Key takeaways
- Transparency obligations under Article 50 become enforceable on 2 August 2026 – chatbot disclosure, synthetic content marking and deepfake labelling.
- High-risk obligations did not arrive. Stand-alone Annex III systems now have until 2 December 2027; AI embedded in regulated products under Annex I has until 2 August 2028.
- The change came through the Digital Omnibus on AI, signed on 8 July 2026 and awaiting publication in the Official Journal.
- A new prohibition on AI-generated non-consensual intimate imagery was added to Article 5.
- The AI Office gained broader supervisory reach over vertically integrated AI providers.
Two speeds, one deadline
For two years, 2 August 2026 sat in compliance calendars as the date the EU AI Act would become substantially applicable. Regulation (EU) 2024/1689 entered into force on 1 August 2024 with a staggered timetable, and August 2026 was meant to be the moment the framework’s core obligations – including those for high-risk systems – switched on across the single market.
That is no longer what happens. The deadline still arrives, but it arrives carrying far less than planned. A late amendment package known as the Digital Omnibus on AI has split the calendar into two speeds: transparency rules land on schedule, while the heavier high-risk regime slides more than a year into the future.
The practical consequence for anyone reading older guidance is blunt. A large share of the “AI Act 2026” material published before July describes a legal position that no longer exists.
What switches on in August
Article 50 is the part that survives the reshuffle intact. Its general transparency requirements – paragraphs 1, 3 and 4 – apply from 2 August 2026 to any AI system placed on the EU market. In practice, that covers three things.
Systems that interact directly with people must make clear that a person is dealing with a machine, unless that is obvious from context. Deepfakes and manipulated audio, image or video content must be disclosed as artificially generated. Emotion recognition and biometric categorisation systems must inform the people exposed to them.
The machine-readable marking obligation in Article 50(2) – watermarking of synthetic audio, image, video and text – also applies from 2 August for newly placed systems. Providers whose systems were already on the market before that date get until 2 December 2026 to comply, a concession aimed at retrofitting rather than redesign.
The Act’s other early layers remain untouched. Prohibited practices have applied since February 2025, and the general-purpose AI rules since August 2025. The risk-based architecture itself was never on the negotiating table.
What moved, and by how much
The Omnibus deferred the high-risk regime in two tranches. Stand-alone systems listed in Annex III – recruitment tools, credit scoring, education, law enforcement, border control, critical infrastructure – now face full compliance on 2 December 2027 rather than 2 August 2026. That is a seventeen-month extension.
AI embedded in products already covered by EU product safety law under Annex I – medical devices, machinery, toys – moves further still, to 2 August 2028.
The reason for the deferral is procedural rather than philosophical. Implementation had stalled on two fronts: member states were slow to designate national competent authorities, and the harmonised standards and conformity assessment tools that high-risk compliance depends on were not finished. Regulators found themselves in the position of demanding conformity against benchmarks that did not yet exist.
The obligations themselves have not been softened. Providers of Annex III systems gain runway, not relief.
How the Omnibus got here
The timeline is worth recording, because it explains why so much published guidance is stale.
The European Commission proposed the package on 19 November 2025 as part of a wider simplification effort touching the GDPR, the ePrivacy Directive, NIS2 and the Data Act. A second political trilogue on 28 April 2026 collapsed without agreement. Negotiators returned and reached a provisional deal on 7 May, which member state representatives confirmed on 13 May.
The European Parliament adopted the text on 16 June 2026. The Council gave final approval on 29 June, closing file 2025/0359(COD). The final act was signed on 8 July 2026 and now awaits publication in the Official Journal, entering into force on the third day after that publication.
This leaves a narrow procedural window. For the new dates to be binding before the original deadline bites, publication needs to happen in the second half of July. Until it does, the letter of the law still points at 2 August 2026 for high-risk obligations – a gap that matters mainly to organisations that already demobilised their compliance programmes on the strength of a political agreement.
The parts nobody expected
Two changes went further than simplification.
The first is a new prohibition. Article 5 now bans AI systems designed to generate non-consensual intimate imagery – the so-called nudifier applications – alongside child sexual abuse material. Parliament pushed for this during the trilogue, and the new prohibited practices apply from 2 December 2026. A package sold as deregulation ended up adding a ban.
The second is institutional. The AI Office gained expanded supervisory powers, extending beyond general-purpose AI models to the systems built on them where model and system come from the same business group. For vertically integrated providers – which describes most of the frontier labs – this consolidates oversight in Brussels rather than across twenty-seven national regulators.
The amending regulation also reaches outside the AI Act itself, touching the EASA civil aviation rules and the Machinery Regulation. For products inside the Machinery Regulation’s scope, direct application of the AI Act is excluded; the Commission may instead introduce health and safety requirements for high-risk AI within that framework.
Regulatory sandboxes slipped too. Member states must have at least one national sandbox operational by 2 August 2027, a year later than the AI Act originally required, with an EU-level sandbox now available as an option for testing at continental scale.
What this means in practice
For companies deploying chatbots, generative media tools or synthetic content pipelines into the EU, August is real and close. Disclosure and labelling are engineering work, and the exemption for context-obvious interactions is narrower than it sounds.
For companies building recruitment screening, credit scoring or biometric systems, the pressure has genuinely eased – but the December 2027 date assumes standards arrive in time. If harmonised standards slip again, the industry will be back in the same argument in eighteen months, with less credibility for a second extension.
The broader signal is about how the EU now handles its own digital rulebook. The AI Act took years to negotiate and was amended for the first time within two years of adoption, before its central provisions ever applied. Whether that reads as responsiveness or as a regulator flinching under industry pressure depends largely on what the harmonised standards look like when they finally land.
Written by Alius Noreika
Sources
- Council of the EU – Artificial intelligence: Council gives final green light to simplify and streamline rules (29 June 2026): https://www.consilium.europa.eu/en/press/press-releases/2026/06/29/artificial-intelligence-council-gives-final-green-light-to-simplify-and-streamline-rules/
- Council of the EU – Artificial intelligence act policy page: https://www.consilium.europa.eu/en/policies/artificial-intelligence-act/
- European Commission – AI Act, Shaping Europe’s digital future: https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai
- European Parliament Think Tank – Digital Omnibus on AI briefing: https://www.europarl.europa.eu/thinktank/en/document/EPRS_BRI(2026)782651
- Freshfields – EU AI Act unpacked #34: The final Digital Omnibus on AI: https://www.freshfields.com/en/our-thinking/blogs/technology-quotient/eu-ai-act-unpacked-34-the-final-digital-omnibus-on-ai-key-amendments-to-the-a-102nber
- Gibson Dunn – EU AI Act Omnibus Agreement: Postponed High-Risk Deadlines and Other Key Changes: https://www.gibsondunn.com/eu-ai-act-omnibus-agreement-postponed-high-risk-deadlines-and-other-key-changes/
- Sidley Data Matters – EU Lawmakers Reach Provisional Agreement to Delay Key EU AI Act Obligations: https://datamatters.sidley.com/2026/06/22/eu-lawmakers-reach-provisional-agreement-to-delay-key-eu-ai-act-obligations/
- DLA Piper – The Digital AI Omnibus: Proposed deferral of high risk AI obligations under the AI Act: https://knowledge.dlapiper.com/dlapiperknowledge/globalemploymentlatestdevelopments/2026/The-Digital-AI-Omnibus-Proposed-deferral-of-high-risk-AI-obligations-under-the-AI-Act
- White & Case – EU agrees Digital Omnibus deal to simplify AI rules: https://www.whitecase.com/insight-alert/eu-agrees-digital-omnibus-deal-simplify-ai-rules
- Digital Watch Observatory – Digital Omnibus on AI: the EU’s AI Act simplification and new AI Office powers: https://dig.watch/updates/digital-omnibus-eu-ai-act-new-ai-office-powers
- Bird & Bird – AI Act and Provisionally Agreed AI Digital Omnibus Consolidated Version: https://www.twobirds.com/en/insights/2026/ai-act-,-a-,-provisionally-agreed-ai-digital-omnibus-consolidated-version
- NicFab – Digital Omnibus on AI: the Council’s Final Green Light: https://www.nicfab.eu/en/posts/digital-omnibus-ai-council-adoption/







