Two political trilogues. Two failures. The EU AI Act’s Digital Omnibus, the legislative package intended to harmonize the AI Act’s conformity assessment rules with existing sectoral safety laws, has stalled, and the April 28 session was not a near-miss. It collapsed after roughly 12 hours, according to independent reporting confirmed across multiple sources. No date for a third session has been formally confirmed, though a follow-up is expected around May 13, 2026.
The August 2, 2026 deadline does not care about any of this.
Under Article 85(3) of the EU AI Act, the Annex III high-risk system compliance obligations take effect on August 2, 2026. That date is embedded in primary EU law. Changing it requires an amending regulation published in the Official Journal of the European Union. The Digital Omnibus, if it passes, is that amending regulation, but it hasn’t passed, it isn’t close to passing, and even if May 13 produces a political agreement, publication and entry-into-force timelines compress the window to near zero. Compliance teams who have been treating the Omnibus as a potential delay mechanism need to reframe their planning assumptions now.
What the Annex I Dispute Actually Is
To understand what’s blocking the Omnibus, you need to understand the EU AI Act’s two-track structure for high-risk systems. Annex III lists the application categories that make an AI system high-risk: recruitment tools, critical infrastructure management, law enforcement applications, education systems, essential services access, biometric identification. These systems must comply with the full Chapter III regime, risk management, data governance, technical documentation, transparency, human oversight, by August 2.
Annex I is different. It lists the existing EU product safety directives, the Machinery Regulation, the Medical Devices Regulation, the Radio Equipment Directive, and roughly a dozen others, that already govern products in which AI might be embedded. An AI system embedded in a CE-marked medical device or industrial machine is covered by both the AI Act and the underlying sectoral law. The question is: which conformity assessment process governs, and can they be run simultaneously?
The Digital Omnibus was designed to resolve this by modifying how those dual-track obligations interact. According to analysis attributed to Bird & Bird, the negotiations stalled specifically over this conformity assessment architecture, how AI Act third-party assessment requirements mesh with (or duplicate) CE marking processes under sectoral law. That’s a technically complex problem with significant commercial implications for medical device manufacturers, automotive suppliers, and industrial equipment makers who are already running conformity programs under their sectoral laws and don’t want to run a parallel AI Act process on top.
The political difficulty is that different member states have different economic stakes in different sectoral industries. Resolving the conformity assessment architecture in a way that satisfies medical device regulators, automotive industry representatives, and machinery manufacturers simultaneously, while holding together the Parliament’s position on AI Act integrity, is genuinely hard. The collapse after 12 hours suggests the gaps aren’t cosmetic.
What August 2 Requires Regardless
Here’s what the Omnibus deadlock does not change: the core Chapter III obligations for Annex III systems. Whether or not the Omnibus passes, organizations deploying high-risk AI in recruitment, critical infrastructure, law enforcement, education, essential services, or biometric identification must have these in place by August 2:
Risk management system (Article 9): A continuous, documented process for identifying, estimating, evaluating, and controlling risks, not a one-time assessment, but an ongoing system with defined review cycles.
Data governance documentation (Article 10): Documentation of training, validation, and test data practices, including data sources, collection methods, and any known limitations or biases.
Technical documentation (Article 11 + Annex IV): A standardized package covering system description, design specifications, monitoring, logging, and post-market information.
Transparency and instructions for use (Article 13): Clear documentation for deployers covering the system’s purpose, accuracy characteristics, human oversight requirements, and limitations.
Human oversight measures (Article 14): Designed-in capabilities allowing humans to monitor, intervene, override, or halt the system in operation.
These obligations don’t change if the Omnibus passes. The Omnibus modifies the assessment pathway for Annex I embedded products, not the substantive requirements for Annex III systems. If your system is Annex III and doesn’t touch an Annex I sectoral product, the Omnibus is irrelevant to your compliance program. If your system is embedded in, say, a medical device, the Omnibus outcome determines whether you run one assessment process or two, but you still run at least one, by August 2.
Two Scenarios for May 13
Scenario A: May 13 produces a political agreement. The institutions finalize the Omnibus text, publish it in the Official Journal, and it enters into force. Given the publication timeline, this would need to happen in the next 30–40 days to give any practical relief before August 2. That’s tight under the best circumstances. Even in this scenario, the Annex III obligations above apply in full. Organizations with Annex I-embedded systems might get clarification on assessment pathways, but the underlying work, risk management systems, data governance, technical documentation, doesn’t disappear.
Scenario B: May 13 fails or produces no agreement. The Omnibus does not pass before August 2. August 2 arrives with the AI Act’s original conformity assessment architecture intact. Organizations with Annex I-embedded systems must navigate the dual-track assessment question without legislative resolution. For most Annex III deployers without Annex I intersections, nothing changes, August 2 was always the date.
Legal advisors including DLA Piper are recommending that organizations treat August 2 as binding and proceed accordingly. That recommendation reflects a sound reading of the legal baseline, not regulatory guidance, but it’s the correct posture given the calendar math.
What Compliance Teams Should Have in Progress Now
With 89 days to August 2, the realistic checkpoint is this: if your risk management system, data governance documentation, and technical documentation aren’t in at least a near-final draft state by the time May 13 arrives, you won’t have the buffer to absorb a second-session failure and still reach August 2 compliant.
The prior pipeline coverage on this situation is worth reviewing for context. The stakeholder map of the Omnibus dispute published May 4 shows why the conformity assessment architecture is so politically resistant. The August 2 deadline analysis published in April establishes the statutory baseline clearly. And the agentic AI certification brief covers a related complication for teams deploying systems with non-static behavior.
For organizations with Annex I-embedded products specifically, the practical recommendation is to document your conformity assessment position now, both the AI Act track and the sectoral law track, so that when the Omnibus outcome is known, you can adapt rather than start over. The work isn’t wasted regardless of the political outcome. It’s the evidence that your program is serious.
The Structural Takeaway
The EU AI Act’s August 2 deadline has been the subject of speculation, extension rumors, and political maneuvering since the Omnibus was introduced. What this week confirms is that the legal baseline, Article 85(3), no extension in force, is the operative reality. The Omnibus was always a modification, not a reprieve. Compliance programs built around the possibility of delay are now built around an incorrect assumption.
The more useful question for the next 89 days isn’t whether May 13 succeeds. It’s whether your documentation, your risk management system, and your human oversight architecture are defensible against an August 2 audit. That question has the same answer regardless of the trilogue outcome.