The EU AI Act does not land all at once. It entered into force on 1 August 2024 and unfolds in phases. The prohibitions and the rules for general-purpose AI already apply. The phase that matters most to enterprise deployers — the full obligation stack for high-risk systems — was meant to arrive on 2 August 2026. It almost certainly will not.
In November 2025 the European Commission published the Digital Omnibus, a package of targeted amendments designed to give organisations and regulators more time. On 6 May 2026 the Council and the Parliament reached a provisional political agreement to postpone the high-risk deadlines outright. If you are still planning your programme against an August 2026 cliff edge, you are planning against a date the EU has moved — and against a version of the law that, as of mid-2026, has not yet been formally adopted. That ambiguity is itself the risk this article is written to manage.
For DACH enterprises in insurance, manufacturing, financial services and professional services, the challenge was never that deadlines exist. It is knowing which ones actually bind you, which ones have shifted, and what minimum viable action each phase requires while the legal text is still in motion.
The current timeline — and what just changed
1 August 2024 — The AI Act enters into force. No obligations apply yet; the clock starts.
2 February 2025 — Prohibitions on unacceptable-risk AI take effect. The AI literacy obligation in Article 4 also begins to apply.
2 August 2025 — Obligations for general-purpose AI (GPAI) models take effect. The governance machinery — the AI Office, the AI Board, the penalty framework, the notified-bodies regime — becomes operational.
2 August 2026 (under the original text) — Most obligations for high-risk AI systems take effect: risk management, technical documentation, human oversight, logging, conformity assessment.
This is the date the Digital Omnibus moves. Under the provisional agreement reached in trilogue on 6 May 2026 and confirmed by Member States in Coreper on 13 May, the high-risk obligations for Annex III systems — the use-case-based high-risk category, covering AI in employment, creditworthiness, insurance pricing, and similar domains — are postponed from 2 August 2026 to 2 December 2027. High-risk AI embedded in products already regulated under EU harmonised legislation (Annex I — medical devices, machinery, lifts, radio equipment, and similar) moves from 2 August 2027 to 2 August 2028.
Two things matter about this deferral, and both cut against complacency. First, the agreed dates are fixed, not conditional. The Commission's original proposal would have tied the high-risk start to the availability of harmonised standards and support tools; the co-legislators rejected that trigger and set hard dates instead. There is no longer a mechanism by which the deadline slips again on its own. Second — and this is the part most readers miss — the amendment is still a provisional political agreement. It only becomes law once it is formally adopted and published in the Official Journal, which is expected before 2 August 2026. Until then, the original August 2026 deadline remains the law on the books. If formal adoption stalls, the cliff edge returns. You are, in effect, governing to two timelines at once.
Prohibitions and AI literacy — already in force
AI systems classified as unacceptable risk became illegal on 2 February 2025: social scoring by public authorities, untargeted scraping of facial images to build recognition databases, emotion inference in workplaces and educational settings, and real-time remote biometric identification in public spaces outside narrow law-enforcement exceptions. The Digital Omnibus adds one prohibition to this list — AI used to generate child sexual abuse material or non-consensual intimate imagery — with a transitional window running to 2 December 2026.
For most DACH enterprises this phase required a documented review rather than a system change. The prohibited categories are specific, and ordinary enterprise AI in pricing, underwriting, document processing or maintenance forecasting does not touch them. What is easy to overlook is the obligation that arrived on the same date and applies to everyone: AI literacy under Article 4. Any organisation that puts AI systems into operation must ensure the staff who run them have a sufficient level of understanding of how they work and what they can get wrong. This is not a high-risk-only rule. If you have shipped a copilot to your service desk or a drafting assistant to your claims team, you already owe your people a documented literacy baseline.
GPAI obligations — live since August 2025
Since 2 August 2025, providers of general-purpose AI models carry transparency and documentation duties — a published summary of training data, technical information for downstream integrators, and copyright-compliance measures. Providers of GPAI models judged to carry systemic risk take on heavier obligations including model evaluation, adversarial testing and serious-incident reporting.
For a DACH Mittelstand company, the honest framing is that almost none of this is your obligation directly. You are a deployer, sitting downstream of OpenAI, Anthropic, Google, Mistral and the like. But two deployer-side actions earn their place now because they become load-bearing the moment high-risk obligations bite. Confirm that the providers behind your models have published their compliance documentation and signed up to the relevant codes of practice — you will need to point to it in your own risk file. And read your contracts for whether they actually allocate AI Act liability, cooperation with authorities and access to the technical information you are entitled to. Most standard SaaS terms written before 2025 do not. The Digital Omnibus also sharpens the line of responsibility here: where a provider builds both the GPAI model and the system on top of it, the EU AI Office takes exclusive competence over that combined system — useful clarity when you are tracing who is accountable for what.
High-risk obligations — the phase that decides your programme
Whether the binding date is December 2027 or, in the adoption-stalls scenario, August 2026, this is the phase that dictates how much work you have. High-risk under the Act is not a vibe; it is a defined set in Annex III — AI used in recruitment and worker management, access to essential private and public services, creditworthiness and credit scoring, risk assessment and pricing in life and health insurance, and a handful of other named domains — plus the Annex I products that carry AI as a safety component.
If you build a high-risk system, the stack is substantial: a risk management system, data governance and quality controls, technical documentation, automatic logging, designed-in human oversight, demonstrated accuracy and cybersecurity, a conformity assessment, an EU declaration of conformity, CE marking, and registration in the EU database. If you merely deploy one — the far more common position for a Mittelstand company buying rather than building — your obligations are narrower but real: operate the system within its intended purpose, exercise the human oversight the provider specifies, ensure your input data is appropriate, monitor operation, retain logs for at least six months, inform workers and their representatives where AI touches the workplace, run a fundamental-rights impact assessment before going live where Article 27 applies, and report serious incidents up the chain.
The deferral does not change what to do — only how much runway you have. The substance of the work is the same, and the dependencies between the steps are unforgiving. Classification has to come first: every system in your inventory needs a documented risk decision, and most of the painful surprises live in systems people assumed were low-risk until someone read Annex III properly. Our classification guide is the place to start that. From there the work runs in parallel rather than in sequence — provider-or-deployer analysis, consolidating scattered technical documentation into an audit-ready form, building the logging that lets you reconstruct a decision after the fact (the compliance-by-design patterns matter most here), and running the impact assessments, including a DPIA wherever personal data is in play. Human oversight is the step organisations most often fake: for every high-risk system a named person must have the authority and the actual capability to understand the output and override the decision. A line in a policy document is not oversight. A trained, resourced person with a working override is.
What the extra eighteen months really buys is the chance to do this as engineering rather than as a panic. The companies that will struggle in late 2027 are the ones reading the postponement as permission to stop.
National enforcement: Germany, Austria, Switzerland
The AI Act is a regulation — directly applicable in every member state without national transposition. What each state must still do is name the authorities that supervise and enforce it, and Germany has now moved. On 10 February 2026 the Federal Cabinet adopted the draft KI-Marktüberwachungs- und Innovationsförderungsgesetz (KI-MIG), which makes the Bundesnetzagentur the central market surveillance authority and the single national point of contact for the EU AI Office, alongside sector-specific regulators where they already hold jurisdiction. For a German company, that is the door enforcement will eventually knock on — covering prohibited practices, high-risk systems and the transparency obligations together.
In Austria, designation of the competent authority is being finalised, and the existing supervisory landscape — the Datenschutzbehörde, and the FMA for financial services — will interface with AI Act enforcement. Switzerland, outside the EU, is not directly bound. But Swiss companies that place AI-enabled products or services on the EU market fall within scope regardless, and the practical conclusion for any cross-border DACH group is the same: scope to the EU market you actually touch, not to where your headquarters sits.
What missing a deadline actually costs
The penalty tiers in Article 99 are steep and are already enforceable, having taken effect with the governance provisions in August 2025. Breaching the prohibitions exposes you to fines of up to €35 million or 7% of total worldwide annual turnover, whichever is higher. Non-compliance with the high-risk and most other operator obligations carries up to €15 million or 3% of turnover. Supplying incorrect or misleading information to authorities carries up to €7.5 million or 1%. For SMEs and start-ups the calculus inverts in your favour: the fine is the lower of the fixed sum and the percentage, not the higher.
For most Mittelstand companies the fine is not even the sharpest edge. The supervisory authority can order a non-compliant system withdrawn from the market or taken out of service. If a high-risk AI workflow sits inside your underwriting, your claims handling or your production line, an enforced shutdown is a far larger operational event than the headline penalty — and it is the scenario your governance is really insuring against.
The minimum viable path while the law settles
If you have done nothing yet, the deferral is a gift you should spend immediately rather than bank. Start with the inventory — every AI system, production, pilot, embedded-in-SaaS and the shadow tooling your teams adopted without telling you, each with a named owner. Move to classification against Annex III and document the reasoning, because the rationale is what an auditor reads, not the conclusion. For anything that lands as high-risk, settle the provider-or-deployer question, then run the documentation, logging and impact-assessment work in parallel through the following quarter, pulling in your Datenschutzbeauftragte and legal counsel early rather than at sign-off. Close with human oversight: name the people, train them, and give them a real override. Then set a quarterly cycle to keep the inventory, the classifications and the documentation current — and to watch the Official Journal, because the moment the Digital Omnibus is formally adopted, your binding dates are confirmed and the two-timeline ambiguity ends.
For an organisation with a handful of high-risk systems this is demanding but achievable in-house. For larger or more entangled portfolios — AI woven through regulated products, or sitting across several legal entities — the honest answer is that you will want outside hands on the conformity work.
A Fit Call maps your AI portfolio against the current timeline — and the deferred one — so you build to the deadline that will actually bind you, not the one in last year's slide deck.
References: European Commission, "Regulatory framework on AI / Digital Omnibus on AI," 2024–2026, https://digital-strategy.ec.europa.eu/en/policies/regulatory-framework-ai; EU Artificial Intelligence Act, "Article 99: Penalties" and "Implementation Timeline," https://artificialintelligenceact.eu/article/99/ and https://artificialintelligenceact.eu/implementation-timeline/; Gibson Dunn, "EU AI Act Omnibus Agreement — Postponed High-Risk Deadlines and Other Key Changes," 2026, https://www.gibsondunn.com/eu-ai-act-omnibus-agreement-postponed-high-risk-deadlines-and-other-key-changes/; Bundesnetzagentur, "Market Surveillance — Artificial Intelligence," https://www.bundesnetzagentur.de/EN/Areas/Digitalisation/AI/14_MarketSurveillance/start.html.