Vietnam AI regulation

Vietnam's 46-System High-Risk AI List Trades Vagueness for a Strict-Liability Barrier to Entry

Decision 33/2026 names 46 high-risk AI systems, but strict liability and a local-presence mandate could favor incumbents over challengers.

Vietnam's High-Risk AI List, By the Numbers People of Internet Research · Vietnam 46 AI systems classified high-risk Across six sectors under Decision … 31 of 46 Systems in transportation Roughly two-thirds of the entire l… Aug 15, 2026 Decision takes effect Starts the compliance clock for pr… 12–18 months Transition window for existing systems Until March 2027, or September 202… peopleofinternet.com
Vietnam's High-Risk AI List, By the Nu… People of Internet Research · Vietnam 46 AI systems classified high-… 31 of 46 Systems in transportation Aug 15, 2026 Decision takes effect 12–18 months Transition window for existing sys… peopleofinternet.com

Key Takeaways

Vietnam has done something few AI regulators have managed: it named names. On June 30, 2026, Deputy Prime Minister Hồ Quốc Dũng signed Decision No. 33/2026/QD-TTg, an enumerated list of 46 AI systems classified as "high-risk" under the country's Law on Artificial Intelligence No. 134/2025/QH15, which took effect March 1, 2026. The decision itself takes effect August 15, 2026, and covers six sectors: transportation, education, healthcare, banking, litigation, and ethnicity/religion.

A list instead of a test

Most AI laws — the EU AI Act chief among them — classify "high-risk" systems by describing categories and letting providers self-assess against open-ended criteria. Vietnam instead published a finite catalogue: 31 transportation systems (autonomous-vehicle controls, traffic-signal management, infrastructure operations), seven ethnicity-and-religion systems (file scoring, application decisions), three education systems, two healthcare systems, two banking systems, and one litigation system — biometric facial recognition used in civil proceedings, according to Vietnam News.

That design has a real advantage. A closed list is auditable: a bank building a credit-scoring tool can check whether it appears on the schedule rather than argue with a regulator over whether its system meets an abstract "significant risk to fundamental rights" threshold. Providers of listed systems must report their risk classification to the Ministry of Science and Technology before deployment, complete a conformity assessment before and throughout operation, and maintain a risk-management plan, per the Ministry's own summary. That is a genuinely more predictable compliance posture than the ambiguity many EU deployers now face waiting on Commission guidance documents.

The inclusion of ethnicity-and-religion classification systems is also worth crediting on its own terms. Automated ethnic or religious profiling by government-linked AI has been one of the most abused applications of the technology globally — most notoriously in Xinjiang. Vietnam designating seven such systems as high-risk, subject to mandatory human oversight and conformity assessment before an administrative decision can rely on them, is a defensible guardrail rather than regulatory overreach, and it is the kind of category regulators elsewhere have been slower to name explicitly.

Where the design strains

The list's precision, however, is lopsided. Transportation systems make up 31 of the 46 entries — roughly two-thirds — while an entire category as consequential as litigation gets exactly one. A facial-recognition tool used to authenticate a party in a civil case is high-risk; but the list's granularity elsewhere suggests plenty of adjacent litigation-support or evidentiary AI tools simply weren't enumerated, and a closed list's chief weakness is that anything left off it falls outside the regime by default, however analogous its risk profile.

Providers and operators of high-risk systems must "establish and maintain a risk management plan during their operations" — Government of Vietnam, Decision 33/2026/QD-TTg

More consequential for market structure are two obligations that sit alongside the list rather than in it. Foreign providers of listed systems must establish a local presence in Vietnam, and — per legal analysis from Mondaq — providers face strict liability for damages "even when the provider is fully compliant." Both are defensible in isolation: a local entity gives Vietnamese regulators and courts someone to serve process on, and strict liability protects patients or borrowers from having to litigate a provider's internal state of mind after an AI-assisted surgery or credit denial goes wrong.

Taken together, though, they set a cost floor for market entry that scales inversely with company size. A large cloud or model provider can absorb the cost of a Vietnamese subsidiary and price liability risk into its enterprise contracts. A smaller startup — domestic or foreign — building, say, an automated student-assessment tool cannot as easily eat the cost of local incorporation plus liability exposure that doesn't shrink even when it does everything right. The practical effect is likely to concentrate high-risk AI supply in Vietnam's transportation, healthcare, and banking sectors among a handful of well-capitalized incumbents, narrowing exactly the kind of competitive field that tends to produce safer, cheaper compliance tooling over time.

The transition clock

Vietnam did build in runway. Systems already operating before August 15, 2026 get until March 1, 2027 to complete compliance obligations, or September 1, 2027 for healthcare, education, and finance systems specifically — a 12-to-18-month grace period depending on sector, as Tilleke & Gibbins notes. That is a reasonable amount of time to build a conformity-assessment function, and longer than several EU AI Act deadlines have afforded deployers.

The better fix is not to abandon the enumerated-list model — it remains more legible than an open-ended standard — but to pair it with a lighter compliance track for smaller providers, the way the EU AI Act's regulatory sandboxes attempt to for SMEs. Vietnam has one budget cycle before the list starts to bite; using it to scale obligations to provider size, rather than only to sector, would keep the predictability gain without quietly handing the transportation and banking high-risk categories to whichever companies can afford a Hanoi office and an open-ended liability reserve.

Sources & Citations

  1. Vietnam Government Portal — Decision 33/2026/QD-TTg
  2. Ministry of Science and Technology — 46 high-risk AI systems
  3. Law No. 134/2025/QH15 on Artificial Intelligence
  4. Vietnam News — Government releases list of high-risk AI systems
  5. Mondaq — Vietnam introduces sectoral list of high-risk AI systems
  6. Tilleke & Gibbins — Vietnam's new guiding decree