Updated 1 July 2026 · The Digital Omnibus AI Act, adopted 29 June 2026 (EP 16 June), postpones Annex III high-risk obligations to 2 December 2027 (the EP press release enumerates biometrics, critical infrastructure, education, employment, law enforcement, border management; non-exhaustive · §5 essential services banking/credit expected to be covered by the general postponement, consolidated text pending). The Eurogroup publicly demanded access to Anthropic's Mythos model in May 2026 so EU banks would not be exposed vs US peers. The DORA × AI Act intersection sharpens.
AI Act pre-conformity · Banking sector (Annex III §5(b))
Credit-scoring AI under the EU AI Act
Annex III §5(b) + DORA × Article 26, and what it means for your conformity pathway.
Credit institutions using third-party AI scoring trigger Annex III §5(b) and Article 27 FRIA automatically by activity. The 7 May 2026 Digital Omnibus did not exclude banking; Annex III §5 binds 2 December 2027. The DORA × AI Act intersection has sharpened: in May 2026 the Eurogroup publicly demanded EU access to Anthropic's withheld Mythos model so EU banks would not be exposed versus US peers. Whether your GPAI provider has signed the Code of Practice is now a deployer question, not a vendor question.
- · Independent; not affiliated with any provider, regulator, or notified body
- · Article-by-article: Annex III §5 + Article 26 §1–§12 + Article 27 FRIA + Article 25 reverse-bascule + DORA Article 28
- · 18-month runway: 2 December 2027 · confirmed post-Omnibus, not arbitrable
Definition
Annex III §5(b) of the EU AI Act classifies as high-risk AI systems intended to evaluate the creditworthiness of natural persons or establish credit scores. The classification applies automatically by activity for credit institutions under Regulation (EU) 575/2013, regardless of vendor location. One narrow exception exists: fraud detection, and only where it is the main intended use of the system (Draft Commission Guidelines on Article 6, §307, 19 May 2026). A profiling carve-out closes a common escape route: most retail credit scoring meets the GDPR Article 4(4) profiling definition by construction, which always disqualifies the Article 6(3) filter. The binding deadline post-Digital Omnibus (7 May 2026) is 2 December 2027.
Classification
When AI scoring puts you in Annex III §5(b)
Annex III §5(b) covers AI systems intended to evaluate creditworthiness or establish credit scores of natural persons. The text provides one narrow exception: fraud detection, and only where fraud detection is the main intended use of the AI system, preceding all other purposes (Draft Commission Guidelines on Article 6, §307, 19 May 2026). A second structural carve-out closes a common escape route: a system that performs profiling within the meaning of GDPR Article 4(4) is always high-risk under Annex III, regardless of the four filter conditions of Article 6(3) (Draft Guidelines §89). Most retail credit scoring meets the GDPR profiling definition by design. If the deployer is a credit institution under Regulation (EU) 575/2013 and uses third-party AI scoring (or fine-tunes a vendor model on internal data), the deployer cascade activates: Article 26 §1–§12 + Article 27 FRIA automatic + Article 25(1)(b) reverse-bascule check.
Test: do you make or substantially influence a credit decision using AI? If yes: Annex III §5(b) applies, Article 27 FRIA is automatic, and Article 26 deployer obligations cascade.
| Activity | Annex III §5 | Article 27 FRIA |
|---|---|---|
| Consumer credit scoring (third-party AI) | Yes · §5(b) | Yes · automatic by activity |
| Insurance pricing using AI | Yes · §5(c) | Yes · automatic by activity |
| Anti-fraud detection (narrow scope) | No · §5(b) exception | No (provider scope) |
| Internal credit risk modelling (no individual decision) | Case-by-case Art. 6(3) | Conditional |
Source: Reg. 2024/1689 Annex III §5 · Reg. (EU) 575/2013 (CRR) · CJEU SCHUFA C-634/21 precedent on automated credit decisions.
Timeline
The banking deadline is 2 December 2027, not 2 August 2026
Most companies in the AI ecosystem focus on 2 August 2026 (Article 50 transparency). For credit institutions and insurers under Annex III §5, the binding deadline post-Digital Omnibus (adopted 29 June 2026) is 2 December 2027. High-risk obligations on Annex III high-risk use cases are postponed by 16 months from the original 2 August 2026.
Banking is expected to be covered by the Annex III general postponement to 2 December 2027 (the EP press release of 7 May 2026 enumerates biometrics, critical infrastructure, education, employment, law enforcement, and border management; the enumeration is non-exhaustive; §5 essential services covered by the general postponement per Council/IAPP/Modulos triangulation, consolidated text pending). Unlike machinery (which received an overlap removal), banking did not receive a sectoral exemption. ~18 months of regulatory runway to produce a defensible position before binding obligations apply.
Note on certainty: 10 EU Member States (AT, DK, NL, SK, SI, ES, GR, PT, RO, LV) formed a blocking minority against further deregulation. The 2 December 2027 deadline is durable. Vente sur certitude, pas sur arbitrage.
Sources: Reg. 2024/1689 Annex III · Council/Parliament press release (7 May 2026) · Bloomberg, 4 May 2026 (bloomberg.com/news/articles/2026-05-04/euro-finance-chiefs-want-mythos-ai-access-to-prepare-defenses) · MLex EU member states diverging views.
Four deltas
Four obligations specific to banking deployers
DORA, GDPR Art. 22, EBA guidelines, and CRR provide a strong foundation for credit-decision compliance. But none of them produces an AI Act paragraph map. These deltas need to be added to the existing risk framework.
Delta 1 · Article 27 FRIA automatic by activity
Unlike HRTech (where FRIA is conditional on works-council activation) or healthcare (where FRIA does not apply at all), Annex III §5 banking deployers face automatic FRIA the moment Annex III obligations bind. The fundamental rights impact assessment is not optional.
Delta 2 · DORA Article 28 × Article 26 (third-party ICT)
Your GPAI provider is a critical ICT third-party under DORA. Whether they have signed the EU GPAI Code of Practice, and whether they participate in coalitions like Project Glasswing, is now a deployer due-diligence question, not a vendor procurement question.
Delta 3 · Article 25(1)(b) reverse-bascule
Banks that fine-tune a vendor scoring model on their own historical data may be reclassified as providers under Article 25(1)(b), inheriting the heavier Articles 16–22 regime. The boundary check is contractual, not technical: performed at the moment a fine-tuning option is contractually accepted.
Delta 4 · SCHUFA precedent integration
CJEU SCHUFA (C-634/21) ruled that credit scoring constitutes automated decision-making under GDPR Article 22 even when a human formally signs off. Article 26 §11 post-decision information now interlocks with GDPR Article 22 explanation rights. Failure to integrate creates dual-regime exposure.
Sources: Reg. 2024/1689 Articles 25–27 · Reg. (EU) 2022/2554 DORA · Reg. (EU) 2016/679 GDPR Art. 22 · CJEU C-634/21 SCHUFA · EBA guidelines on internal governance.
Our scope
What our assessment covers for banking AI
The Sprinkling Act report for a banking AI system covers the six gates of the standardised methodology, with the banking specificity layered in.
- •G1 · Art. 5 · Are any of the 8 prohibited practices triggered?
- •G2 · Art. 6(1) · Is the AI system a safety component of an EU-regulated product? (rare for banking, but checked)
- •G3 · Art. 6(2) + Annex III §5 · Credit/insurance scoring classification · core gate for banking
- •G4 · Art. 50 · Does an end user interact with the AI without knowing? (chatbot disclosure)
- •G5 · Art. 51/53 · Does the system use or distribute a general-purpose AI model? (Code of Practice signature check)
- •G6 · Art. 6(3) · Can the “no significant risk” exception apply?
Banking specificity:
- ·Annex III §5(b)/(c) determination with CJEU SCHUFA precedent applied
- ·Article 27 FRIA scope memo (mandatory for §5 by activity)
- ·Article 26 §1–§12 paragraph subset map (banking-specific active subset)
- ·Article 25(1)(b) reverse-bascule check on fine-tuning contracts
- ·DORA Article 28 third-party ICT cross-reference for GPAI providers
- ·GDPR Article 22 × AI Act Article 26 §11 dual-regime mapping
- ·Timeline orientation (2 December 2027 post-Digital Omnibus + significant change trigger)
Out of scope (explicit):
- ×Internal credit risk model validation (handled by EBA/CRR-aligned providers)
- ×DORA full ICT risk management framework (separate engagement)
- ×Stress-testing or capital adequacy assessment
Integration
How this fits with DORA, GDPR Article 22, and EBA guidelines
DORA covers ICT operational resilience, including third-party providers. The AI Act covers the AI-specific obligations layered on top: paragraph subset mapping, FRIA, reverse-bascule, and the GPAI provider due-diligence question that DORA frames but doesn't answer. GDPR Article 22 covers automated decision-making rights; AI Act Article 26 §11 specifies the post-decision information obligation. EBA guidelines on internal governance frame the broader risk function. Our report sits at the intersection, article-mapped, not regime-substitutive.
Concretely: the banking deployer ends up with four documents (DORA ICT risk register, GDPR Art. 22 record, AI Act Article 26 paragraph map, EBA governance trail). The Sprinkling Act report produces the third document. The other three are produced by your existing risk framework.
One specific interplay deserves attention. The Draft Commission Guidelines (§§322–328, 19 May 2026) clarify that an AI system used both for credit scoring of natural persons and for prudential purposes under Article 144 CRR (internal ratings-based approach) or Article 120 Solvency II remains high-risk under Annex III §5(b), regardless of the fact that the same system is also used for internal ratings or own funds calculation (§324, verbatim). The only narrow path out is architectural: if a bank uses two separate AI systems (one for credit scoring as IRB input, one for IRB itself derived from the first), the IRB system inherits the credit-scoring output but is not classified as high-risk under §5(b). For most existing IRB infrastructures that integrate scoring and rating in a single model, the high-risk classification applies. Grandfathering under Article 111(2) protects models placed on the market before the binding date, but only until the first ‘significant change in design’ (§328). The definition of significant change is set by the prudential legislation itself.
Sources: DORA Reg. (EU) 2022/2554 · GDPR Reg. (EU) 2016/679 · EBA Guidelines EBA/GL/2021/05 (internal governance) · AI Act Reg. 2024/1689 Articles 25–27 · Reg. (EU) 575/2013 (CRR) Art. 144 · Directive 2009/138/EC (Solvency II) Art. 120 · Draft Commission Guidelines on Article 6 (§§322–328, 19 May 2026).
GPAI provider chain
Where you sit in the GPAI cyber chain
Article 55 GPAI systemic-risk obligations activate 2 August 2026. Whether your GPAI provider has signed the Code of Practice and participates in cyber-coalitions is now a deployer due-diligence question. The Eurogroup publicly demanded EU access to Anthropic's withheld Mythos model in May 2026 (Bloomberg) so EU banks would not be exposed versus US peers; DORA × AI Act × Article 55 is now politically active at the highest level.
Project Glasswing · 12 launch partners + 40 critical-infrastructure organisations
Anthropic's coalition for vulnerability patching includes named partners across the cyber stack:
- ·Cloud / hyperscale: AWS, Google, Microsoft
- ·Hardware / silicon: NVIDIA, Broadcom, Apple
- ·Networking / security: Cisco, Palo Alto Networks, CrowdStrike
- ·Open source: Linux Foundation
- ·Financial services: JPMorganChase
- ·Foundation: Anthropic
If your GPAI provider is on the Code of Practice (Anthropic + OpenAI signed July 2025) and Glasswing-aware, your downstream Article 26 due-diligence has institutional cover. If they are not, or if they release comparable models less restrictively (OpenAI announced GPT-5.4-Cyber on 14 April 2026 with a tiered "Trusted Access for Cyber" program · openai.com/index/scaling-trusted-access-for-cyber-defense), your deployer cyber-resilience documentation has a gap that DORA Article 28 may force you to close.
Sources: AI Act Article 55 + Recital 110 · Reg. (EU) 2022/2554 DORA Article 28 · Anthropic Project Glasswing (anthropic.com/glasswing, launch partners April 2026) · Bloomberg, 4 May 2026 (bloomberg.com/news/articles/2026-05-04/euro-finance-chiefs-want-mythos-ai-access-to-prepare-defenses) · UK AISI Mythos evaluation (32-step corporate-network attack simulation completed autonomously).
FAQ
About Banking AI under the EU AI Act
When does Annex III §5(b) apply to a credit institution?
Annex III §5(b) applies when the AI system is intended to evaluate the creditworthiness of natural persons or establish credit scores, regardless of vendor location. For credit institutions under Regulation (EU) 575/2013 using third-party AI scoring (or fine-tuning a vendor model on internal data), the deployer cascade activates: Article 26 §1–§12 + Article 27 FRIA automatic + Article 25(1)(b) reverse-bascule check.
What is the fraud detection exception under Article 5(b)?
The text provides one narrow exception: fraud detection, but only where fraud detection is the main intended use of the AI system, preceding all other purposes (Draft Commission Guidelines on Article 6, §307, 19 May 2026). Systems that combine creditworthiness assessment with fraud detection do not benefit from the exception.
Why is FRIA Article 27 automatic for banking deployers?
Unlike HRTech (where FRIA is conditional on works-council activation) or healthcare (where FRIA does not apply at all), Annex III §5 banking deployers face automatic FRIA the moment Annex III obligations bind. The fundamental rights impact assessment is not optional for credit institutions.
How does CRR Article 144 (IRB) interact with the AI Act?
An AI system used both for credit scoring of natural persons and for prudential purposes under Article 144 CRR (internal ratings-based approach) remains high-risk under Annex III §5(b), regardless of the fact that the same system is also used for internal ratings or own funds calculation (Draft Commission Guidelines §§322–324). The only narrow path out is architectural: separating credit scoring and IRB into two distinct AI systems.
Apply it to your own position
The 9-question diagnostic identifies whether you trigger Annex III §5, Article 27 FRIA, or Article 25 reverse-bascule as a banking deployer. 60 seconds. Zero data collected.
This page is informational. It does not constitute legal advice, regulatory determination, or a conformity assessment under Article 43 AIA. Specific classifications for any specific banking deployer require a tailored screening. Credit institutions recognising themselves in the Annex III §5 description should consult qualified legal counsel and, where applicable, the relevant supervisor (ECB, EBA, ACPR, BaFin, etc.) before making compliance decisions.
SEE ALSO
Annex A · The Deployer Multiplier
Three downstream segments where the AI Act cascade becomes visible. Banking covered in §6.
Free Diagnostic
9-question assessment: banking-specific gates flagged.
Sprinkling Act Methodology
The 6-gate framework behind the assessment.
Pricing
Free assessment. €690 full report. No subscription.