EU provisionally agrees to delay high-risk AI enforcement, ban AI nudifiers, and push back watermarking deadline
The European Parliament and Council of the EU reached a provisional agreement on May 7, 2026 to amend the EU AI Act through the AI Digital Omnibus. The agreement delays enforcement of rules governing most high-risk AI systems to December 2027 or August 2028, adds a prohibition on AI-generated non-consensual intimate content effective December 2026, and pushes the watermarking obligation for AI-generated content to December 2026.
- Issuing body
- European Parliament and Council of the European Union
- Jurisdiction
- European Union
- Who is bound
- Providers and deployers of AI systems operating in the EU — particularly providers of stand-alone high-risk AI systems (recruitment, credit scoring, biometric identification, critical infrastructure); providers of AI systems embedded in regulated products (medical devices, vehicles, toys); and providers or deployers of AI systems capable of generating intimate visual content
- Decided
- Effective
- TBD
What's now different
The provisional agreement preserves the AI Act's risk-based architecture but changes three things materially for builders. First, the compliance deadline for stand-alone high-risk AI systems — those used in recruitment and performance evaluation, credit scoring, insurance risk assessment, emotion recognition, biometric identification, and critical infrastructure — moves from August 2, 2026 to December 2, 2027. AI systems used as safety components in regulated physical products (medical devices, vehicles, toys) get a further extension to August 2, 2028. Systems already on the EU market before the applicable new deadline are exempt from the high-risk requirements unless they undergo a substantial modification after that date. The Commission had not yet published the harmonized technical standards needed for practical compliance by the original deadline, making the extension a near-necessity. Second, a new prohibition is added: from December 2, 2026, providers and deployers may not place on the EU market, or use, AI systems designed to generate non-consensual intimate imagery or child sexual abuse material — so-called "nudifier" applications — or systems that lack reasonable safeguards against such use. Fines for violations may reach €35 million or 7% of global annual turnover, whichever is higher. Third, the watermarking obligation for AI-generated content is delayed from August 2026 to December 2, 2026.
This is a provisional agreement — a trilogue deal between the Parliament, Council, and Commission — not a formally adopted act. The full agreed text has not yet been published by the Commission. Formal adoption by the Parliament and Council is expected by July 2026, ahead of the August 2, 2026 date on which the original high-risk AI system requirements would otherwise take effect; upon adoption, the amendments enter into force three days after publication in the EU Official Journal. Companies planning EU market access for high-risk AI systems should treat December 2027 and August 2028 as the operative planning horizons, while noting that existing obligations already in force — prohibitions on social scoring, subliminal manipulation, and real-time biometric identification (in force since February 2025), and transparency obligations for chatbots (taking effect August 2026) — are unaffected by this agreement.