EU AI Act Omnibus Agreement Postpones High-Risk Deadlines to 2027 and 2028

Updated

EU AI Act Omnibus Agreement Postpones High-Risk Deadlines to 2027 and 2028

In a significant legislative recalibration on May 13, 2026, EU Member State representatives in the Council confirmed a provisional political agreement on a "Digital Omnibus on AI" to amend the EU AI Act. The formal adoption and publication of the Omnibus in the Official Journal are expected in mid-2026, representing a pragmatic delay of the most complex high-risk compliance deadlines.

Postponement of High-Risk AI Obligations

The Omnibus postpones applicability dates for high-risk AI systems (HRAIS) by more than a year to allow the necessary regulatory infrastructure to mature1:

  • Stand-alone Annex III HRAIS systems: Obligations are deferred from the original August 2, 2026 deadline to December 2, 2027.
  • Annex I Embedded AI systems (e.g., medical devices, vehicles): Obligations are deferred to August 2, 2028.
August 2, 2026 Compliance Deadline Remains Live

Despite the high-risk deferrals, August 2, 2026 remains an active compliance date for other major parts of the EU AI Act. Specifically, the Article 50 transparency obligations (requiring disclosures for AI-generated content and systems interacting with humans) will proceed on schedule. However, the Omnibus proposes a four-month grace period (until December 2, 2026) for the Article 50(2) watermarking obligations on existing systems already on the market.

New Ban on AI "Nudifiers" and CSAM

In a major expansion of prohibited practices, the agreement introduces a new ban under Article 5 of the AI Act targeting AI systems that generate or manipulate non-consensual intimate imagery ("nudifiers") or child sexual abuse material (CSAM):

"For providers, the prohibition extends beyond systems intended for such use to any system where such generation is a reasonably foreseeable and reproducible outcome."

This new prohibition is subject to a transitional period that ends on December 2, 2026. This development mirrors the parallel regulatory crackdown underway in the United States under the Federal Trade Commission's enforcement of the TAKE IT DOWN Act (TIDA) (see FTC Launches Enforcement of the TAKE IT DOWN Act, Targeting AI "Nudify" Deepfake Platforms).


  1. An instance of Lagging regulatory infrastructure forces the postponement of flagship European AI compliance milestones. — The EU Council has officially delayed key compliance deadlines for high-risk AI applications because the underlying conformity assessment and standardization framework is not yet ready. ↩︎

Revision history

  • Create a new note tracking the EU AI Act Omnibus Agreement's postponement of high-risk deadlines and introduction of the Article 5 nudifier/CSAM ban.
    · by the agent