Europe · CoE Framework Convention signatory
Implementation is underway but faces significant delays across multiple fronts. The 2 August 2026 deadline for high-risk AI system obligations remains the binding legal deadline, but the Digital Omnibus on AI is advancing through trilogue, with both co-legislators aligned on fixed dates that would defer most high-risk obligations.
The Commission missed its 2 February 2026 deadline to publish guidelines on the practical application of Article 6 (high-risk AI classification), citing the need to integrate substantial stakeholder feedback. A revised set of guidelines is being prepared across 2026, covering high-risk classification, transparency requirements, incident reporting, fundamental rights impact assessments, provider and deployer obligations, and the interplay of the AI Act with other EU legislation.
The European standardisation bodies CEN and CENELEC failed to deliver harmonised technical standards for high-risk AI requirements by their August 2025 target. Standardisation work remains ongoing, with delivery now expected by end of 2026. The absence of harmonised standards is the principal technical rationale for the Omnibus delay (see EP Think Tank briefing linked below). Under Article 40 AI Act, compliance with harmonised standards gives high-risk AI systems a presumption of conformity with the Chapter III Section 2 requirements; without those standards, providers lack the primary compliance route the AI Act was designed around.
Many member states have not yet formally designated their national competent authorities (market surveillance and notifying authorities) despite the 2 August 2025 deadline. As of early 2026, only three member states had completed full designation; approximately ten had pending legislative proposals; and fourteen had yet to act.
On 19 November 2025, the European Commission published the Digital Omnibus on AI, a targeted amending regulation intended to simplify AI Act implementation and adjust timelines. The Commission's original proposal linked the application of high-risk obligations to the availability of harmonised standards and Commission guidance (a conditional trigger mechanism), with fallback backstop dates of 2 December 2027 for standalone high-risk AI systems (Annex III) and 2 August 2028 for high-risk AI systems embedded in regulated products (Annex I).
On 13 March 2026, the Council of the EU adopted its negotiating mandate on the Digital Omnibus on AI, a simplification proposal amending the AI Act, proposing to defer high-risk enforcement dates and introducing backstop dates of 2 December 2027 for standalone high-risk AI systems (Annex III) and 2 August 2028 for embedded high-risk AI systems in regulated products (Annex I). The Council mandate also introduced a new prohibition on AI practices relating to the generation of non-consensual sexual and intimate content or child sexual abuse material.
On 26 March 2026, the European Parliament adopted its negotiating mandate in plenary by 569 votes to 45 (23 abstentions), confirming fixed backstop dates aligned with the Council position, adding a targeted ban on AI "nudifier" systems generating non-consensual intimate imagery, and proposing a watermarking grace period deadline of 2 November 2026 for systems already on the market.Following a first trilogue and a second session on 28 April 2026 that concluded without agreement over the interaction of the AI Act with sectoral product safety legislation, a third trilogue under the Cypriot Council Presidency concluded in the early hours of 7 May 2026 with a provisional political agreement.
On 13 May 2026, COREPER confirmed the compromise text and authorised the Presidency to send the formal offer letter to the European Parliament with a view to a first reading agreement.The agreement confirms the postponement of high-risk obligations to 2 December 2027 (Annex III) and 2 August 2028 (Annex I). The watermarking obligation under Article 50(2) retains its 2 August 2026 application date for new systems, with a transitional grace period to 2 December 2026 for providers of systems already on the market before that date. A new Article 5 prohibition is introduced on AI systems generating non-consensual intimate imagery and child sexual abuse material, with a safe harbour for systems with effective preventive safeguards; this prohibition applies from 2 December 2026. Machinery products are carved out of direct AI Act applicability, with high-risk requirements to be incorporated through delegated acts under the Machinery Regulation by 2 August 2028. For other Annex I sectors, the Commission may limit AI Act application where sectoral legislation already covers comparable requirements, with scope decisions deferred to delegated acts expected by 2 August 2027. The obligation to register borderline self-assessments in the EU database is retained in streamlined form. Formal adoption by both institutions is expected before 2 August 2026.
This content is for informational and educational purposes only and does not constitute legal advice.
No detailed timeline available.
Last updated: 31/05/2026