Human oversight

What it means

Human oversight is the property that a person with the competence, authority, and information to intervene remains meaningfully in control of a high-risk AI system. It is the EU AI Act's primary safeguard for human agency in automated decision-making, expressed in Art. 14 as a design obligation on providers and in Art. 26.2 as an operational obligation on deployers. Oversight is what prevents an AI system from becoming an unaccountable decision-maker, and it is the element most often present on paper and absent in practice.

Meaningful oversight has three requirements that the EU AI Act makes explicit. The overseer must have the competence to understand the system and evaluate its outputs, which connects oversight to the Art. 4 literacy obligation. They must have the authority to override the system, which is an organisational property, not a technical one. And they must not be subject to automation bias, the well-documented tendency to defer to a machine's output without genuine scrutiny. An oversight arrangement that fails any of these three is oversight in name only.

Why it matters

Human oversight is where many programmes are weakest, because it is the easiest to fake and the hardest to do well. An organisation can appoint an overseer, document the role, and satisfy a checklist, while in practice that overseer approves hundreds of decisions a day without the time, the information, or the authority to review any of them. This is the failure mode that a supervisory authority probes by asking not whether oversight exists but whether it is real: the override rate, how long the overseer spends per decision, what training they received, and whether they can stop the system.

Governing human oversight

The controls have to defend against the quiet collapse of oversight into rubber-stamping, which is why they focus as much on the conditions of oversight as on its existence.

Control layer	Control
Preventive	Appoint named oversight personnel for each high-risk system, with documented competence (Art. 4) and documented authority to override. Design the oversight interface to present uncertainty, surface low-confidence outputs, and make the override action available and easy (Art. 14). Set the workload so that meaningful review per decision is possible, rather than a volume that forces rubber-stamping. Provide a kill switch the overseer can invoke.
Detective	Monitor the override rate: a rate at or near zero is a warning sign that oversight is not genuine, not evidence that the model is perfect. Track time-per-decision against the level needed for real review. Audit a sample of overridden and non-overridden decisions for the quality of the human judgement applied.
Corrective	Where monitoring indicates automation bias, intervene on the conditions: reduce workload, improve the interface, or re-train the overseers. Where an oversight failure contributed to a harmful decision, review the decision, remediate the individual harm, and feed the failure into the risk management system. Treat a systemic oversight failure as a reason to suspend the system, not merely to coach the individual.