On April 28, 2026, negotiators from the European Parliament, the Council of the EU, and the European Commission sat in Brussels for 12 hours and walked out without an agreement.
The delay that thousands of companies had quietly been counting on didn’t happen. And right now, the August 2, 2026, deadline is still the law.
Introduction
The EU AI Act is the world’s first comprehensive legal framework for artificial intelligence. It doesn’t regulate AI as a technology; it regulates what AI does to people: how it makes decisions, what it controls, and who it can harm.
If your AI system touches anyone in the European Union, this law applies to you. Whether you’re based in Berlin or Boston doesn’t matter.
The original deadline was always August 2, 2026. A proposed reform package, the Digital Omnibus, was expected to push that back to December 2027. Those talks collapsed. As of April 30, 2026, no delay has been adopted.
The August 2026 deadline remains legally in force.
How the Law Actually Works
The EU AI Act doesn’t treat all AI the same. It uses a risk ladder.
- Unacceptable risk: banned outright. This includes social scoring systems, real-time biometric surveillance in public spaces, and AI that manipulates people without their awareness. These prohibitions came into effect on February 2, 2025.
- High risk: allowed, but tightly regulated. If your organisation uses AI to screen job candidates, assess credit applications, or personalise essential services, those are now high-risk AI systems subject to the EU’s most comprehensive technology regulation to date. Documentation, human oversight, and conformity assessments are all required.
- Minimal risk: mostly unrestricted. Spam filters, recommendation engines, AI in video games. Most AI falls here.
Who This Affects: Including Companies Outside Europe
Here’s what most people don’t notice: the law’s reach mirrors the GDPR. A US-based company using AI for loan approvals that serves European customers falls within scope, even if the AI models run on servers outside Europe.
If your AI’s output touches the EU, you’re in scope. Full stop.
The Deadline Drama Nobody Fully Resolved
The European Commission proposed the Digital Omnibus in November 2025, a package that would have pushed high-risk AI obligations to December 2027. The logic was simple: harmonised compliance standards weren’t ready yet, and companies were struggling.
The second political trilogue on April 28, 2026, ended without agreement. A third trilogue has been scheduled for May 13, 2026.
This leaves businesses with a tough choice: stand down on compliance, assuming a delay will be confirmed, or push ahead against the August deadline in case the law takes effect as written.
The answer, according to every legal expert tracking this, is expected in August. The delay may still come. But it is no longer something you can assume.
The Real Risk Isn’t the Fine
The penalty for non-compliance is up to €35 million or 7% of global annual turnover. That number gets attention. But it’s not the real risk.
“The real risk is not preparing too early for compliance that may still evolve, but discovering too late that you don’t even have control over your AI use-case inventory.”
Most organisations don’t have a full picture of where AI is being used inside their own walls. Shadow IT, vendor-integrated models, automated workflows, and AI are already embedded in places compliance teams haven’t mapped yet.
That’s the actual problem August 2026 is exposing.
Key Takeaways
- The EU AI Act is the world’s first comprehensive AI law, in force since August 2024 and applying in stages.
- High-risk AI obligations become enforceable on August 2, 2026, and that deadline is currently still in force after delay talks collapsed on April 28.
- The law applies to any organisation whose AI affects EU residents, regardless of where the company is based.
- High-risk categories include recruitment tools, credit scoring, biometric systems, law enforcement AI, and critical infrastructure.
- Fines reach up to €35 million or 7% of global turnover.
- A third trilogue is scheduled for May 13, a delay is still possible, but cannot be assumed.
Conclusion
The EU AI Act isn’t a future problem. It’s a present one, and the window to prepare is measured in weeks, not quarters.
The Brussels talks collapsed. The deadline held. And the organisations that were quietly waiting for an extension are now the ones with the most ground to make up.
The law was always going to arrive. The question was never really if, it was whether companies would treat it seriously before or after it became urgent.
Where does your organisation stand right now, and do you actually know every place AI is making decisions on your behalf?
