Vietnam has done something few AI regulators have managed: it named names. On June 30, 2026, Deputy Prime Minister Hồ Quốc Dũng signed Decision No. 33/2026/QD-TTg, an enumerated list of 46 AI systems classified as "high-risk" under the country's Law on Artificial Intelligence No. 134/2025/QH15, which took effect March 1, 2026. The decision itself takes effect August 15, 2026, and covers six sectors: transportation, education, healthcare, banking, litigation, and ethnicity/religion.
A list instead of a test
Most AI laws — the EU AI Act chief among them — classify "high-risk" systems by describing categories and letting providers self-assess against open-ended criteria. Vietnam instead published a finite catalogue: 31 transportation systems (autonomous-vehicle controls, traffic-signal management, infrastructure operations), seven ethnicity-and-religion systems (file scoring, application decisions), three education systems, two healthcare systems, two banking systems, and one litigation system — biometric facial recognition used in civil proceedings, according to Vietnam News.
That design has a real advantage. A closed list is auditable: a bank building a credit-scoring tool can check whether it appears on the schedule rather than argue with a regulator over whether its system meets an abstract "significant risk to fundamental rights" threshold. Providers of listed systems must report their risk classification to the Ministry of Science and Technology before deployment, complete a conformity assessment before and throughout operation, and maintain a risk-management plan, per the Ministry's own summary. That is a genuinely more predictable compliance posture than the ambiguity many EU deployers now face waiting on Commission guidance documents.
The inclusion of ethnicity-and-religion classification systems is also worth crediting on its own terms. Automated ethnic or religious profiling by government-linked AI has been one of the most abused applications of the technology globally — most notoriously in Xinjiang. Vietnam designating seven such systems as high-risk, subject to mandatory human oversight and conformity assessment before an administrative decision can rely on them, is a defensible guardrail rather than regulatory overreach, and it is the kind of category regulators elsewhere have been slower to name explicitly.
Where the design strains
The list's precision, however, is lopsided. Transportation systems make up 31 of the 46 entries — roughly two-thirds — while an entire category as consequential as litigation gets exactly one. A facial-recognition tool used to authenticate a party in a civil case is high-risk; but the list's granularity elsewhere suggests plenty of adjacent litigation-support or evidentiary AI tools simply weren't enumerated, and a closed list's chief weakness is that anything left off it falls outside the regime by default, however analogous its risk profile.
Providers and operators of high-risk systems must "establish and maintain a risk management plan during their operations" — Government of Vietnam, Decision 33/2026/QD-TTg
More consequential for market structure are two obligations that sit alongside the list rather than in it. Foreign providers of listed systems must establish a local presence in Vietnam, and — per legal analysis from Mondaq — providers face strict liability for damages "even when the provider is fully compliant." Both are defensible in isolation: a local entity gives Vietnamese regulators and courts someone to serve process on, and strict liability protects patients or borrowers from having to litigate a provider's internal state of mind after an AI-assisted surgery or credit denial goes wrong.
Taken together, though, they set a cost floor for market entry that scales inversely with company size. A large cloud or model provider can absorb the cost of a Vietnamese subsidiary and price liability risk into its enterprise contracts. A smaller startup — domestic or foreign — building, say, an automated student-assessment tool cannot as easily eat the cost of local incorporation plus liability exposure that doesn't shrink even when it does everything right. The practical effect is likely to concentrate high-risk AI supply in Vietnam's transportation, healthcare, and banking sectors among a handful of well-capitalized incumbents, narrowing exactly the kind of competitive field that tends to produce safer, cheaper compliance tooling over time.
The transition clock
Vietnam did build in runway. Systems already operating before August 15, 2026 get until March 1, 2027 to complete compliance obligations, or September 1, 2027 for healthcare, education, and finance systems specifically — a 12-to-18-month grace period depending on sector, as Tilleke & Gibbins notes. That is a reasonable amount of time to build a conformity-assessment function, and longer than several EU AI Act deadlines have afforded deployers.
The better fix is not to abandon the enumerated-list model — it remains more legible than an open-ended standard — but to pair it with a lighter compliance track for smaller providers, the way the EU AI Act's regulatory sandboxes attempt to for SMEs. Vietnam has one budget cycle before the list starts to bite; using it to scale obligations to provider size, rather than only to sector, would keep the predictability gain without quietly handing the transportation and banking high-risk categories to whichever companies can afford a Hanoi office and an open-ended liability reserve.