The EU Just Delayed Its Own AI Rules. Here is What Changed.

When the EU AI Act entered into force on August 1, 2024, it was hailed as the world's first comprehensive AI regulation. The timeline was ambitious: prohibitions on unacceptable AI would apply by February 2025, transparency obligations by August 2025, and the big one, high-risk AI system rules, by August 2026.

As of June 2026, the EU has formally delayed those high-risk rules by over a year. The [1] reached between the Council, Parliament, and Commission in May 2026 does several things worth understanding, whether you build AI systems or just live under them.

High-Risk AI Obligations: Pushed to 2027 and 2028

The headline change is straightforward. High-risk AI system obligations under the AI Act are postponed. Stand-alone Annex III systems, covering recruitment, credit scoring, law enforcement, education, and border control, now need to comply by December 2, 2027 instead of August 2, 2026. AI embedded in regulated products like medical devices, machinery, and vehicles (Annex I) gets until August 2, 2028.

This replaces the Commission's original proposal for a conditional trigger mechanism, where the delay would only activate if certain readiness criteria were met. The final agreement just sets fixed dates. No conditions, no readiness tests. The dates are what they are.

New Prohibition: AI-Generated Intimate Imagery

The Omnibus adds a new prohibition under Article 5: AI systems that generate or manipulate non-consensual intimate imagery, including so-called "nudifier" tools, are now banned. The ban also covers AI-generated child sexual abuse material (CSAM).

The scope is broader than it sounds. It does not just cover tools designed for that purpose. Any general-purpose image or video generation system where such misuse is a "reasonably foreseeable and reproducible outcome" falls within scope, unless the provider implements "reasonable and adequate technical safeguards" to prevent it. If you build an image generator and someone can trivially use it to create non-consensual deepfakes, the law says you needed to have thought about that at design time.[2]

This prohibition has a transitional period until December 2, 2026.

Narrower Definition of "High-Risk"

The Omnibus narrows what counts as a high-risk AI system in two ways.

First, AI systems embedded in products covered by the Machinery Regulation are largely exempted from AI Act obligations. If your robot arm is already regulated under machinery safety law, you do not get double-regulated under the AI Act too.

Second, the definition of "safety component" is tightened. AI used for user assistance, performance optimization, service efficiency, automation, convenience, or quality control is not high-risk unless its failure would actually endanger health and safety. An AI that optimizes warehouse logistics is not high-risk just because it is AI. It has to fail dangerously.

Watermarking Grace Period

AI systems already on the market before August 2, 2026 get a four-month grace period for the watermarking obligation under Article 50(2), which requires machine-readable markers in AI-generated content. The broader transparency obligation, disclosing to users that they are interacting with AI, still kicks in on August 2, 2026 as originally planned.

What This Means in Practice

If you were scrambling to comply with high-risk AI obligations by August 2026, you have been given more time. But the transparency requirements under Article 50 are still on schedule for this August. And the new prohibition on AI-generated intimate imagery takes effect in December 2026, which is sooner than the high-risk deadline.

The EU AI Office also gets reinforced supervisory powers under the Omnibus, including the ability to conduct on-site inspections, accept binding commitments, and impose fines. It gains exclusive competence over AI systems built on general-purpose AI models when the model and system come from the same provider, as well as AI integrated into very large online platforms.[3]

For small teams and open source builders, the narrowing of "high-risk" is the most practical change. If your tool does not directly endanger people when it fails, it probably is not high-risk anymore. But if it touches recruitment, credit, law enforcement, or border control, the clock is still ticking, just a year further out.