The EU AI Act’s original compliance deadline for high-risk AI systems was August 2, 2026. That date, confirmed by the official EU AI Act implementation tracker, is still the operative deadline. For now.
The AI Omnibus, the package of proposed amendments moving through EU legislative processes, would shift that date significantly. Positions adopted by the European Parliament and Council would postpone core high-risk system obligations to December 2027 or August 2028, according to TechPolicy.Press reporting on the Omnibus provisions. The EU Council document confirms the August 2028 date for AI systems classified as high-risk.
These proposed dates remain subject to final political agreement between Parliament and Council, expected by June 2026, according to TechPolicy.Press. They’re not law yet.
The loophole critics are warning about.
Here’s what makes the delay more than a scheduling adjustment: the AI Act applies prospectively, not retroactively. Critics and analysts warn that high-risk AI systems placed on the market before the new deadline may face no compliance obligations under the Act unless substantially modified. If that legal interpretation holds, organizations deploying high-risk AI systems before the new deadline could be operating under a permanent exemption, not a temporary one.
The AI Act’s concept of “substantial modification” becomes decisive in this scenario. A system deployed before the deadline that is later updated, retrained, or changed in ways that constitute substantial modification would fall back under compliance obligations. But what counts as substantial modification isn’t yet clearly defined.
The Omnibus also includes a ban on “nudifier” apps, software that generates non-consensual nude images, per TechPolicy.Press reporting. The package additionally addresses overlaps between the AI Act and sector-specific legislation, with a debate underway that could exempt some systems used in medical devices, toys, or connected vehicles.
What compliance teams should know right now.
Two facts are certain: the original August 2, 2026 deadline is still operative until the Omnibus receives final approval. The proposed delay is not yet law. Organizations that are already building toward August 2026 compliance shouldn’t stop.
What’s contested, and genuinely uncertain, is whether deploying before a new deadline creates a permanent exemption. According to BARR Advisory’s EU AI Act guidance, penalties for non-compliance can reach up to €35 million or 7% of worldwide annual turnover, whichever is higher. The stakes of getting this interpretation wrong are significant.
The compliance decision isn’t whether to comply. It’s when, and to which version of the deadline, and what “deploy before the deadline” actually triggers under the Act’s non-retroactivity structure.