From the journal

EU Council Adopts Digital Omnibus Amendments to AI Act, Deferring High-Risk Compliance to 2027

The Council of the EU formally adopted Digital Omnibus amendments to the EU AI Act on 29 June 2026, following the European Parliament's approval on 16 June. The package defers compliance deadlines for Annex III high-risk AI systems to 2 December 2027 and for Annex I embedded systems to 2 August 2028. Two new prohibitions covering non-consensual intimate imagery and child sexual abuse material apply from 2 December 2026.

2 min read

On 29 June 2026, the Council of the European Union formally adopted the Digital Omnibus on AI, completing the legislative cycle after the European Parliament approved the amendments on 16 June 2026. The amendments modify Regulation (EU) 2024/1689 (the EU AI Act) and enter into force as directly applicable EU law across all member states.

Under Annex III of the AI Act, compliance deadlines for stand-alone high-risk AI systems used in employment, education, biometric identification, and critical infrastructure management shift from 2 August 2026 to 2 December 2027. For Annex I high-risk AI systems embedded in products subject to sector-specific legislation (medical devices, machinery, toys, and civil aviation components), the deadline extends to 2 August 2028. The synthetic content watermarking obligation under Article 50(2) for outputs generated before 2 August 2026 is deferred to 2 December 2026. AI regulatory sandbox establishment under Article 57 is postponed to 2 August 2027.

HR technology vendors, recruitment platforms, educational assessment tools, biometric identification system operators, and AI-enabled critical infrastructure managers gain an additional 16 months before they must satisfy the AI Act's conformity assessment, technical documentation, logging, transparency, and human oversight obligations. Integrators embedding AI capability into regulated Annex I products gain 24 months. Both categories must continue to comply with pre-existing product safety and sector-specific regulatory requirements during the extended period.

Two new prohibited practices are added under Article 5 of the AI Act, effective 2 December 2026: generating or manipulating non-consensual intimate imagery and child sexual abuse material. These prohibitions sit alongside the existing bans on social scoring and subliminal behavioural manipulation. No transitional provisions apply to the new prohibitions.

Licentium advises technology companies and regulated entities on EU AI Act compliance and implementation planning. Organisations assessing their position under the revised deadlines are invited to contact us. Work we undertake includes Annex I and Annex III high-risk system classification, conformity assessment preparation, technical documentation design, human oversight programme development, and multi-jurisdictional AI regulatory mapping.

Source: Council of the EU, Digital Omnibus on AI: Council and Parliament agree to simplify and streamline rules, 7 May 2026

AI Regulatory

More from the journal

See all

FinCEN and Banking Agencies Propose CIP Rules for Stablecoin Issuers, June 2026

On 22 June 2026, FinCEN, the OCC, the Federal Reserve, the FDIC, and the NCUA issued a joint notice of proposed rulemaking requiring permitted payment stablecoin issuers to establish customer identification programs under the GENIUS Act. Covered issuers must collect name, date of birth, address, and taxpayer identification number for each account holder, retaining records for five years. Comments are due 21 August 2026.

China Regulates AI Companion Services, Banning Minor Access, Effective 15 July 2026

On 10 April 2026, five Chinese government authorities jointly issued the Interim Measures for the Administration of Artificial Intelligence Anthropomorphic Interaction Services, effective 15 July 2026. The Measures prohibit AI virtual companion and virtual relative services for minors, require algorithm filing and security assessment for covered providers, and mandate addiction-detection mechanisms. Providers serving children under 14 must obtain explicit guardian consent and implement supervised usage controls including spending restrictions and usage duration limits.

UK Applies Russia Sanctions to Crypto Exchanges Under Regulation 17A, 26 May 2026

On 26 May 2026, the UK Office of Financial Sanctions Implementation applied Regulation 17A(2) of the Russia (Sanctions) (EU Exit) Regulations 2019 to designated crypto-asset exchanges for the first time, sanctioning 18 entities including HTX (formerly Huobi). UK financial institutions and virtual asset service providers are prohibited from processing transfers with designated exchanges. HTX is alleged to have channeled over USD 1.5 billion to Russian counterparties.