Mark the date. It’s the default instruction in every EU AI Act compliance guide published since 2024. August 2, 2026 for GPAI. August 2, 2027 for high-risk. The Act runs on a calendar, and compliance programs run with it.
The Digital Omnibus package is changing that assumption.
MEPs reached a preliminary political agreement on March 11, 2026, during a shadow meeting focused on the Digital Omnibus proposal. According to reporting from IAPP and independent corroboration from DPO Centre, a committee vote is scheduled for March 18. The MEP agreement, as reported, proposes extending compliance deadlines for Annex III high-risk systems to December 2, 2027 and for Annex I systems to August 2, 2028. These dates come from multiple analyses of the draft text, including Arnold Porter’s review of the Digital Omnibus proposal. No official published legislative text has confirmed them. They’re proposed, not enacted, and should be treated accordingly in any compliance roadmap.
The date extensions are consequential. They’re not, however, the part of this week’s developments that changes how compliance programs need to be designed.
The Conditional Trigger: What It Reportedly Does
According to analyses of the Council’s March 13 negotiating position, the proposal would decouple fixed calendar dates from high-risk compliance obligations entirely. In their place: a conditional trigger, with a backstop date as a ceiling. The full text of the Council’s position hadn’t been widely published as of this reporting, and the mechanism’s specific trigger condition isn’t confirmed in primary sources. What’s clear from the cross-reference reporting is the structural concept: compliance obligations would activate when a condition is met, not simply when a calendar date arrives.
This is a different kind of deadline. A fixed date is passive, it arrives regardless of what the regulated entity does or doesn’t do. A conditional trigger is active, its arrival depends on something happening first.
For compliance program design, the distinction matters significantly.
Two Models of Deadline Planning
Fixed-date compliance planning is familiar. You identify the date, work backward through a readiness timeline, assign milestones, and track against them. The date is the anchor. Everything else is sequenced from it.
Conditional-trigger planning looks different. You still have the backstop date as an outer boundary. But the actual obligation date becomes variable. It could arrive earlier than the backstop if the trigger condition is met. It could also require ongoing monitoring: compliance teams need to track whether the trigger condition has been met, not just count down to a fixed date.
Practically, this adds a monitoring requirement that most current EU AI Act compliance programs don’t have. The question shifts from “are we ready by [date]?” to “are we ready, and are we watching for the trigger?”
What the trigger condition is, specifically, isn’t confirmed in available reporting. Until the Council’s full position text is published and the gap between the Council and MEP positions is resolved in trilogue, compliance teams are working with a structural concept rather than an actionable specification. That ambiguity is itself worth noting in any internal compliance risk assessment.
Where the Process Stands
The March 18 committee vote advances the MEP position, it doesn’t resolve the full amendment process. After the committee vote, the MEP position enters trilogue negotiations with the Council. The Council’s conditional trigger mechanism and the MEP agreement’s proposed deadline dates are, at this stage, two different positions that need to be reconciled.
The Digital Omnibus proposal itself originated with the European Commission in November 2025, according to European Parliament Think Tank documentation. The Commission’s intent was to streamline compliance obligations across multiple digital regulations, including the AI Act. The Council and Parliament are now negotiating their respective positions before trilogue produces a final text.
That final text is what matters for compliance programs. Neither the MEP agreement nor the Council position is enacted law. Compliance teams should track this process, not restructure programs around either position in isolation.
What to Monitor
Three things are worth tracking in the near term.
First, the March 18 committee vote outcome. A successful vote advances the MEP position. A failed or amended vote changes the negotiating landscape. TJS will report on the outcome on the EU AI Act news page.
Second, publication of the Council’s full negotiating position text. The conditional trigger mechanism is currently described only in third-party analyses. When the Council’s position is formally published, the trigger condition and backstop date structure will be readable in primary text. That’s the document compliance teams need.
Third, the gap between Council and MEP positions. The Council’s conditional trigger approach and the MEP agreement’s proposed fixed extension dates aren’t necessarily incompatible, a final text could incorporate both a conditional trigger and the December 2027 / August 2028 backstop dates. But they need to be reconciled. The trilogue outcome determines what compliance teams are actually planning against.
The Honest Compliance Posture Right Now
The extension proposals, if enacted, give compliance teams more time against the original deadlines. Don’t build plans around that extra time yet. The conditional trigger mechanism, if enacted as described, changes the monitoring requirements for those plans regardless of the specific dates. Don’t ignore that structural shift while focusing on the calendar numbers.
The useful compliance posture at this stage: maintain current program timelines as a baseline, flag the proposed extensions and trigger mechanism as material uncertainties in internal risk assessments, and schedule a program review for 30 days after the trilogue text is published. That’s when the planning can get specific.