularly significant: the system must be designed to minimise the risk of adversarial attacks that could distort outputs or cause dangerous behaviour.
This aligns directly with IEC 62443 requirements already familiar to many energy sector OT teams, but the AI Act elevates it to a legal obligation with documented evidence requirements.
Interaction with NIS2
The NIS2 Directive (EU 2022/2555) and the AI Act operate in parallel for energy critical infrastructure. NIS2 imposes cybersecurity risk management measures on essential entities in the energy sector; the AI Act layers AI-specific governance on top.
Key intersections:
- Incident reporting: NIS2 requires reporting of significant cybersecurity incidents within 24 hours (initial notification) and 72 hours (full report). If an AI system is involved in or causes a security incident, Article 73 of the AI Act adds a separate reporting obligation to the national market surveillance authority.
- Supply chain security: NIS2 Article 21 requires essential entities to address security in supply chains, including software. The AI Act's conformity assessment and technical documentation requirements for AI providers reinforce this.
- Governance overlap: Both regulations require documented risk management processes. Organisations should design a unified framework rather than running duplicate processes.
There is no formal coordination mechanism between NIS2 competent authorities and AI Act market surveillance authorities, so operators currently must manage both compliance tracks independently.
AI Systems in the Energy Sector: Classification Examples
| AI System | Classification | Key Obligation |
|---|---|---|
| Grid frequency prediction and automatic load control | High-risk (Annex III §2) | Full Art. 9, 11, 14, 15 compliance; conformity assessment |
| Predictive maintenance for transformer failure | High-risk if safety component; otherwise limited-risk | Risk management documentation; clarify intended purpose |
| AI-assisted demand forecasting (commercial only) | Likely not high-risk | Transparency obligations may apply (Art. 50) |
| Anomaly detection in SCADA networks (cybersecurity) | High-risk (Annex III §2 + potential Annex III §1 overlap) | Full high-risk obligations; NIS2 alignment |
| Smart meter data analytics for billing | Not high-risk | GDPR applies; minimal AI Act obligations |
| Autonomous fault isolation in distribution networks | High-risk (Annex III §2) | Art. 14 human override mechanism required |
| AI-driven pipeline pressure management | High-risk (Annex III §2) | Robustness testing per Art. 15 mandatory |
Compliance Deadlines — Updated for the AI Omnibus
The AI Omnibus provisional agreement (7 May 2026) replaces the original August 2026 deadline with fixed dates:
- 2 December 2027: high-risk obligations for standalone Annex III systems (including Annex III §2 critical infrastructure AI)
- 2 August 2028: high-risk obligations for AI embedded in products covered by Annex I sectoral legislation
Important Omnibus change for machinery in energy contexts: AI systems that are safety components of products covered by the Machinery Regulation (EU) 2023/1230 are excluded from AI Act high-risk obligations under the Omnibus deal — they must comply with the Machinery Regulation only. However, this exclusion does not apply to standalone AI systems managing critical infrastructure (grid management software, SCADA-integrated AI, demand forecasting platforms for grid operators): these remain squarely under Annex III §2 with a December 2027 deadline.
For AI systems already on the market before the new deadlines, Article 111(2) transitional provisions apply, provided no substantial modification is made.
Do not treat the delay as permission to wait. Building a compliant risk management system, preparing Annex IV technical documentation, and designing human oversight mechanisms takes 12–18 months for complex energy AI systems. Starting in 2026 is necessary to meet a December 2027 deadline.
Practical Next Steps
- Map your AI inventory: Identify every AI system involved in energy infrastructure operations and determine whether it qualifies as a safety component under Annex III §2.
- Determine your role: Are you a provider, a deployer, or both? The answer shapes your obligations.
- Verify Omnibus machinery exclusion: If your AI is embedded in a machine covered by the Machinery Regulation, confirm whether the Omnibus carve-out applies to your specific product before relying on it.
- Gap-assess against Article 9, 11, 14, 15: For each high-risk system, evaluate current documentation, oversight mechanisms, and robustness testing against the regulatory requirements.
- Align with NIS2: Integrate AI Act obligations into your existing NIS2 risk management and incident reporting procedures to avoid duplication.
- Set internal deadlines: December 2027 is the new target. Work backward — compliance preparation should begin now.
DILAIG's compliance audit tool maps your AI systems against Annex III automatically, generates gap reports aligned with Articles 9, 11, 14, and 15, and produces the technical documentation skeleton required before market placement. Start your audit at dilaig.com.