⚡ August 2026 — 4 months awayUpdated for COM 836

EU AI Act Compliance Timeline

Name: Regumatrix
Author: Regumatrix

Every EU AI Act enforcement date — from the February 2025 ban on prohibited AI to the 2030 deadline for public sector deployers. Includes proposed changes from the Digital Omnibus (COM 836).

Not sure which of these deadlines applies to your AI system?

Describe what your system does and Regumatrix maps it against every applicable deadline — in about 30 seconds. Your first 3 analyses are free.

Find my compliance deadlines — 3 free analyses included

About COM(2025) 836: The Digital Omnibus on AI is a Commission legislative proposal and has not yet been enacted. All 2027–2030 dates marked “Proposed” are conditional and may change. Your working compliance deadline remains 2 August 2026.

1 August 2024Passed

AI Act enters into force

Applies to: Everyone — the regulation is legally binding from this date.

Art 113

Regulation (EU) 2024/1689 officially enters into force
Definitions (Art 3), scope (Art 2), and general framework apply
24-month clock starts for most obligations

2 February 2025Passed

Prohibited AI practices ban

Hard enforcement — fines up to €35 M or 7% of global turnover apply now

Applies to: All providers, deployers, importers, distributors — anyone placing or using AI in the EU.

Art 5Chapter II

Social scoring by public authorities or private operators — banned
Subliminal manipulation causing harm — banned
Exploiting vulnerable groups (age, disability) — banned
Criminal risk profiling by personality traits — banned
Untargeted facial scraping to build biometric databases — banned
Emotion recognition in the workplace or educational institutions — banned
Biometric categorisation inferring race, politics, religion, sexual orientation — banned
Real-time remote biometric identification in public spaces by law enforcement — banned (narrow exceptions apply)

Maximum penalty: €35,000,000 or 7% of global annual turnover (whichever is higher). These prohibitions apply NOW.

2 August 2025Passed

GPAI model obligations apply

Hard enforcement — AI Office oversight active, fines up to €15 M or 3%

Applies to: Providers of general-purpose AI models — LLMs, multimodal models, foundation models placed on the EU market.

Arts 51–56Chapter VArt 101

Technical documentation per Annex XI required before market placement
Information pack for downstream providers (Annex XII)
Publicly available training data summary
Copyright compliance policy
Systemic-risk models (> 10²⁵ FLOPs): adversarial testing, AI Office incident reporting, cybersecurity, energy reporting
Registration obligation for GPAI providers

This applied 12 months after entry into force per Art 113(2). Fines for GPAI violations: up to €15M or 3% turnover (Art 101).

2 August 2026⚡ 4 months away

High-risk AI + transparency obligations

Hard deadline — full enforcement and fines begin on this date

Applies to: Providers and deployers of high-risk AI systems (Annex III standalone AI + most Annex I product safety AI). All providers of limited-risk AI systems.

Arts 8–27Art 43–49Art 50Art 72Chapter IIIChapter IV

Risk management system (Art 9) — continuous lifecycle process
Data governance for training, validation, testing datasets (Art 10)
Technical documentation before market placement (Art 11 + Annex IV)
Automatic logging / record-keeping (Art 12)
Transparency and instructions for use to deployers (Art 13)
Human oversight by design — override, monitor, stop controls (Art 14)
Accuracy, robustness, cybersecurity (Art 15)
Quality management system (Art 17)
Conformity assessment — self-assessment or notified body (Art 43)
EU declaration of conformity + CE marking (Arts 47–48)
Registration in EU database before deployment (Art 49 + Art 71)
Post-market monitoring plan (Art 72)
Deployers: human oversight assignment, logging, worker notification (Art 26)
Chatbot disclosure, deepfake labelling, AI-generated text marking (Art 50)

This is the primary compliance deadline. If you are building, selling, or deploying a high-risk AI system and have not started compliance work, you are already late.

2 February 2027Upcoming

Watermarking deadline for pre-existing generative AI

Transition window — regulators observing, formal enforcement expected later

Applies to: Providers of generative AI systems (image, audio, video, text) already on the market before 2 August 2026.

Art 111Art 50

Generative AI systems in use before the main application date must comply with technical watermarking/labelling requirements by this date
This extended deadline was added by COM(2025) 836 — it is a proposal as of March 2026

Legislative note: COM(2025) 836 — Digital Omnibus on AI — is a legislative PROPOSAL as of March 2026 and has not yet been enacted.

2 December 2027Proposed (COM 836)

Fallback: Annex III high-risk AI (proposed)

Applies to: Providers of standalone high-risk AI systems under Annex III (Art 6(2)) — employment, credit, healthcare, education, law enforcement, biometrics, borders, justice.

Art 113836 Art 1 pt31

Under COM 836, if the Commission has not adopted a decision confirming harmonised EN standards before August 2026, the Annex III high-risk obligations are deferred to this fallback date
If standards ARE ready and confirmed before August 2026, the original date stands
This is NOT a general delay — it is conditional on a Commission decision

Legislative note: COM(2025) 836 — PROPOSAL only. Plan for August 2026 as your working deadline. Do not assume the fallback will apply.

2 August 2028Proposed (COM 836)

Fallback: Annex I product safety AI (proposed)

Applies to: Providers of AI systems that are safety components of products covered by Annex I harmonisation legislation: medical devices (MDR/IVDR), machinery, radio equipment, aviation, vehicles.

Art 113836 Art 1 pt31

Under COM 836, if the Commission has not confirmed harmonised standards, Annex I product safety AI systems have until this date
Original AI Act deadline for these systems was 2 August 2027
These systems require third-party notified body conformity assessment

Legislative note: COM(2025) 836 — PROPOSAL only. Current working deadline under the enacted regulation is 2 August 2027.

2 August 2030Proposed (COM 836)

Public authority deployers (proposed)

Applies to: Public authorities deploying high-risk AI systems (e.g. government agencies using AI for benefit eligibility, tax assessment, public service delivery).

Art 113836 Art 1 pt31

COM 836 proposes a dedicated extended deadline for public authority deployers of high-risk AI
Private sector deployers still face the August 2026 deadline
This acknowledges the longer procurement and IT cycles in the public sector

Legislative note: COM(2025) 836 — PROPOSAL only.

Quick reference — all dates

1 August 2024AI Act enters into force

2 February 2025Prohibited AI practices ban

2 August 2025GPAI model obligations apply

2 August 2026High-risk AI + transparency obligations

2 February 2027Watermarking deadline for pre-existing generative AI

2 December 2027Fallback: Annex III high-risk AI (proposed)Proposed

2 August 2028Fallback: Annex I product safety AI (proposed)Proposed

2 August 2030Public authority deployers (proposed)Proposed

Three deadline edge cases that trip up most teams

The main dates above are clear — but the regulation has specific wrinkles that affect whether your exact situation follows the standard timeline. Check if any of these apply to you:

Your AI system was on the market before 2 August 2026 — Article 111 applies and there is no grandfather clause
You are a public authority deployer — COM 836 proposes a 2030 fallback, but this is not yet law
Your system is embedded in a CE-marked medical device — the 2027 Annex I track may apply to you specifically
You release GPAI models and are not yet compliant — obligations under Arts 51-55 have applied since August 2025
You assumed COM 836 delays are confirmed — they are proposals only; plan for the original August 2026 date

Map my exact deadlines →

Frequently asked questions

When does the EU AI Act fully apply?▾

The main compliance deadline is 2 August 2026, when high-risk AI system obligations (risk management, technical documentation, human oversight, conformity assessment) and transparency obligations (Article 50) become fully enforceable. GPAI model rules applied earlier, from 2 August 2025. The prohibited AI practices ban under Article 5 has been in effect since 2 February 2025.

Has the August 2026 deadline been delayed?▾

Not yet. As of March 2026, the 2 August 2026 deadline remains in force under Regulation (EU) 2024/1689. The Digital Omnibus proposal COM(2025) 836 — which proposes fallback dates of December 2027 (Annex III) and August 2028 (Annex I) if harmonised standards are not ready — is a legislative proposal and has not yet been enacted. Organisations should plan compliance for August 2026.

When do rules apply to AI in medical devices?▾

AI in products covered by Annex I product safety legislation — including medical devices (MDR/IVDR), machinery, aviation, and vehicles — has additional time under the original AI Act. Under the current regulation, these systems had until 2 August 2027. COM(2025) 836 proposes extending this to 2 August 2028 if harmonised standards are not confirmed by the Commission. Plan for 2027 as the working deadline.

Does the AI Act apply to AI systems already in use before August 2026?▾

Yes. Under Article 111, AI systems already placed on the market or put into service before the obligations apply are subject to the regulation once those dates pass — unless they are subject to significant modification. There is no broad grandfather clause. Providers of existing systems must assess and, if necessary, update their systems to comply.

Related compliance guides

Is my AI high-risk? (Checklist)Fines & penalties (Article 99)Provider obligations checklist COM 836 — what changes Risk management system (Art 9)Conformity assessment guide

Don't guess which of these deadlines apply — find out in 30 seconds

Describe your AI system in plain language. Regumatrix checks it against every article of the EU AI Act and returns your risk tier, exact Annex classification, every obligation that applies, required actions before August 2026, and your fine exposure under Article 99.

Analyse my system free — 3 checks included →All compliance guides

8-section report · Article citations · ~30 seconds · No credit card