Two votes. One session. The European Parliament did something unusual: it delayed a major regulatory framework and tightened it in the same breath. Compliance teams focused only on the deadline extension are missing the sharper story.
The deadline restructuring is the headline most outlets are running. The Parliament voted to adopt a simplification proposal that replaces the AI Act’s prior compliance timeline with a tiered sequence. Per the European Parliament’s press release, the three new dates are: November 2, 2026 for AI-generated content watermarking requirements; December 2, 2027 for high-risk AI systems; and August 2, 2028 for AI systems embedded in products covered by EU sectoral safety legislation. These dates are not yet law. The simplification package requires Council of the EU approval before taking legal effect. Compliance teams should treat current deadlines as operative until Council action is confirmed.
The deepfake ban is the signal buried in the same vote. The Parliament voted to prohibit AI systems designed to generate non-consensual sexually explicit deepfakes, so-called nudifier apps. This wasn’t a procedural footnote. The Parliament cited legal certainty and harmonized standards as the rationale for the deadline revisions. Pairing that rationale with an explicit new prohibition tells you something about where enforcement attention is likely to land first: on the applications that generate the clearest, most immediate public harm. Watermarking requirements and high-risk system audits require guidance and infrastructure. Banning nudifier apps does not.
The Parliament cited the need for implementation guidance and harmonized standards as the basis for the revised timeline, according to reporting from Pinsent Masons. That framing matters. This isn’t a retreat. It’s an acknowledgment that enforcement without standards is ineffective, and a commitment to get the standards right before requiring conformity.
What’s next. Council action is the next gate. Without it, the new deadline structure has no legal force. Watch for Council scheduling. If approval moves quickly, compliance teams can begin planning against the tiered structure. If it stalls, the original timeline remains operative and the uncertainty extends.
TJS synthesis. Three dates are now on the table: November 2026, December 2027, August 2028. Each tier serves a different compliance function, content transparency first, then high-risk system governance, then sectoral integration. If your compliance program was built around a single AI Act deadline, this is the week to rebuild it as a three-phase program. Start with the November 2026 watermarking requirement. It’s the shortest fuse, and it’s also the tier most likely to survive Council review without modification. Don’t wait for the Council vote to begin that scoping work.