Tech trends14. July 20264 min. Reading time

On August 2, 2026, the EU AI Act will be serious – but differently than most companies expected. The Digital Omnibus has postponed the high-risk obligations by up to two years. In many management levels, this has become the conclusion: “Then we have time.” That is an expensive mistake. A significant part of the regulation works unchanged in a few weeks – including the risk of fines.

What the Digital Omnibus has actually postponed

The Digital Omnibus is a package of amendments to the AI Regulation, which the Council and Parliament will discuss in the trialogue on 7 December. May 2026 agreed. The European Parliament approved on 16 June 2026, and the Council approved on 29 June. June 2026 green light. Publication in the Official Journal is pending but is expected before 2 August.

Only the requirements for high-risk AI systems were shifted:

  • High risk stand-alone systems (Annex III) – for example AI in human resources, education, lending or access to essential services: new deadline 2. December 2027.
  • AI as a security component in products (Annex I) – for example in machines, medical devices or vehicles: new deadline 2. August 2028.

Important for classification: The substantive Requirements for high-risk systems have not been mitigated. The content of risk management, data quality and data governance, technical documentation, logging, human oversight, accuracy, robustness and cybersecurity, and registration in the EU database will remain intact. The deadline was postponed, not the substance.

What on the 2. August 2026 unchanged

This is where the misunderstanding arises. These obligations apply independently of the omnibus:

  • Prohibited AI practices (Art. 5). Social scoring, manipulative systems, certain biometric applications – anyone who uses such systems must turn them off. The omnibus even has the list extended.
  • Transparency and labelling obligations (Art. 50). Users must be able to recognize that they are interacting with an AI; AI-generated content must be labeled machine-readable. For generative systems that were on the market before the cut-off date, a transitional period shall apply until 2. December 2026.
  • Obligations for AI models with general use (GPAI, Art. 53) – and from August 2026 also their implementation.

A detail that is often lost in reporting: The AI competence obligation by type. 4 was changed by the omnibus from a strict obligation to a Obligation to pay mitigated. Anyone who reads “we don’t have to anymore” from it thinks too briefly: Without employees who understand what an AI system does and where its limits lie, neither human supervision nor transparency obligations can be fulfilled in practice. The training does not disappear – it only moves from the compliance list to the operational reality.

The Real Misconception: “Delayed” Is Not “Done”

Anyone who develops or buys a high-risk system today will produce facts by December 2027 – architecture, data pipelines, logging, documentation. Exactly these decisions later determine whether the conformity assessment becomes a formality or a reengineering project. Logging and data governance cannot be subsequently transferred over a finished system; They are architectural decisions.

The additional 16 months are therefore not a delay, but a time window. Companies that use it go into evaluation in 2027 with robust documentation. Companies that sit it out then face the same task – only with more legacy behind them.

What Makes Sense Now – Before August 2

  1. Inventory. Which AI systems are in-house – including the co-pilot licenses, chatbots and purchased SaaS functions that nobody leads as an “AI project”? Without inventory, any further question cannot be answered.
  2. Classification. Prohibited, high-risk, transparent or uncritical? Most systems in the middle class end up in the third or fourth category – but you have to be able to justify that, not suspect.
  3. Implement transparency. Chatbot hints, labeling of AI-generated content, clear information in customer communication. This is the part that is due in three weeks – and that can be done in three weeks.
  4. Examining prohibitions. A short, documented comparison with Art. In the vast majority of companies an empty result – but one that you want in writing.
  5. High-risk candidates, do not postpone. For everything that becomes relevant in 2027: build logging, data origin and documentation from the beginning.

Conclusion

The Digital Omnibus provides air for the most complex duties – and not a single minute for the duties that take effect on 2 August 2026. Anyone who reads the headline “Deadline postponed” as an all-clear, confuses the most demanding part of the regulation with its whole. Realistically, August 2 is a transparency and inventory date for most medium-sized companies, not a certification date. But it's a date.

What a pragmatic AI governance looks like that delivers compliance without slowing down projects, we show on our side to the AI Governance & EU AI Act.

This contribution gives the state of the 14th century. July 2026 again and serves for general information. It does not replace legal advice; the final dates result from publication in the Official Journal of the EU.

From practice to practice

Would you like to implement this in your company? We support you pragmatically – from the idea to the operation.