The political window for delaying the EU AI Actโ€™s August 2, 2026 high-risk compliance deadline is narrowing to a matter of days.

On April 28, 2026, the second political trilogue between the European Parliament, the Council of the EU, and the European Commission on the Digital Omnibus package ended without agreement. Negotiations lasted more than twelve hours before collapsing over a dispute about sectoral exemptions โ€” specifically, whether industries already subject to other EU product safety frameworks should be exempt from the AI Actโ€™s conformity assessment requirements.

A third trilogue has been scheduled for May 13, 2026.

For compliance teams who have been monitoring the EU Digital Omnibus as a potential source of relief from the August 2 deadline: the timeline for that relief is now extremely compressed, and the probability of the delay taking effect before August 2 has materially decreased.

What the Omnibus Would Do

The EU Digital Omnibus, proposed by the European Commission in November 2025, contains a provision that would link the effective date of high-risk AI system obligations under Annex III of the AI Act to the availability of harmonized technical standards developed by European standards bodies CEN and CENELEC.

Since those standards are not expected to be ready by August 2, 2026 โ€” many are still in draft form โ€” the practical effect of this provision would be to push the Annex III compliance deadline to:

  • December 2, 2027 for stand-alone high-risk AI systems
  • August 2, 2028 for high-risk AI systems embedded in products regulated under other EU frameworks (medical devices, machinery, aviation equipment, etc.)

The justification for the delay is straightforward: the conformity assessment process for high-risk systems, the EU AI database registration requirements, and the CE marking process all depend on harmonized standards that do not yet exist in usable form.

Without the Omnibus, the August 2, 2026 deadline is the law as enacted. That deadline has not been amended, waived, or suspended.

Why the Trilogue Failed

The April 28 collapse centered on one substantive dispute: sectoral exemptions.

Several EU industries โ€” medical devices, machinery manufacturers, aviation equipment producers, and others โ€” are already subject to rigorous product safety conformity assessment requirements under existing EU regulatory frameworks. Their compliance organizations have argued throughout the AI Actโ€™s development that requiring a second conformity assessment under AI Act rules โ€” on top of an existing assessment under, say, the Medical Devices Regulation โ€” is duplicative, costly, and practically unworkable within the timeframe.

The debate in the April 28 trilogue concerned the scope and structure of exemptions that would allow these embedded, regulated-product AI systems to satisfy AI Act requirements through their existing sectoral conformity pathways rather than a separate AI-specific process.

The European Parliament and the Council could not reach agreement on the boundaries of those exemptions after twelve hours of negotiation. The specific sticking points โ€” which sectors qualify, what conditions must be met, and what ongoing oversight applies โ€” remain unresolved.

The May 13 Timeline Problem

The May 13 trilogue is the critical near-term moment. But even a successful May 13 agreement faces a procedural gauntlet that must be completed before August 2.

For the Omnibus high-risk AI delay to take legal effect by August 2, 2026, the following must occur in sequence:

  1. Political agreement at the trilogue (May 13 or later)
  2. Formal vote by the European Parliament โ€” typically requires several weeks after political agreement
  3. Council endorsement โ€” additional procedural steps
  4. Publication in the Official Journal of the EU โ€” the final step before a regulation takes legal effect
  5. Entry into force โ€” typically 20 days after Official Journal publication

The European Commissionโ€™s public communications had suggested that a deal by end of April would be tight but achievable. With April 28 producing no agreement, the window between May 13 and August 2 is approximately eleven weeks โ€” and the formal legislative steps described above have historically taken longer than that.

Legal analysts reviewing the Omnibus timeline have noted that even with political agreement on May 13, there is no guarantee the full procedural sequence completes before August 2. If it does not, the August 2 deadline remains operative โ€” and any subsequent Omnibus enactment would apply prospectively, not retroactively.

What Is and Is Not Affected by the August 2 Deadline

To plan accurately for August 2, 2026, compliance teams need to distinguish which AI Act obligations are actually on the table.

Already in Force (Not Affected by August 2 or the Omnibus)

The following AI Act obligations are already in force and are not subject to the Omnibus postponement:

Prohibited AI practices (Article 5) โ€” the prohibitions on unacceptable-risk AI systems took effect on February 2, 2025. These include social scoring by public authorities, real-time biometric surveillance in public spaces, subliminal manipulation, and exploitation of vulnerable populations. These prohibitions are already law.

General-purpose AI model (GPAI) obligations (Article 51+) โ€” GPAI providers (including frontier model providers and large-scale API providers) have been subject to compliance obligations since August 2025. The transparency requirements, systemic risk assessments, and incident reporting for GPAI models are in force.

AI literacy obligations โ€” the requirement to ensure that employees operating AI systems have sufficient AI literacy took effect August 2, 2025.

What August 2, 2026 Adds

The obligations that become operative on August 2, 2026 โ€” and that the Omnibus would delay โ€” are:

  • Annex III high-risk AI system requirements: conformity assessments, technical documentation, human oversight mechanisms, logging, accuracy and robustness requirements
  • EU AI database registration: high-risk systems deployed by public authorities must be registered in the EUโ€™s central AI database
  • CE marking for high-risk AI systems
  • Notified body involvement for certain high-risk categories

These are the compliance obligations that require the harmonized standards the Omnibus delay is designed to await.

The Sectoral Exemption Debate: Why It Matters

The dispute that crashed the April 28 trilogue is not merely procedural โ€” it reflects a substantive question about how the AI Act applies to regulated industries.

Consider a medical device manufacturer whose product includes an AI-assisted diagnostic function. Under the AI Act, that diagnostic AI function is a high-risk system under Annex III (medical devices are explicitly listed). Under the Medical Devices Regulation (MDR), the device has already undergone rigorous conformity assessment by a Notified Body.

The manufacturerโ€™s position: we have already demonstrated the safety of this device through MDR conformity assessment. Requiring a separate AI Act conformity assessment โ€” by a potentially different Notified Body, using AI-specific harmonized standards that donโ€™t yet exist โ€” adds cost and delay without proportionate safety benefit.

The Parliamentโ€™s concern: creating a blanket sectoral exemption creates a pathway for high-risk AI to escape AI Act scrutiny entirely by being embedded in a regulated product, even when the AI function poses risks not addressed by the sectoral framework.

This is a real substantive disagreement, not a technical drafting dispute. Its resolution will define how the AI Act applies to a wide range of medical, industrial, and transportation AI systems for years.

What Compliance Teams Should Do Right Now

The April 28 collapse does not change the compliance calculus โ€” but it clarifies it.

Do not reduce AI Act preparation in reliance on the Omnibus delay. The delay has not been enacted. The August 2 deadline is current law. Organizations that have deferred Annex III compliance work on the assumption that the Omnibus would pass are in a worse position today than they were two weeks ago.

Identify your Annex III exposure. Which AI systems in your organization fall under Annex III high-risk categories? The categories include: biometric identification, critical infrastructure management, education and vocational training, employment and HR decisions, essential private and public services, law enforcement, migration and border control, and administration of justice. If you deploy AI in any of these areas, August 2 triggers specific documentation, oversight, and assessment obligations.

Assess your GPAI exposure separately. If your organization uses API access to foundation models or deploys commercially available models in ways that make you a โ€œdeployerโ€ under the AI Act, your obligations under the GPAI framework are already operative. This is not affected by the Omnibus or the August 2 deadline.

Watch May 13. If the May 13 trilogue produces a political agreement, that is a significant development โ€” but it still does not guarantee the delay takes legal effect before August 2. The subsequent procedural steps will determine whether organizations get relief or not.

Prepare for the possibility that August 2 arrives with no Omnibus in effect. In that scenario, organizations with high-risk AI systems deployed in the EU will be in violation of operative law. Regulatory enforcement in the first months after a major deadline is typically graduated โ€” but it is not zero.

The Broader Regulatory Context

The trilogue collapse is one data point in a broader pattern of EU digital regulatory uncertainty that compliance teams must navigate.

The Digital Omnibus was itself a response to political and competitive pressure โ€” the Draghi Reportโ€™s critique of European compliance burden, business community arguments about competitiveness disadvantage, and the practical reality that the AI Actโ€™s August 2026 deadline arrived before the technical standards needed to implement it were available.

The collapse of two of three scheduled trilogues suggests that the Omnibusโ€™s most ambitious provisions โ€” the AI Act delay and the GDPR personal data definition changes โ€” face serious political headwinds. The more administrative provisions (unified incident reporting, SME documentation relief) are more likely to survive in some form.

For the August 2 deadline specifically: the compliance teams best positioned for any outcome are those that have been preparing on the August 2026 timeline while monitoring the Omnibus. They will be ready if August 2 arrives as scheduled, and they will not have wasted effort if the Omnibus delay ultimately passes โ€” the preparation produces a stronger compliance posture regardless.

For prior coverage of the Digital Omnibus package and its original proposals, see our analysis: Brussels Is Rolling Back Its Own Rules: What the EU Digital Omnibus Means for GDPR, AI Act, and Data Act Compliance. For a compliance guide to the August 2026 high-risk requirements, see EU AI Act August 2026 Deadline: The High-Risk Compliance Guide.

Sources: The Next Web (EU AI Act Omnibus deal fails after 12-hour talks, April 2026); A&O Shearman (EU AI Omnibus: Key Issues as Trilogue Negotiations Begin); Ropes & Gray (AI Omnibus: Trilogue Underway); IAPP (AI Act Omnibus: What just happened and what comes next); OneTrust (How the EU Digital Omnibus Reshapes AI Act Timelines); Morrison Foerster (European Digital Compliance: Key Digital Regulation & Compliance Developments, May 2026); DLA Piper (The Digital AI Omnibus: Proposed deferral of high risk AI obligations). This article is provided for informational purposes only and does not constitute legal advice.