EU narrows AI Act timing

The European Union has decided not to rewrite the AI Act from scratch. It has chosen to make the law easier to apply. That matters because the original timetable was colliding with a practical problem: companies were being asked to prepare for high-risk obligations before some of the technical standards, guidance and enforcement machinery were fully in place. On May 7, negotiators from the Council of the European Union and the European Parliament reached a provisional agreement to streamline parts of the law as part of the bloc’s broader “Omnibus VII” simplification package. The second step came on May 19, when the European Commission published draft guidelines on how to classify high-risk AI systems under Article 6 of the AI Act. The Commission said the draft is meant to help providers, deployers and market-surveillance authorities apply the rules more uniformly. ### What exactly did Brussels change in the AI Act timetable? The May 7 agreement extended some of the most demanding compliance dates, especially for high-risk systems, and adjusted enforcement sequencing so obligations would line up better with the tools companies need to comply, according to the Council and Euronews. (consilium.europa.eu) The Council said the package was designed to “simplify and streamline” certain AI rules, not replace the law’s core structure. (digital-strategy.ec.europa.eu) The AI Act still applies in stages, with full roll-out foreseen by Aug. 2, 2027, according to the EU AI Act Service Desk. What changed is the path to that date: Brussels has given businesses more time on some requirements and reworked parts of the enforcement calendar. ### Why did the Commission issue separate high-risk guidance? Article 6 is where the strictest obligations begin, because it determines whether a system counts as “high-risk.” The Commission’s draft guidelines published on May 19 say they are intended to support consistent classification and effective enforcement across the bloc. (consilium.europa.eu) The guidance is split into general principles and separate explanations for Annex I and Annex III systems. (ai-act-service-desk.ec.europa.eu) The Commission also published practical examples, which is important because classification determines whether a provider or deployer must meet requirements on risk management, documentation, human oversight and post-market monitoring. ### Who may now fall outside the strictest “high-risk” bucket? (digital-strategy.ec.europa.eu) The Commission’s draft narrows some boundary cases rather than broadening them. Medianama reported that a private company using AI on its own behalf to comply with a legal obligation would not automatically be treated as acting for law-enforcement purposes. That distinction matters because Annex III categories cover sensitive uses such as law enforcement, migration, employment, education and access to essential services. (digital-strategy.ec.europa.eu) If a use case sits outside those categories, the operator may avoid the AI Act’s heaviest compliance burden, though other obligations can still apply. ### Is this a rollback or an administrative fix? (digital-strategy.ec.europa.eu) The Council described the May 7 deal as a streamlining exercise inside a wider simplification agenda. Euronews reported that the aim was to cut red tape, fix overlaps and give companies more time without dismantling the AI Act’s risk-based logic. That framing is important because Brussels is still moving ahead with implementation. (digital-strategy.ec.europa.eu) The Commission has not withdrawn the high-risk regime; it is publishing guidance on how to apply it and collecting feedback before finalizing it. ### How does this compare with what happened in Washington? On May 21, President Donald Trump postponed a planned executive order on AI oversight only hours before a White House signing ceremony, according to the Washington Post, Reuters and the Associated Press. (consilium.europa.eu) Trump said he did not like some aspects of the order and did not want to weaken U.S. competitiveness. The contrast is procedural rather than rhetorical. (digital-strategy.ec.europa.eu) Europe is narrowing definitions and stretching deadlines inside an existing statute, while the United States delayed a new oversight measure before it was issued. ### What happens next, and where should companies look? June 23, 2026, is the deadline for feedback on the Commission’s draft high-risk guidelines, according to the EU digital-strategy portal. (washingtonpost.com) The consultation page names providers, deployers and national authorities as the intended audience for the document. The next concrete marker after that is the finalization of the guidance and the continued staged implementation of the AI Act through Aug. 2, 2027. (consilium.europa.eu) Companies tracking the changes can find both the draft high-risk materials and the implementation timeline on the European Commission and EU AI Act Service Desk pages. (digital-strategy.ec.europa.eu 1) (digital-strategy.ec.europa.eu 2)