The EU AI Act imposes legally binding obligations on developers and deployers of AI systems in the EU, with the primary enforcement deadline of August 2, 2026. However, the AI Omnibus deal reached in May 2026 significantly changed which requirements apply on that date — extending certain Annex III high-risk AI system deadlines to December 2027. This guide tells you exactly what still hits in August 2026, what got delayed, and the specific technical steps engineering teams must take now.
What Actually Happens on August 2, 2026 (And What Got Delayed by the AI Omnibus)
August 2, 2026 is the EU AI Act’s general application date, marking the moment when the bulk of its obligations become enforceable — but the May 2026 AI Omnibus agreement renegotiated the timeline for the most burdensome category. Under the original regulation, all high-risk AI systems listed in Annex III (standalone AI applications in areas like employment, credit, education, and biometrics) were required to comply by August 2, 2026. The AI Omnibus political agreement reached on May 7, 2026 extended that specific deadline to December 2, 2027, giving developers 16 additional months to achieve conformity for standalone Annex III systems.
What is NOT delayed and still applies on August 2, 2026:
- Transparency obligations (Article 50): Chatbots must disclose they are AI. Deepfakes and synthetic media must be labeled. Emotion recognition and biometric categorization systems must notify users.
- GPAI model obligations (Chapter V): General-purpose AI model providers must maintain technical documentation, publish usage policies, comply with copyright law, and — for systemic-risk models (≥10²⁵ training FLOPs) — submit to third-party audits and incident reporting.
- Prohibited practices enforcement (Article 5): Already enforceable since February 2025, but August 2026 brings intensified EU-level oversight. Real-time remote biometric surveillance in public spaces, social scoring systems, and subliminal manipulation techniques remain permanently banned.
- Innovation measures: The EU AI Act’s regulatory sandbox and testing provisions for SMEs take full effect.
The key distinction for developers: if you are building a standalone AI application that qualifies as high-risk under Annex III (employment screening tool, student assessment system, credit scoring engine), the conformity deadline moved to December 2027. But if your system is integrated into an Annex I product regulated under existing EU product-safety law (medical devices, vehicles, machinery), you still face the August 2026 deadline.
EU AI Act Risk Classifications: Unacceptable, High-Risk, GPAI, Transparency, Minimal
The EU AI Act organizes AI systems into a four-tier risk pyramid that determines which obligations apply to your product. Understanding where your system falls is the first — and most consequential — technical decision your team will make.
Unacceptable risk (prohibited): These AI practices are banned outright under Article 5, enforceable since February 2025. They include real-time remote biometric identification in public spaces by law enforcement (with narrow exceptions), AI systems that exploit cognitive vulnerabilities to manipulate behavior, social scoring by government entities, predictive policing based solely on profiling, and scraping facial images to build recognition databases. Fines for violations reach €35 million or 7% of global turnover — the highest tier in the regulation.
High-risk AI: Defined across two annexes. Annex I covers AI embedded in existing regulated products (medical devices per Regulation 2017/745, aircraft components, vehicles, industrial machinery). Annex III covers standalone AI in eight sensitive domains: biometric identification, critical infrastructure, education, employment, essential private and public services, law enforcement, migration and border control, and administration of justice. These systems face the heaviest technical requirements: conformity assessments, technical documentation, logging, human oversight, accuracy standards, and registration in the EU database.
GPAI models (General-Purpose AI): A separate category for foundation models and large language models, governed by Chapter V. All GPAI providers must publish technical documentation and summaries of training data for copyright compliance purposes. Models that cross the systemic-risk threshold (≥10²⁵ training FLOPs — roughly GPT-4 scale) face additional obligations including adversarial testing, incident reporting to the EU AI Office, and third-party audits.
Transparency-only obligations: Lower-risk AI systems that interact with people face Article 50 disclosure requirements. Chatbots must identify themselves. Synthetic content must be labeled with machine-readable watermarks. Emotion recognition and biometric categorization systems must notify users before processing.
Minimal risk: The vast majority of commercial AI applications — spam filters, recommendation engines, customer analytics, game AI — fall here with no specific obligations beyond general EU law (GDPR, product liability).
Is Your AI System High-Risk? The Annex III Classification Checklist
Determining whether your AI system qualifies as high-risk under Annex III requires a structured analysis across eight domain categories, each with specific subcriteria defined in the Act and supplementary Commission guidance published in 2025. Incorrectly classifying a system as minimal risk when it meets Annex III criteria is itself a compliance violation that can trigger fines up to €15 million or 3% of global turnover.
Use this checklist to assess your system:
| Domain | High-Risk If Your System… | August 2026 Deadline? |
|---|---|---|
| Biometrics | Identifies individuals by face, voice, or gait; categorizes by protected characteristics | AI Omnibus: Dec 2027 |
| Critical Infrastructure | Makes or influences decisions for energy grids, water, transport networks | Dec 2027 (standalone) |
| Education | Determines access to educational institutions or evaluates student performance | Dec 2027 |
| Employment | Screens job candidates, evaluates performance, terminates employment | Dec 2027 |
| Essential Services | Scores creditworthiness, processes benefits claims, risk-assesses insurance | Dec 2027 |
| Law Enforcement | Profiles individuals, assesses recidivism risk, analyzes evidence | Dec 2027 |
| Migration | Assesses asylum claims, processes visa applications | Dec 2027 |
| Justice | Applies law to facts, influences judicial decisions | Dec 2027 |
| Annex I Products | AI in medical devices, vehicles, machinery, aviation | August 2026 |
The Article 6(3) self-assessment exception: Even if your system falls within an Annex III category, you may self-declare it as NOT high-risk if it performs a narrow, preparatory task that does not directly influence consequential decisions, or if the output is purely for human review without direct operational effect. This requires documented justification and, under the Omnibus agreement, notification to your national market surveillance authority.
The AI coding assistant trap: If you use AI coding assistants (GitHub Copilot, Cursor, Windsurf) to build a high-risk AI system, the compliance obligation transfers to you — the developer — not to the tool provider. The act that makes your employment screening model high-risk is its purpose and impact, not its implementation method.
7 Technical Requirements Every High-Risk AI Developer Must Implement
High-risk AI systems under the EU AI Act must meet seven core technical requirements defined across Articles 9 through 15. These are not documentation checklists — they are engineering requirements that must be built into the system before market deployment. For systems that remain under the August 2026 deadline (Annex I-integrated products), the implementation clock is running now.
1. Risk Management System (Article 9) A continuous, iterative process that identifies, analyzes, and mitigates risks throughout the AI system lifecycle. This means automated risk monitoring in production, not just a pre-deployment assessment. Required documentation: risk register with residual risk classifications, mitigation measures per risk, and update cadence.
2. Data Governance (Article 10) Training, validation, and test datasets must be subject to documented governance covering data collection practices, preprocessing operations, known biases and mitigation measures, and data quality criteria. High-risk systems touching biometrics or employment require statistical analysis of training data distribution by protected characteristics.
3. Technical Documentation (Article 11) Annex IV specifies the exact contents: system description, design specifications, development methodology, training data description, validation and testing results, performance metrics, and information for downstream users. This documentation must be retained for 10 years post-deployment and made available to market surveillance authorities on request.
4. Automatic Logging (Article 12) High-risk AI systems must automatically log events sufficient to enable post-market monitoring and incident investigation. Minimum retention: 6 months for operator-controlled logs. Logs must capture: input data characteristics (not necessarily raw data), model outputs, confidence scores, human override events, and system state at decision time.
5. Transparency and Instructions for Use (Article 13) The system must be transparent to operators — the organizations deploying it. Required in the instructions for use: intended purpose, performance levels, known limitations, foreseeable misuse scenarios, human oversight measures, expected lifetime, and maintenance requirements.
6. Human Oversight (Article 14) This is the most engineering-intensive requirement. The system must be designed so that humans can: understand the AI’s capabilities and limitations, monitor operation in real time, identify and correct malfunctions, override or halt the system, and refuse to implement outputs. This requires building human oversight interfaces — dashboards, audit trails, override mechanisms — not just policies.
7. Accuracy, Robustness, and Cybersecurity (Article 15) Performance must be declared with metrics valid for the intended purpose. The system must be resilient to errors, faults, and adversarial manipulation. For systems processing personal data, security measures must align with GDPR Article 32. Post-market performance monitoring is required to detect accuracy drift.
Conformity Assessment and CE Marking: The Step-by-Step Process
Conformity assessment for most Annex III high-risk AI systems is self-assessment — you do not need a notified body or third-party auditor for standalone software applications. This is one of the most widely misunderstood aspects of the regulation, and correctly understanding it significantly reduces compliance costs for many developers.
The EU AI Act’s conformity assessment works as follows:
Step 1: Classify and document the high-risk determination Write a formal classification decision with legal references to the specific Annex III paragraph that makes your system high-risk. This document protects you if challenged by authorities and establishes the compliance scope.
Step 2: Implement and document all seven technical requirements (Articles 9-15) Create your Annex IV technical documentation package. This is the core compliance artifact. Budget 200-400 engineering hours for a typical system, with additional time for data governance documentation.
Step 3: Conduct conformity assessment procedure For software-only Annex III systems: self-assessment per Annex VI (Module A). You declare conformity yourself. No notified body required. Exception: if your AI system is integrated into a product governed by existing EU safety legislation listed in Annex I (e.g., a medical device AI), you must follow the conformity assessment procedure for that product, which typically does require third-party assessment.
Step 4: Draw up EU Declaration of Conformity A legal document you sign declaring the system meets all applicable requirements. Annex V specifies the required contents. This is publicly available on request.
Step 5: Apply CE marking CE marking must appear on the system or its documentation. For software, this typically means the product packaging, download page, or documentation header.
Step 6: Register in the EU AI database Before placing the system on the market or putting it into service, deployers of Annex III high-risk AI systems must register in the EU database maintained by the AI Office. Registration is free but requires disclosure of system purpose, deployer identity, and conformity assessment summary.
Cost reality for SMEs: End-to-end conformity assessment for a straightforward Annex III system (e.g., an employment screening tool) typically runs €50,000–€150,000 in internal engineering and legal costs. Complex systems or those integrated into Annex I products can reach €500,000.
GPAI Developer Obligations: What Model Builders Must Do Before August 2026
GPAI obligations apply if you train or fine-tune a general-purpose model — a model designed to perform multiple different tasks — and make it available to third parties. The GPAI chapter (Chapter V) became enforceable on August 2, 2025, so if you are a model provider, you are already in scope.
All GPAI providers must:
Maintain and publish technical documentation: Using the Annex XI template. This covers training methodology, data used, computational resources (FLOPs), performance evaluations, and known limitations. Models released under open-source licenses with published weights receive a partial exemption: they do not need to provide the commercial documentation package, only a summary of training data for copyright compliance purposes.
Copyright compliance: GPAI providers must implement a policy for compliance with EU copyright law, specifically honoring opt-outs from web crawling under Article 4(3) of the 2019 DSM Directive. In practice: your data pipeline must check and respect robots.txt exclusions and explicit crawl opt-outs, and you must document this process.
Publish model capabilities and limitations: A publicly accessible summary card covering intended use cases, performance on standardized benchmarks, and known risks must be maintained and updated.
The open-source GPAI trap: The open-source exemption is NOT unlimited. If your open-source model crosses the 10²⁵ training FLOP threshold — the systemic-risk threshold — the exemption disappears and the full systemic-risk obligations apply. These include adversarial testing (red-teaming), incident reporting to the EU AI Office within 15 days, model evaluation before release, and third-party audits every two years.
For context, 10²⁵ FLOPs is roughly the scale of GPT-4’s training run. Models below that threshold — the vast majority of research and commercial releases — retain the open-source exemption if they meet open-source licensing conditions.
Prohibited AI Practices: What You Can Never Build (Already Enforceable)
The prohibited practices under Article 5 have been enforceable since February 2025, meaning any system in this category deployed today is already in violation. These are not subject to the AI Omnibus extension or any grace period — they are permanent prohibitions with maximum fines of €35 million or 7% of global annual turnover.
Prohibited practices checklist:
| Practice | What It Covers | Common Mistake |
|---|---|---|
| Real-time remote biometric ID | Law enforcement use of facial recognition in public spaces (narrow law enforcement exceptions exist) | Deploying retail loss-prevention systems that identify individuals in real time |
| Subliminal manipulation | Techniques below conscious awareness that harm users or others | “Persuasion” engines that exploit cognitive biases for harmful outcomes |
| Exploitation of vulnerabilities | Systems targeting cognitive impairments, age-related vulnerabilities, economic desperation | Dark-pattern systems targeting mental health struggles |
| Social scoring | Government systems that evaluate citizens based on behavior for general purposes | Municipal “citizen score” initiatives |
| Predictive policing | Risk assessment of individuals based solely on profiling for crime prediction | Automated recidivism tools without human override |
| Emotion inference in workplace/education | AI that infers emotional states of workers or students via monitoring | Employee wellness platforms that log emotional state |
| Untargeted facial scraping | Building facial recognition databases by scraping internet or CCTV | Any bulk biometric dataset built from public sources |
The emotion inference prohibition covers a particularly broad category. Systems that analyze video, audio, or physiological signals to infer worker emotional states — even marketed as productivity or wellness tools — fall under Article 5 if deployed in the workplace or educational settings. This catches a significant number of commercial HR-tech and EdTech AI products.
Penalties and Enforcement: The Exact Numbers and How They’re Calculated
The EU AI Act’s penalty structure is tiered by violation severity, and fines are calculated using the higher of an absolute cap or a percentage of global annual turnover. This means that a startup with €2M in revenue faces a lower nominal fine than a major tech company, but the proportional impact — and the reputational damage — can be equally severe.
Penalty tiers:
| Violation Type | Maximum Fine |
|---|---|
| Prohibited practices (Article 5) | €35 million or 7% of worldwide annual turnover |
| High-risk AI non-compliance | €15 million or 3% of worldwide annual turnover |
| Incorrect or misleading information to authorities | €7.5 million or 1.5% of worldwide annual turnover |
How enforcement works: The EU AI Act creates a dual enforcement structure. EU-level enforcement through the AI Office applies to GPAI models and cross-border systemic issues. National market surveillance authorities (MSAs) handle country-level enforcement for high-risk AI systems. Each EU member state must designate an MSA by August 2026. In practice, the most likely enforcement path for the first 12-24 months is complaint-driven: a user, employee, or competitor reports a potentially non-compliant system to the national MSA, which then investigates.
SME provisions: SMEs and startups that act in good faith but make compliance errors face reduced fines — national MSAs have discretion to apply proportionality. The Omnibus agreement strengthened these provisions, with the Council and Parliament explicitly acknowledging that compliance costs for SMEs must not create disproportionate market barriers.
Private right of action: The AI Act does not create a private right of action — individuals cannot sue directly under the regulation. Enforcement flows through public authorities. However, GDPR enforcement, which does allow data subject complaints that can result in DPA investigations, often overlaps with AI Act violations for systems processing personal data.
Post-2026 enforcement forecast: Industry analysts expect that high-risk AI non-compliance will account for over 70% of enforcement actions post-2026. The priority targets will be employment screening AI, credit-scoring systems, and biometric identification tools — categories with clear regulatory text, visible harms, and existing advocacy organizations ready to file complaints.
Your August 2026 Compliance Action Plan: 30-60-90 Day Checklist
With August 2, 2026 under 60 days away, most teams are in the final sprint of compliance preparation. The AI Omnibus extension for Annex III standalone systems provides relief for many, but August 2026 still brings hard deadlines for transparency requirements, GPAI obligations, and Annex I-integrated AI products. Use this phased checklist to close remaining gaps.
Days 1-30: Classify and triage
- Complete formal Annex III classification for every AI system in your portfolio — document the decision with legal citations
- Identify which systems benefit from the AI Omnibus Annex III extension to December 2027 vs. which remain under August 2026 deadline
- Audit every user-facing AI system for Article 50 transparency requirements: does it interact with humans? Does it generate synthetic content?
- If you train or fine-tune GPAI models: verify technical documentation exists in Annex XI format
- Inventory prohibited practice exposure — particularly emotion inference in workplace/education settings
Days 31-60: Build and document
- For transparency-obligation systems: implement chatbot disclosure banners, deepfake watermarking, emotion recognition notification flows
- For Annex I-integrated high-risk systems: complete Annex IV technical documentation package
- For GPAI models: publish capability summary card and copyright compliance policy
- Begin human oversight interface development for any Annex I high-risk systems (this is the longest-lead item)
- Engage legal counsel to draft EU Declaration of Conformity template
Days 61-90: Assess, mark, and register
- Complete self-assessment per Annex VI (Module A) for applicable high-risk systems
- Sign EU Declaration of Conformity
- Apply CE marking to product documentation
- Register in EU AI database before deployment
- Establish post-market monitoring process including logging infrastructure meeting Article 12 requirements
- For Annex III systems under December 2027 deadline: document extended timeline rationale and begin compliance roadmap
For teams still using AI coding assistants to build these systems: Document which tools were used and verify that the AI-generated code has been reviewed against the technical requirements. The compliance obligation rests with the deployer regardless of implementation method.
FAQ
Does the EU AI Act apply to US companies? Yes. The EU AI Act applies extraterritorially to any company that places AI systems on the EU market or whose AI systems produce outputs used in the EU — regardless of where the company is headquartered. US companies with EU users, customers, or partners must assess compliance.
What is the difference between a provider and a deployer under the EU AI Act? A provider is the entity that develops or places an AI system on the market (typically the company that trains or builds the model). A deployer is the entity that uses a third-party AI system in a professional context. Both can have obligations: providers face the full technical documentation and conformity assessment requirements; deployers must implement human oversight, maintain logs, and register in the EU database for high-risk systems.
Is my SaaS AI tool considered high-risk? Most general B2B SaaS AI tools are not high-risk. The Annex III categories are specifically enumerated: employment screening, credit scoring, educational assessment, biometrics, critical infrastructure, law enforcement, migration, and justice administration. If your tool doesn’t make consequential decisions in those specific domains, it likely falls in the minimal or transparency-only category.
Do open-source AI models get exempted from EU AI Act requirements? Partially. Open-source GPAI models with published weights are exempt from commercial technical documentation requirements but still must publish a training data summary for copyright compliance. This exemption disappears if the model crosses the systemic-risk threshold (≥10²⁵ training FLOPs). For high-risk AI systems (Annex I/III), releasing the system as open-source does not exempt it from compliance obligations.
What should a developer do right now if they’re unsure whether their system is high-risk? Start with the Annex III category list and the Article 6(3) self-assessment exception. If your system touches employment, credit, education, biometrics, or law enforcement decisions, assume high-risk until you can document a defensible exception. Engage a EU-qualified AI law firm for a formal classification opinion — this costs €5,000–€15,000 and creates a documented good-faith compliance effort that can reduce penalties if challenged later.