EU delays parts of AI Act

On 7 May 2026, negotiators from the Council of the European Union, the European Parliament and the European Commission reached a provisional agreement to change parts of the EU AI Act timetable. The changes sit inside the bloc’s proposed “Digital Omnibus on AI,” a package first published by the Commission on 19 November 2025. The main practical effect is a delay for some obligations on high-risk AI systems while standards bodies and regulators finish the tools companies will need to show compliance. ### What exactly was delayed? The provisional deal delays the rules for Annex III high-risk AI systems — the stand-alone, use-based category — from 2 August 2026 to 2 December 2027. It also delays the rules for Annex I high-risk AI systems embedded in regulated products, including medical devices and radio equipment, from 2 August 2027 to 2 August 2028. (insideprivacy.com) Inside Privacy said the package also pushes back one transparency rule in Article 50(2) for certain synthetic-content systems already on the market before 2 August 2026, moving that deadline to 2 December 2026. The obligation for member states to establish at least one national AI regulatory sandbox is postponed from 2 August 2026 to 2 August 2027. (insideprivacy.com) ### Why did Brussels move the dates? The European Commission’s proposal said the AI Act was designed to apply in stages, but the most demanding provisions — especially for high-risk systems — depended on detailed compliance machinery that was not yet ready. Those provisions cover areas including data governance, transparency, documentation, human oversight and robustness. (insideprivacy.com) The European Parliament’s Legislative Train page said the Digital Omnibus on AI was meant to address delays in establishing standards, naming national competent authorities and designating conformity-assessment bodies. Inside Privacy said the delayed timeframes reflect operational problems around testing, documentation and third-party assessment for high-risk systems. (eur-lex.europa.eu) A 2025 European Parliamentary Research Service note had already flagged the issue, saying harmonised standards were crucial before high-risk obligations started to apply in August 2026. Under the Commission proposal, the application of high-risk rules was tied to the availability of standards, common specifications or guidelines, with backstop dates if those tools were still not ready. (europarl.europa.eu) ### Does this mean the EU is backing away from the AI Act? The Commission’s proposal did not repeal the core high-risk framework. It described the amendments as simplification measures to help implementation while keeping the AI Act’s stated goals of safety, transparency and protection of fundamental rights. (europarl.europa.eu) The package also includes narrower structural changes beyond timing. Inside Privacy said one notable revision moves the Machinery Regulation from Annex I Section A to Section B, changing how some AI-enabled machinery interacts with sector-specific product rules. The European Parliament briefing said the broader package had drawn debate over whether simplification could reduce safeguards, showing that the political argument now centers on implementation rather than abandonment. (eur-lex.europa.eu) ### What should companies do with the extra time? The delayed deadlines do not remove the need to prepare evidence, documentation and control frameworks for high-risk systems. Inside Privacy said the extension is meant to give standards-setting bodies such as CEN-CENELEC more time to produce the standards and guidance that will underpin compliance. (insideprivacy.com) The Commission has also pointed companies to support tools already under development, including guidelines, templates, the AI Pact and the AI Act Service Desk. Those resources are intended to help providers and deployers navigate the law before the deferred deadlines arrive. ### What still has to happen before these delays take effect? (insideprivacy.com) The provisional agreement reached on 7 May 2026 is not the final legal step. The Digital Omnibus on AI still has to complete the formal EU legislative process before the amended dates become law. (eur-lex.europa.eu) The European Parliament’s Legislative Train page said Parliament adopted its negotiating position in March 2026 and trilogue talks had begun. The next step is formal adoption by the Parliament and the Council, after which the revised timetable — including 2 December 2027 for Annex III high-risk systems and 2 August 2028 for Annex I product-linked systems — would govern the rollout. (europarl.europa.eu) (insideprivacy.com)