EU Regulation

EU AI Act & Robots: What It Means for Physical AI Hardware

Robots enter the EU AI Act via two distinct legal routes. The Machinery Regulation adds a parallel compliance layer. January 20, 2027 is the hard deadline — no grace period.

Last updated: July 2026

The two legal routes into the AI Act

Route 1: Annex I — Product safety route

Safety component of a product under sectoral law

If a robot's AI system functions as a safety component of a product covered by EU sectoral legislation (such as the Machinery Regulation), it is automatically classified as high-risk under AI Act Annex I.

Example: An industrial robot where the AI controls safety-critical motion in a shared workspace. The AI component is a safety component of the machinery product.

Updated May 2026: Machinery Regulation moved from Annex I-A to I-B, eliminating dual compliance burden.
Route 2: Annex III — Use-case route

High-risk use case regardless of product type

If the robot performs functions listed in Annex III, it is high-risk regardless of whether it is a product covered by sectoral legislation. Use cases include: biometric identification, critical infrastructure management, employment and worker management.

Example: A security robot that uses biometric identification to grant facility access. The use case (biometric ID) triggers Annex III, not the product category.

Standalone Annex III deadlines delayed 16 months by May 2026 omnibus → December 2027.

Machinery Regulation 2023/1230: what it requires

Enforcement date: January 20, 2027. No grace period. Products with ML-based safety functions placed on EU market after this date must comply. Third-party Notified Body assessment required for ML safety functions.

Notified Body assessment

ML-based safety functions require third-party assessment by an EU Notified Body — an accredited independent testing organization. Self-declaration alone is not sufficient for safety-critical AI.

Human supervisory function

Mandatory design requirement: the system must always allow a human to supervise and override automated decisions. Must be documented in technical file.

Digital documentation

Full technical documentation must be maintained digitally for 10 years from market placement date. Must be available to market surveillance authorities on request.

Safety-related software updates

Any update to software affecting safety functions triggers a new conformity assessment. Cannot push safety-relevant updates to deployed machines without re-evaluation.

Consumer vs industrial: what actually applies

Industrial robots (warehouse, manufacturing)

Subject to Machinery Regulation. If AI controls safety-critical functions → also high-risk under AI Act Annex I. Requires Notified Body assessment for ML safety components from January 2027.

Consumer home robots

No binding EU rules as of 2026 if not classified as safety-critical. A companion robot (aibo, Lovot) does not meet Annex I or Annex III thresholds under current interpretation.

Medical / surgical robots

Covered by Medical Device Regulation (MDR) as primary law. AI Act applies as overlay. Both compliance frameworks must be satisfied simultaneously.

Security / surveillance robots

Biometric identification use cases → Annex III. Real-time remote biometric ID in public spaces is prohibited (with narrow exceptions). Post-hoc biometric ID is regulated but not prohibited.

High-risk compliance: what you must do

If your robot system is classified high-risk under either route, these obligations apply before EU market placement.

Risk management system
Documented risk identification and mitigation process across the product lifecycle.
Data governance
Training data must be bias-free, representative, complete. Documentation of data sources.
Technical documentation
Full design and development documentation kept for minimum 10 years.
Automatic event logging
System must log events autonomously. Logs must be traceable and tamper-resistant.
Transparency and user information
Users must receive information enabling them to interpret system output and override decisions.
Human oversight
Mandatory human supervisory function. System must be designed to allow human intervention at all times.
Accuracy and robustness
System must be resilient against errors, faults and inconsistencies. Performance metrics must be declared.
Cybersecurity
Protection against unauthorized access, modification or misuse.
EU database registration
High-risk AI systems must be registered in EU AI database before market placement.

Frequently asked questions

Does the EU AI Act apply to robots?
Yes, via two routes: Annex I (safety component of product under sectoral law) or Annex III (use-case based — biometrics, critical infrastructure, etc.). Not all robots are covered — only those meeting these specific criteria.
When does the EU Machinery Regulation apply to robots?
Enforcement begins January 20, 2027. No grace period. ML-based safety functions require Notified Body third-party assessment. Digital documentation must be kept for 10 years.
What changed in the May 2026 AI Act omnibus?
Machinery Regulation moved from Annex I-A to I-B (eliminating dual compliance). Safety component definition narrowed. Standalone Annex III deadlines delayed 16 months to December 2027.
Do home robots need to comply with the EU AI Act?
As of 2026, consumer home robots not classified as safety-critical have no binding EU rules. Companion robots like Sony aibo do not currently fall under Annex I or Annex III.