Vietnam has done something the EU AI Act's drafters spent years avoiding: it published an actual list. On June 30, 2026, Deputy Prime Minister Ho Quoc Dung signed Decision No. 33/2026/QD-TTg, naming 46 specific AI systems as "high-risk" under the country's Law on Artificial Intelligence (No. 134/2025/QH15). The decree takes effect August 15, 2026, and operationalizes a law the National Assembly passed on December 10, 2025 and that itself took effect March 1, 2026.
What's Actually on the List
The 46 systems sort into six sectors: transportation (31), ethnicity and religion (7), education (3), healthcare (2), banking (2), and litigation (1). The transport bucket includes automated vehicle control systems operating without human oversight and automated traffic-signal direction systems — a reasonable target given Vietnam's motorbike-dominated, accident-prone road network and Hanoi's growing deployment of AI traffic cameras. Healthcare's two entries cover AI embedded in surgical robots. Banking covers autonomous execution of large-value transactions and unsupervised credit decisions. The single litigation entry is large-scale biometric identification used in civil proceedings.
Each of these is defensible on its face. A credit-scoring model that autonomously denies a loan, a surgical robot making an unsupervised incision, or a courtroom identification system misidentifying a defendant can all cause harm that's hard to reverse. Regulators asking for conformity assessment and documented human oversight before such systems go live are not reaching for exotic precaution — they're applying the same logic that already governs medical devices and financial risk controls.
The Genuinely Novel Category
The ethnicity-and-religion bucket — seven systems that automatically score or rank eligibility for policy benefits — has no real analogue in the EU AI Act's high-risk annexes. It reflects a distinctly Vietnamese concern: the state administers targeted support programs for ethnic minority and religious communities, and an algorithm silently mis-ranking applicants could produce discrimination with an ethnic dimension the government is especially sensitive to. Whatever one thinks of the underlying benefit programs, subjecting the automation of eligibility decisions to conformity review is a proportionate response to a real administrative risk, not overreach.
Where the List Undersells the Real Burden
The headline number — 46 systems — understates what's actually being asked of industry, because the compliance mechanism attached to the list is unusually strict. Under the AI Law, high-risk systems require conformity assessment before deployment: third-party certification where the Prime Minister's list mandates it, self-assessment otherwise. Providers subject to mandatory certification must maintain a commercial presence or an authorized representative inside Vietnam — a market-entry condition that will matter more to a foreign medical-device or fintech vendor than the abstract fact of being on a risk list.
More consequential still is the liability default: deployers bear primary liability for damages caused by a high-risk system even when it was operated in full compliance with the law, with carve-outs only for force majeure or the victim's own intentional fault. That is a form of strict liability layered on top of, not in exchange for, a conformity-assessment regime. A hospital that runs a properly certified surgical-robot system, follows every documented risk-management step, and still experiences a malfunction remains exposed. That combination — pre-market certification plus strict post-market liability — is a heavier compliance stack than the EU AI Act imposes on comparable Annex III systems, where conformity assessment is the primary gate and liability generally still runs through fault-based or product-liability frameworks.
Deployers bear primary liability for damages caused by high-risk systems operated in compliance with regulations. Developers and providers may share responsibility if at fault.
For a government explicitly trying to build Vietnam into a regional AI and semiconductor hub — a goal the AI Law's drafters cited alongside the risk framework — a rule that leaves compliant hospitals, banks, and transit operators fully exposed to damages is a real disincentive to deploying the very systems the state wants adopted. Banks in particular may simply avoid autonomous credit decisioning rather than accept open-ended liability for a certified, unmodified system behaving as designed.
A Tight Runway
The six-week gap between the decree's signature and its effective date is workable only because grace periods soften the landing: existing high-risk systems in most sectors have until March 1, 2027 to fully comply, and existing education, healthcare, and banking systems get until September 1, 2027. New systems entering these 46 categories after August 15, however, face the full conformity-assessment and liability regime immediately — and Vietnam has not yet demonstrated it has enough accredited third-party assessment bodies to process them without becoming the bottleneck the EU's own "notified body" shortage became for the AI Act.
The Bottom Line
A narrow, named list of 46 systems, most concentrated in transport and genuinely risk-bearing sectors, is a more administrable approach than the EU's broad annexed categories — it gives providers certainty about what's covered rather than forcing case-by-case interpretation. But Vietnam paired that clarity with a liability rule that punishes compliance failures the law itself cannot fully prevent. If Hanoi wants the adoption its AI Law says it wants, the fix isn't a longer list — it's a liability safe harbor for deployers who can show good-faith, certified compliance.