Twelve AI models. That’s the number Epoch AI’s April 2026 tracking places above the 10²⁵ FLOP threshold defined in Article 51 of the EU AI Act, the line that triggers systemic risk designation for GPAI providers. Training compute for frontier models is doubling approximately every 5.2 months. Epoch projects 80 models will cross 1×10²⁶ FLOP by 2028. The Digital Omnibus was, among other things, an attempt to adjust the regulatory framework before that trajectory made it untenable. The attempt failed. On April 28, the second political trilogue collapsed. The EU AI Act’s compliance architecture, as written in Regulation (EU) 2024/1689, is now the operative text for the August 2 deadline. Understanding why the Omnibus failed, and what the failure means operationally, is the compliance question that matters.
The Breakdown, What Actually Happened in Annex I
Regulation negotiations fail for two reasons: political disagreement or structural incompatibility. The Digital Omnibus ran into both, but the proximate cause was structural. According to IAPP reporting, the breakdown centered specifically on Annex I sectoral rule mergers, the attempt to integrate the Machinery Directive and Toys Directive into the AI Act’s safety framework as additional sector-specific references.
Why does that matter? Annex I defines which existing EU harmonization legislation intersects with the AI Act’s high-risk classification scheme. Adding or reorganizing directives in Annex I changes the compliance perimeter for Annex III systems, which products are in scope, which conformity assessment routes apply, which technical standards are determinative. The Machinery Directive (governing machine safety) and the Toys Directive (governing child safety for toys) each carry their own technical requirements, notified body structures, and CE marking pathways. Reconciling those with the AI Act’s risk management and transparency obligations inside a single legislative package, while also managing the member states’ differing positions on scope, proved impossible within the trilogue’s available timeline.
The failure is worth separating from the political narrative. Legal analysts, including Holland & Knight, have cited US Administration pressure on industry groups as a contributing factor in lobbying for the delay. That characterization reflects legal inference, not documented causal fact. What is documented is the outcome: the second trilogue failed, no extension was enacted, and the timeline established in Article 85(3) stands.
The Stakeholder Map, What Each Party Needed and Didn’t Get
The trilogue involves three institutions with structurally different interests in this negotiation.
The *European Parliament* has been the most aggressive in expanding the AI Act’s scope since the early drafting process. EP positions on Annex I sectoral mergers generally favor broader inclusion, more directives referenced means more products subject to high-risk classification. The EP’s negotiating position on the Omnibus was not the obstacle; institutional ambition and scope were aligned.
The *Council of the EU* represents member state governments, and their interests on Annex I are split. Member states with significant manufacturing sectors (machinery, automotive, consumer goods) face direct economic exposure from broader Annex I scope. Narrowing Annex I protects domestic producers from conformity assessment costs. The Council’s resistance on sectoral mergers reflects this economic calculus, not a principled position on AI safety.
The *European Commission* initiated the Omnibus and faces a political problem: the Commission proposed the simplification package to reduce compliance burden, but the sectoral scope dispute made the package more complicated, not less. The Commission’s goal was efficiency; the negotiating dynamic produced gridlock.
*Industry*, particularly multinational manufacturers with existing Machinery Directive obligations, lobbied actively for resolution, though their preferred resolution (cleaner sectoral boundaries, not broader merger) was itself contested. The result was that no industry coalition position commanded trilateral agreement.
The *US Administration factor*, per legal inference, introduced an additional layer of pressure toward delay rather than resolution. US-headquartered AI developers with EU market exposure have direct interest in timeline extension. That interest found expression in industry lobbying. Whether it was determinative is not documented.
The Epoch AI Number, What 12 Models Means for GPAI Compliance
Systemic risk designation under Article 51 is not hypothetical. Twelve models currently exceed the 10²⁵ FLOP training compute threshold. Those providers face obligations that go beyond Annex III: adversarial testing, incident reporting to the EU AI Office, technical documentation at the model level, and engagement with the GPAI Code of Practice.
The 5.2-month compute doubling trajectory means this number grows. A model that fell below 10²⁵ FLOP at the time of the original Act’s passage may cross that threshold before August 2 if training compute has continued. GPAI providers should run this calculation against their own training runs, not assume static classification.
The GPAI Code of Practice is now the primary active vehicle for interpreting these obligations. With the Omnibus failed, there is no near-term legislative amendment on the horizon. The Code’s current drafting cycle shapes how the EU AI Office will apply systemic risk provisions in practice, making Code of Practice participation a compliance-relevant activity, not just a policy engagement exercise.
The 94-Day Annex III Checklist
August 2, 2026 applies to providers and deployers of Annex III high-risk AI systems. The required elements under the EU AI Act are not modified by the Omnibus failure, they were always the operative requirements. What changed is that no alternative pathway exists:
*Risk management system (Article 9):* Documented, continuously updated, specific to the intended purpose and foreseeable misuse scenarios. Not a general organizational risk register. System-specific documentation.
*Technical documentation (Article 11 + Annex IV):* Complete before market placement or putting into service. Includes system description, design specifications, monitoring system description, and validation procedures. Annex IV specifies the minimum content.
*Data governance (Article 10):* Training, validation, and testing datasets must be subject to appropriate data governance practices. Bias examination is required. This is an ongoing obligation, not a one-time declaration.
*Human oversight measures (Article 14):* Systems must be designed so that a natural person can effectively oversee and intervene. This is a technical design requirement, not an organizational policy. Interface design, override capabilities, and monitoring outputs must be specified.
*Conformity assessment (Article 43):* Self-assessment for most Annex III systems; third-party notified body involvement for specific categories (biometric, critical infrastructure, education, and employment AI). The applicable procedure depends on Annex III category and Annex VII/VIII route.
*Declaration of conformity (Article 47) and CE marking (Article 48):* Required before market placement.
*Post-market monitoring (Article 72):* Not a post-August 2 concern, this is an ongoing obligation that begins at deployment.
Three Possible Outcomes Before August 2
One: *Agreement before June.* A narrow sectoral scope amendment (addressing only the Machinery/Toys specific dispute) could theoretically be fast-tracked through an emergency procedure. This is unlikely given the trilogue failure and the political calendar, European Parliament is not in an acceleration posture on AI regulation.
Two: *Emergency measure.* The Commission could issue interpretive guidance or a delegated act that clarifies Annex I without amending the primary text. This would not extend the deadline but could reduce conformity assessment ambiguity. Watch for Commission communications in May and June.
Three: *Full enforcement as written.* The most probable outcome. The EU AI Office proceeds with the existing framework, GPAI providers engage through the Code of Practice, and Annex III deployers meet the August 2 deadline under the original requirements.
TJS Synthesis
The Omnibus failure is not a surprise, the structural complexity of Annex I sectoral mergers was visible in the negotiating history. What it changes is the planning calculus: compliance teams that built timelines assuming a possible extension now have no institutional basis for that assumption. The GPAI Code of Practice, previously a parallel track, is now the primary mechanism for regulatory interpretation in the near term. For organizations with both Annex III deployment obligations and GPAI threshold exposure, the next 94 days have two concurrent tracks: internal compliance execution and active Code of Practice engagement. The question worth asking: if the Omnibus couldn’t reconcile Annex I sectoral scope in two trilogue attempts, what legislative vehicle would carry that change, and on what timeline?