EU AI Act omnibus political agreement reached May 7 — high-risk system deadlines pushed to Dec 2027, SME thresholds expanded
The EU Council presidency and European Parliament negotiators reached political agreement on the AI Act omnibus package on May 7, 2026, extending key compliance deadlines and expanding the SME relief framework. High-risk system rules now apply from December 2, 2027; product-integrated systems from August 2, 2028; AI Act transparency rules still take effect August 2026.
The substantive changes are pragmatic rather than ideological. The SME compliance framework now covers companies with up to 750 employees and €150M annual revenue — a significant expansion from the original threshold and a clear concession to industry concern about compliance cost. The deadline extensions for biometric, infrastructure, education, employment, migration, and border AI systems push enforcement into 2027–2028 and gives implementers an extra year to build compliance tooling.
The most consequential addition is the prohibition extension. Effective December 2, 2026, the agreement bans "nudifier" applications — AI systems that generate or manipulate sexually explicit or intimate images, video, or audio without explicit consent, or that create child sexual abuse material. This is the first prohibition the AI Act has added since the original prohibited-practices list, and it draws a clear line that did not exist in the framework as originally adopted.
Consilium — AI Council and Parliament agree to simplify and streamline rules → · Latham & Watkins — AI Act Update: EU Resolves to Change Rules and Extend Deadlines → · EC Digital Strategy — AI Act →