EU AI Act August 2026 Deadline: What You Need to Know
Did the 2 August 2026 deadline move?
Provisionally, yes, for high-risk systems. Council presidency and European Parliament negotiators reached a provisional agreement on the Digital Omnibus on 7 May 2026. It changes the AI Act application calendar as follows:| Obligation | Original date | New date (provisional) |
|---|---|---|
| Annex III stand-alone high-risk obligations | 2 August 2026 | 2 December 2027 |
| Annex I embedded (regulated-product) high-risk obligations | 2 August 2027 | 2 August 2028 |
| Article 50(2) machine-readable marking of AI-generated content | 2 August 2026 | 2 December 2026 |
| National AI regulatory sandboxes (establishment deadline) | 2 August 2026 | 2 August 2027 |
| New Article 5 prohibition: AI generation of non-consensual intimate imagery and CSAM | n/a | applies from 2 December 2026 |
The agreement is provisional. It still requires formal endorsement by Parliament and Council plus legal-linguistic revision, then publication in the Official Journal. Until that publication, the original AI Act dates remain the law as written. The institutions intend to complete adoption before 2 August 2026.
What still applies on the original schedule
- Article 5 prohibitions (unacceptable risk): in force since 2 February 2025.
- Article 4 AI literacy: in force since 2 February 2025.
- GPAI model obligations (Articles 51 to 56): applicable since 2 August 2025.
- Article 50 transparency obligations other than the 50(2) marking grace (for example, disclosing that a user is interacting with an AI system): apply from 2 August 2026 as scheduled.
Who this applies to
This obligation applies to providers and deployers of high-risk AI systems (as defined in Article 6(1)) and importers/distributors placing such systems on the EU market (Article 24). Public sector entities using high-risk AI in the public interest (Article 12(3)) are also subject to these requirements.What is required
The Digital Omnibus changes when the Annex III obligations apply, not what they require. The substantive checklist is unchanged:- Conduct a conformity assessment (self-assessment or third-party, depending on system type) to demonstrate compliance with Article 43(1).
- Establish a risk management system per Article 9, including continuous identification, estimation, and evaluation of risks.
- Maintain technical documentation (per Article 11) proving compliance, including design specifications, training data descriptions, and testing protocols.
- Implement data governance measures under Article 10, ensuring training, validation, and testing datasets meet quality criteria (relevance, representativeness, bias mitigation).
- Enable logging capabilities for high-risk systems (Article 12(1)), recording events for traceability and auditability.
- Provide transparent information to users per Article 13, including system purpose, limitations, and human oversight requirements.
- Register the high-risk AI system in the EU database before placement on the market (Article 60).
- Appoint an EU authorized representative if the provider is based outside the EU (Article 25).
Key deadlines
| Date | Obligation | Who must act |
|---|---|---|
| 2 August 2026 | Article 50 transparency obligations (unchanged by the Digital Omnibus) | Providers and deployers of AI systems that interact with natural persons |
| 2 August 2026 | Annex III high-risk compliance as written; provisionally moved to 2 December 2027, pending formal adoption | Providers, deployers, importers |
Enforcement patterns
AI Act Article 50 transparency obligations take effect 2 August 2026. Annex III high-risk obligations are expected 2 December 2027, pending formal adoption of the Digital Omnibus (political agreement of 7 May 2026). No AI Act enforcement precedent currently exists. This page will be updated as enforcement cases emerge.Cross-border considerations
Implementation varies by member state, with Greece (GR), Austria (AT), and Germany (DE) showing early enforcement activity (per Articles 51, 85 co-citations). Spain (ES) and Italy (IT) have high citation volumes for Article 6, suggesting active national oversight. No jurisdiction-specific derogations or additional requirements are yet documented.EDPB February 2026 update: the Digital Omnibus joint opinion
In February 2026 the European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) issued a joint opinion on the European Commission's Digital Omnibus, the package that reached provisional agreement on 7 May 2026. Three points matter if you are planning around the August 2, 2026 date:- The Annex III postponement was contested. The Commission proposed moving high-risk obligations under Annex III from August 2, 2026 to December 2, 2027, and the 7 May 2026 provisional agreement adopts that move. The EDPB and EDPS warned the delay may harm fundamental rights and undermine legal certainty. Until the Digital Omnibus is formally adopted and published in the Official Journal, the original August 2, 2026 deadline remains the law.
- Registration of self-classified systems should stay. The two authorities strongly oppose dropping the duty to register self-assessed non-high-risk Annex III systems in the EU database, arguing it would weaken accountability and reward optimistic self-classification.
- Sensitive data for bias detection must stay narrow. They recommend a strict-necessity test so that special category data used to detect and correct bias is limited to cases involving real risks to rights and freedoms, not extended to all AI systems.
Fontvera also analyses closely related obligations, including [AI Act deepfakes FAQ](/intelligence/ai-act-faq-deepfakes), [AI Act post market monitoring FAQ](/intelligence/ai-act-faq-post-market-monitoring), and [AI Act penalties by violation type](/intelligence/ai-act-penalties-by-violation-type).
Related: [Article 50 chatbot transparency obligations](/intelligence/ai-act-transparency-chatbots)