Update to SAW’s earlier coverage: On 17 April 2026, Shadow AI Watch reported that the Digital Omnibus was likely to push the EU AI Act’s high-risk deadline to December 2027. That assessment was based on broadly agreed negotiating positions at the time. Those negotiations have since collapsed. This article updates our guidance. The original deadline is back.
On 28 April 2026, a 12-hour trilogue session in Brussels broke down without agreement on the Digital Omnibus reforms that would have delayed key EU AI Act obligations. The European Parliament, Council of the European Union, and European Commission failed to resolve a disagreement over whether AI systems embedded in products already covered by existing EU safety legislation should be carved out from the AI Act’s requirements.
The consequence is straightforward: the EU AI Act, which entered into force on 1 August 2024, has not been amended. High-risk AI obligations begin applying on 2 August 2026. Article 50 transparency requirements for generative AI and chatbots also apply from the same date. Compliance teams that had adjusted their timelines based on the expected Omnibus delay now have approximately three months to meet the original deadline.
What the Omnibus was supposed to do
The European Commission introduced the Digital Omnibus package in November 2025 as a simplification measure. The package would have pushed the enforcement date for standalone Annex III high-risk AI systems (including employment, credit, education, and law enforcement AI) to 2 December 2027. AI embedded in regulated products (medical devices, industrial machinery, connected vehicles, toys) would have been deferred to 2 August 2028.
These dates had been broadly agreed between the three EU institutions before the 28 April trilogue. The talks had proceeded through a first trilogue session and were expected to conclude in the second. IAPP’s Ashley Casovan noted that what was expected to be “relatively straightforward deliberations instead marked yet another significant turn in an increasingly windy road.”
What caused the collapse
The breakdown centred on Annex I, the list of products covered by harmonised EU safety legislation. The European Parliament pushed for a carve-out that would have moved AI systems embedded in products already governed by sectoral laws (the Machinery Regulation, Medical Device Regulation, In-Vitro Diagnostics Regulation) out from under the AI Act’s direct scope.
The Council and Commission refused. Their position was that removing these product categories from the AI Act’s horizontal framework would undermine the act’s architecture. MEP Michael McNamara, the rapporteur on the AI file, acknowledged the logic of reducing overlapping obligations but warned that routing AI governance through sectoral legislation “could end up being deregulatory rather than simplifying.” More than 40 civil society organisations wrote an open letter opposing structural changes to the AI Act’s high-risk framework.
Sebastian Hallensleben, chair of CEN-CENELEC AI standards development, noted that structural changes to the high-risk provisions “would invalidate some of the foundations we have been working on for the past few years.” The standards bodies have been developing harmonised standards aligned with the current AI Act text. A carve-out for product-embedded AI would require significant rework of those standards, adding further delay and confusion.
What is still in force from 2 August 2026
Two categories of obligation now apply from 2 August 2026 with no Omnibus relief in sight.
High-risk AI systems (Annex III). Deployers and providers of AI systems used in employment decisions, creditworthiness assessments, education and vocational training, essential services, law enforcement, migration, and justice administration must comply with the AI Act’s high-risk requirements. These include risk management systems, data governance, technical documentation, record-keeping, transparency and information to deployers, human oversight, accuracy, robustness, and cybersecurity.
Article 50 transparency obligations. Providers of AI systems designed to interact directly with people (chatbots) must ensure that users are informed they are interacting with an AI system. Providers of AI systems that generate synthetic audio, image, video, or text content must ensure the outputs are marked as artificially generated in a machine-readable format. These obligations apply to systems placed on the market or put into service on or after 2 August 2026.
Is there still a path to a delay?
IAPP reports that a follow-up trilogue is anticipated in approximately two weeks, targeting mid-May 2026. A simplified agreement could still emerge. However, several factors work against a quick resolution.
Ireland takes over the rotating EU Council presidency on 30 June 2026, just five weeks before the enforcement date. A change of presidency often resets negotiating dynamics. If the Omnibus is not finalised before the handover, the new presidency may take a different direction.
The political dynamics within the European Parliament are increasingly fractured. Reports from Euractiv indicate disagreements between political groups about whether the negotiations were an exercise in simplification or deregulation. Building a majority for any revised Omnibus text will take time the calendar does not have.
Even if a deal is reached in May or June, the formal adoption process (legal review, translation into 24 official languages, publication in the Official Journal) takes weeks. A deal reached in late May would be extremely tight for adoption before 2 August. A deal reached in June would almost certainly not be formalised in time.
The prudent assumption for compliance teams is that 2 August 2026 is the deadline. If a delay materialises, it will be a bonus, not a baseline.
What this means for SAW readers who followed our earlier coverage
Our 17 April article told readers the Digital Omnibus was likely to push the high-risk deadline to December 2027 and flagged the non-retroactivity loophole in Article 111 that could exempt systems deployed before that date. That analysis was accurate at the time based on the negotiating positions of all three EU institutions.
Those positions have not translated into law. The Omnibus has not passed, which means the non-retroactivity loophole does not apply because the amendment creating it does not exist. Readers who adjusted their compliance timelines based on our earlier coverage should readjust. The original deadline is the only deadline that is currently legally binding.
This is not a criticism of the earlier analysis. Regulatory forecasting is inherently uncertain. The lesson is that building compliance programmes around assumed regulatory delays is a risk, and the Omnibus collapse is the scenario that proves it.
What compliance teams should do in the next 90 days
Treat 2 August 2026 as the hard deadline. Stop waiting for the Omnibus. Build to the current law. If the delay eventually materialises, the work done now still applies. If it does not, the organisation is compliant.
Prioritise high-risk AI system inventories. Every AI system that makes or substantially contributes to decisions in the Annex III categories (employment, credit, education, essential services, law enforcement, migration, justice) needs to be identified, documented, and assessed against the high-risk requirements.
Implement Article 50 transparency measures for generative AI. Any chatbot, synthetic content generator, or AI system that interacts directly with users must include disclosure mechanisms and content marking by 2 August 2026. This applies to new systems placed on the market or put into service from that date.
Review vendor compliance. If the organisation deploys AI systems from third-party providers, the provider’s compliance with AI Act requirements is now the deployer’s concern. Request conformity documentation, risk assessments, and technical documentation from providers. If the provider cannot produce them, that is a risk the deployer is accepting.
Monitor the mid-May trilogue. A deal could still happen. Watch for IAPP, Euractiv, and European Commission announcements. But do not pause work while watching. The work is the same regardless of the outcome.
Sources
- IAPP (Ashley Casovan), “AI Act Omnibus: What just happened and what comes next?,” 29 April 2026 (12-hour trilogue collapse, Annex I carve-out dispute, follow-up trilogue timeline, Article 50 reminder, Hallensleben and McNamara quotes, Laura Caroli and Deloitte analysis links). iapp.org
- Reuters, “EU countries, lawmakers fail to reach deal on watered-down AI rules,” 29 April 2026 (wire confirmation of trilogue failure, political context). reuters.com
- Shadow AI Watch, “The EU Just Moved the AI Act’s High-Risk Deadline,” 17 April 2026 (earlier SAW coverage being updated by this article). shadowaiwatch.com
- Amnesty International EU, “Open letter: Safeguard the AI Act,” April 2026 (40+ civil society organisations opposing structural AI Act changes). amnesty.eu