The Council of the European Union has reached a provisional political agreement on the Digital Omnibus Regulation. The legislative update introduces pivotal amendments to the EU AI Act, systematically restructuring compliance windows for market operators and expanding the scope of prohibited AI practices.
Deferral of High-Risk AI Obligations
The provisional agreement grants structural extensions for compliance targeting high-risk artificial intelligence frameworks:
Standalone High-Risk AI (Annex III): Governance obligations for systems deployed in critical infrastructure, biometrics, education, and employment are deferred to December 2, 2027 (originally scheduled for August 2026).
Embedded High-Risk AI (Annex I): AI components acting as safety features in tangible regulated products (e.g., medical devices, aviation) face a rescheduled enforcement date of August 2, 2028.
Regulatory Sandboxes: The operational deadline for Member States to establish domestic AI regulatory sandboxes is extended to August 2, 2027.
Accelerated Generative AI Transparency Timelines
Conversely, the EU has compressed the grandfathering grace period for generative AI providers. Technical transparency mandates, including content watermarking and synthetic generation detection solutions, will now come into force ahead of schedule on December 2, 2026.
Expansion of Article 5 Prohibitions
The Omnibus expands the statutory list of banned AI practices under Article 5. The revised text enforces a strict prohibition on the marketing, development, and deployment of AI systems engineered to generate non-consensual intimate imagery (NCII) and child sexual abuse material (CSAM).
The amended provisions will enter into force following formal adoption by the European Parliament and the Council, with publication in the Official Journal of the European Union expected to conclude ahead of the original August 2026 milestone.