EU AI Act Digital Omnibus agreement on May 7 — Annex III high-risk obligations deferred to December 2027, regulatory sandbox requirement pushed to August 2027
A political agreement was reached on May 7, 2026 on amendments to the EU AI Act — the Digital Omnibus on AI. High-Risk AI Systems (Annex III) obligations are postponed from 2 August 2026 to 2 December 2027 (a 16-month deferral). The transparency rules take effect August 2026. Member-state regulatory-sandbox establishment is postponed from August 2026 to August 2027. Two new prohibited practices were introduced — non-consensual intimate material and CSAM generation — effective December 2, 2026.
The timeline-relief substance is the consequential structural piece. The original AI Act timeline put high-risk system obligations in force on August 2, 2026; the Omnibus agreement on May 7 defers them to December 2, 2027. The 16-month deferral is the regulatory recognition that the compliance infrastructure — both inside the European Commission's enforcement apparatus and inside the regulated AI vendors — needs more time to operationalize the obligations. The transparency rules taking effect on the original August 2026 timeline preserve the disclosure-and-labeling framework that consumers and procurement teams rely on, while pushing the higher-friction conformity-assessment and risk-management requirements out by a year-plus.
The new-prohibition substance is consequential on the opposite end. Non-consensual intimate material generation and CSAM generation are now explicit AI Act prohibitions with December 2, 2026 effective date. The prohibitions close a regulatory gap that earlier drafts had left ambiguous — generative-AI vendors operating in the EU must structurally prevent the prohibited uses by the December deadline. The 2026 International AI Safety Report's deployment-distinguishability warning is the technical-constraint complement: structural prevention of prohibited uses has to hold against models that may behave differently in real deployment than in pre-deployment evaluation. The combined picture is the EU regulatory framework recalibrating with realistic timelines on conformity assessment while sharpening the prohibition surface where the risk-and-harm calculus is unambiguous.
Consilium EU — AI Council Parliament agree simplify streamline rules May 7 → · Inside Privacy — EU AI Act Update Timeline Relief Targeted Simplification → · Beyond Tomorrow — AI Regulation 2026 EU AI Act US State Laws →