EU lawmakers approve a delay to the AI Act's high-risk rules
The European Parliament has signed off on amendments that push back compliance deadlines for high-risk AI systems by roughly a year, giving businesses and regulators more time to prepare.
Europe's landmark AI law just got a schedule change. On June 16, 2026, the European Parliament gave its final approval to a package of amendments to the EU AI Act — part of a broader "digital omnibus" effort to simplify the bloc's tech rules. The headline item: the compliance deadlines for high-risk AI systems are being pushed back, in some cases by more than a year.
What actually changed
The AI Act sorts AI systems into risk tiers, and the strictest obligations fall on "high-risk" uses — things like AI used in hiring, education, critical infrastructure, biometrics, and border control. Under the original timeline, most of those obligations were due to bite in August 2026.
Under the amended schedule, rules for high-risk systems in areas such as employment, education, biometrics, and critical infrastructure are now expected to apply from December 2027. High-risk AI that is built into regulated products — think medical devices or machinery — gets until August 2028, a twelve-month extension on the original plan.
Why the delay happened
This is less a retreat than an admission of logistics. Many EU member states had not yet designated the national authorities who are supposed to enforce the rules, and the harmonized technical standards companies need in order to demonstrate compliance simply were not finished. Business groups had warned for months that firms were being asked to comply with requirements that had no finalized playbook.
The Parliament's vote is the major hurdle cleared; the Council of the EU is expected to give its formal green light in the coming weeks so the changes can be published before the original August 2026 deadline arrives.
What is not changing
It is worth being clear about what stays in force. The ban on prohibited practices — such as social scoring and certain manipulative uses of AI — has applied since early 2025 and is untouched. Transparency obligations for general-purpose AI models also remain on their existing track. This delay is specifically about the high-risk compliance machinery, not a rollback of the law's core protections.
Why it matters for small business
If you sell into the EU, or your product uses AI in hiring, credit, education, or anything safety-related, you just got breathing room — but not a pass. The requirements themselves (risk management, documentation, human oversight, data quality) are still coming; only the date moved. The smart play for a small firm is to use the extra time cheaply: keep a simple register of where AI touches your operations, ask your software vendors which obligations they will handle for you, and avoid signing long contracts with AI suppliers who cannot answer basic compliance questions. Companies that treat the delay as a head start, rather than a snooze button, will spend far less when the deadlines finally land.
Reported across: European Parliament, Gibson Dunn, DLA Piper
More from the blog
Want this customized and automated for your business?
We take the tools in this toolbox and wire them into your business — your data, your brand voice, running on autopilot.
Talk to Vexlo