The classic trap
Article 103 amends Regulation (EU) No 167/2013 on the approval of agricultural and forestry vehicles (tractors, harvesters, towed machinery). The trap: many manufacturers and integrators assume the AI Act does not apply because they fall under sectoral harmonisation legislation. Wrong. As soon as an AI system acts as a safety component of a tractor (assisted braking, obstacle detection, autonomous steering, emergency stop), it becomes high-risk and must comply with Chapter III, Section 2 of the AI Act. The EU AI Office oversees this at European level, and the CNPD remains competent whenever personal data (operator geolocation, cabin biometrics) is involved. In Luxembourg, the AI market surveillance authority has not yet been formally designated.
The Chapter III Section 2 requirements your AI components must meet
- Documented risk management system maintained across the component's full lifecycle.
- Governance of training, validation and test data (representativeness, absence of bias under real field conditions).
- Technical documentation compliant with Annex IV, opposable during an inspection.
- Automatic event logging enabling traceability of the safety component's decisions.
- Transparency and information for the operator on system limits.
- Effective human oversight and the ability to stop or override at any time.
- Adequate level of accuracy, robustness and cybersecurity, tested under foreseeable use conditions.
The concrete danger: the manufacturer treats AI compliance and machinery compliance in silos. As a result, the tractor's type-approval file ignores AI Act requirements, and the AI component is not covered by a valid conformity assessment.
How Luxgap automates this risk
Our Luxgap Safety Component Mapper makes the blind spot between sectoral legislation and the AI Act impossible: it automatically identifies each embedded software component that qualifies as a safety component under the AI Act and links it to the requirements of Chapter III, Section 2. The tool cross-references your product nomenclature (PLM, Odoo Manufacturing), your code and model repositories (Git, Azure ML, AWS SageMaker) and your type-approval files to materialise the real compliance chain, without any questionnaire to fill in.
- Detects AI models embedded in your controllers and qualifies them as safety components under the criteria of Regulation (EU) 2024/1689.
- Maps each Chapter III, Section 2 requirement (risk management, data governance, logs, human oversight, robustness) to a concrete proof or flags the gap.
- Generates prefilled Annex IV technical documentation aligned with the 167/2013 type-approval file.
- Alerts in real time when a new commit or model retraining modifies an already certified safety component.
- Produces a timestamped, sealed PDF report, opposable to the market surveillance authority and the EU AI Office during an inspection.
Available as a complement to a Luxgap DPO or CISO mandate or as a dedicated SaaS module depending on your scope. Request a personalised quote and our teams will prepare a demonstration on your real components, with a free blank audit within 48h to measure your exposure before any commitment.