The EU AI Act’s August 2026 deadline did not disappear — it got smaller and sharper. On June 16, 2026, the European Parliament granted final approval to the so-called Digital Omnibus amendments by a vote of 423 to 57, with 174 abstentions, pushing the AI Act’s high-risk obligations out by 12 to 16 months. But the transparency duties in Article 50 and the Commission’s general-purpose AI enforcement powers were left untouched, and both are set to land on August 2, 2026 — fifteen days after this post’s publish date.
That combination is producing a dangerous misreading. Teams that skimmed the headlines — “EU delays AI Act” — are concluding they have until December 2027 to think about compliance. That is true only for the high-risk tier. If your business runs a customer-facing chatbot for EU users, generates synthetic images or video for EU campaigns, or publishes AI-generated text on matters of public interest, your obligations arrive in weeks, not years — with maximum fines that reach €15 million or 3% of global annual turnover, whichever is higher.
We have covered this regulation three times before — our original EU AI Act compliance guide in February, our US-business briefing in March, and our risk-tier compliance checklist in May. All three were accurate when published — and all three describe the pre-amendment timeline, under which high-risk obligations would have applied from August 2, 2026. This post is the explicit update: what changed on June 16, what did not, and the checklist an agency or marketing team actually needs before August 2.
- 01The June 16 amendments delayed high-risk, not everything.Standalone high-risk AI systems (Annex III) move from August 2, 2026 to December 2, 2027 — a 16-month delay. Product-embedded high-risk systems (Annex I) move from August 2, 2027 to August 2, 2028.
- 02Article 50 transparency duties still land August 2, 2026.Chatbot disclosure, machine-readable marking of AI-generated content, and deepfake labeling were not postponed. The only carve-out: pre-existing systems get until December 2, 2026 on the machine-readable watermarking duty.
- 03GPAI rules are already live — the teeth arrive in August.General-purpose AI obligations took legal effect on August 2, 2025. What activates on August 2, 2026, per the Commission's guidance and multiple legal trackers, is the Commission's active enforcement toolkit — information requests, model access, and recall powers.
- 04Penalties reach €15M or 3% of global turnover.Both GPAI and Article 50 transparency violations carry the same maximum tier under Article 99 — the greater of €15 million or 3% of total worldwide annual turnover. Article 50 enforcement sits with national market surveillance authorities from August 2, 2026.
- 05Delay is not relaxation.Morgan Lewis's counsel to clients: treat the amendments as extra time to finish compliance work, not as a softening of the underlying obligations. The requirements themselves are materially unchanged — only some deadlines moved.
01 — What ChangedThe June 16 vote: what moved and what did not.
The amendments approved on June 16, 2026 are the AI Act chapter of the EU’s broader “Digital Omnibus” simplification package — a process that began when the Commission adopted the underlying proposal on November 19, 2025, moved through a provisional political agreement between Parliament and Council in spring 2026, and ended with Parliament’s 423–57 final approval vote. Formal Council adoption and Official Journal publication were expected by August 2, 2026, per Morgan Lewis’s client alert — meaning the amendments were still finishing the legal process even as the rules they modify kept their original effective date.
The Commission frames the package as simplification, not rollback — it consolidates AI Act, GDPR, and Data Act touchpoints alongside the timeline changes. The practical driver, per law-firm coverage of the vote, was that European standardisation bodies were running late on the harmonized technical standards high-risk compliance depends on, with many not expected until late 2026 — after the original high-risk deadline would already have hit.
High-risk obligations only
Standalone high-risk systems (education, employment, credit scoring, critical infrastructure, biometrics, law enforcement, migration) get 16 more months. Product-embedded systems under EU product-safety law (medical devices, toys, lifts) get 12 more months.
Transparency and GPAI enforcement
Chatbot disclosure, AI-content marking, and deepfake labeling under Article 50 remain live from August 2, 2026. The Commission's GPAI enforcement toolkit is widely documented to activate the same day. Article 5 prohibitions and GPAI obligations were already in force.
One genuinely new provision did arrive in the same package: a new prohibited-AI category banning “nudifier” applications that generate non-consensual sexually explicit or intimate imagery, added to the Article 5 prohibitions with a transitional compliance period running to December 2, 2026. The rest of the Article 5 prohibited-practices list — subliminal manipulation, social scoring, emotion inference in workplaces and education, biometric categorization by protected characteristics — has been in force since February 2, 2025 and is unaffected by the amendments.
02 — TimelineThe full timeline, before vs after the amendments.
No single source we reviewed lays out every obligation category side by side with both the original and amended dates — law-firm alerts each cover a subset. The table below consolidates the Commission’s AI Act page, Gibson Dunn’s and Morgan Lewis’s analyses, and Latham and Watkins’s GPAI briefing into one reference. The AI Act as a whole entered into force on August 1, 2024 and was always designed to become fully applicable two years later — the amendments changed which exceptions apply, not that target date.
| Obligation | Original deadline | After June 2026 amendments | Changed? |
|---|---|---|---|
| Already in force | |||
| Article 5 prohibited practices | February 2, 2025 | In force — unchanged | No |
| GPAI obligations (Articles 51–56) | August 2, 2025 | In force — unchanged | No |
| Live August 2, 2026 | |||
| Article 50 transparency (chatbot disclosure, content marking, deepfake labels) | August 2, 2026 | August 2, 2026 — not delayed | No |
| GPAI Commission enforcement powers | August 2, 2026 (one year after obligations) | August 2, 2026 — untouched by the amendments | No |
| Moved or newly added by the amendments | |||
| Article 50(2) machine-readable watermarking — systems already on the market before Aug 2, 2026 | August 2, 2026 | December 2, 2026 — four-month grace period | Yes |
| Nudifier ban (new Article 5 prohibition) | Not in original act | Transitional period to December 2, 2026 | New |
| High-risk, Annex III standalone systems | August 2, 2026 | December 2, 2027 — 16-month delay | Yes |
| High-risk, Annex I product-embedded systems | August 2, 2027 | August 2, 2028 — 12-month delay | Yes |
Two rows deserve a second look. The Article 50(2) watermarking grace period applies only to AI systems already on the market before August 2, 2026 — anything placed on the market on or after that date needs machine-readable marking from day one. And for GPAI models that were on the market before August 2, 2025, providers have until August 2, 2027 to reach full compliance, per Latham and Watkins — a separate, pre-existing transition that the June amendments did not touch.
03 — Article 50The transparency duties that land August 2.
The European Commission’s own AI Act page states it plainly: “The transparency rules of the AI Act will come into effect in August 2026.” Three sub-obligations matter most for marketing and agency work.
Article 50(1) — chatbot and virtual-assistant disclosure
Users must be informed they are interacting with an AI system, and the disclosure must be perceivable in the interaction itself. According to the practical guide published by artificialintelligenceact.eu, a disclosure buried in terms and conditions, a metadata-only watermark, or a vague label like “assistant” does not satisfy the duty. If your customer-service widget answers EU users, the AI disclosure belongs in the chat surface itself.
Article 50(2) — machine-readable marking of AI content
Providers of generative AI systems — text, image, audio, and video — must mark outputs in a machine-readable format so they are detectable as AI-generated or AI-manipulated. For agencies, the operational question is pipeline integrity: the marking your generation tools embed has to survive your export, editing, and publishing workflow, and any system your team places on the market on or after August 2, 2026 needs it immediately.
Article 50(4) — deepfakes and public-interest text
Deployers must disclose AI-generated or AI-manipulated image, audio, or video content that appreciably resembles real persons, objects, places, or events and would falsely appear authentic. A parallel duty covers AI-generated text published to inform the public on matters of public interest — with one carve-out agencies should memorize: content that underwent human review or editorial control, with a named natural or legal person holding editorial responsibility, is generally exempt from the text-disclosure duty. Human-edited, AI-assisted copy with an accountable editor sits on the right side of that line.
"A statement buried in terms and conditions, a metadata watermark on its own, or a vague reference to an 'assistant' does not satisfy the chatbot disclosure duty in Article 50(1); the information has to be perceivable in the interaction itself."— artificialintelligenceact.eu, practical guide to Article 50 (2026)
Enforcement of Article 50 sits with national market surveillance authorities rather than centrally with the EU AI Office, and that enforcement layer takes effect from August 2, 2026 — it was not postponed by the Digital Omnibus. Gibson Dunn’s alert makes the operational point directly: “2 August 2026 remains a live compliance date,” and organizations should keep preparing for it regardless of the deferred high-risk deadlines.
04 — Agency ChecklistArticle 50, translated into agency functions.
Legal client alerts explain the articles; they rarely explain what a marketing team should do on Monday morning. Legal commentary around the act gives the mapping for a non-EU business serving EU customers: a customer-service chatbot engages Article 50(1), a marketing function generating synthetic content for EU campaigns engages Article 50(2), and where existing people are depicted, the deepfake labeling duty in Article 50(4) also applies. The table below reframes each Article 50 sub-clause as an agency function — the operating model we run ourselves, including the AI content-engine work we deliver for clients.
| Marketing function | Article 50 clause | Disclosure required? | Practical action |
|---|---|---|---|
| Customer-service chatbot / virtual assistant for EU users | 50(1) | Yes — perceivable in the interaction itself | Put explicit AI-disclosure copy in the chat UI at conversation start; do not rely on terms and conditions or an ambiguous “assistant” label |
| AI-generated ad creative (image, audio, video) for EU campaigns | 50(2) | Yes — machine-readable marking of outputs | Verify your generation tools embed machine-readable marking and that it survives your editing and export pipeline; new systems need it from day one |
| Synthetic content depicting real people, places, or events | 50(4) | Yes — visible deepfake disclosure | Label synthetic creative that appreciably resembles real persons or events and could falsely appear authentic — on top of the 50(2) machine-readable marking |
| AI-generated text published on matters of public interest | 50(4) | Yes — unless exemption applies | Disclose AI generation, or route the content through human editorial review so the exemption applies |
| AI-assisted editorial content with human review and a named editor | 50(4) carve-out | Generally exempt | Document the editorial-control step and name a natural or legal person holding editorial responsibility for each publication |
05 — GPAI EnforcementThe GPAI nuance most coverage gets wrong.
A large share of secondary coverage compresses the general-purpose-AI story into “GPAI rules start August 2026.” That is imprecise in a way that matters. The substantive GPAI obligations under Articles 51 to 56 — the documentation, copyright-policy, and training-data-summary duties for model providers — already took legal effect on August 2, 2025, and the June 2026 amendments did not touch them. What changes on August 2, 2026, as widely documented across the Commission’s guidance and multiple law-firm trackers, is the activation of the Commission’s active enforcement toolkit: requests for information, model access, and recall powers, arriving one year after the obligations took effect.
In other words: a GPAI provider that has ignored its obligations since August 2025 has not been compliant — it has been un-policed. That distinction disappears on August 2, 2026.
GPAI obligations in force
Articles 51-56 took legal effect for general-purpose AI model providers. Not touched by the June 2026 amendments — the substantive rules have applied for a year.
Commission enforcement activates
Per the Commission's guidance and multiple legal trackers, the Commission's active enforcement powers — information requests, model access, recall — begin one year after the obligations took effect.
Legacy-model deadline
GPAI models placed on the market before August 2, 2025 have until this date to reach full compliance, per Latham & Watkins — a pre-existing transition, unchanged by the amendments.
For most agencies and marketing teams, GPAI duties fall on the model providers you build on, not on you. But the enforcement activation still matters downstream: from August 2026 the Commission can demand information and, in the extreme, pull non-compliant models — which makes provider selection and contract terms a compliance surface. If a vendor’s model leaves the EU market, your product built on it inherits the disruption.
06 — PenaltiesWhat non-compliance actually costs.
The Article 99 penalty framework puts GPAI violations and Article 50 transparency violations in the same maximum tier: fines up to the greater of €15 million or 3% of total worldwide annual turnover for the preceding financial year, per the Article 99 summaries published by artificialintelligenceact.eu and Holistic AI. EU institutions and bodies that breach transparency duties face a separate cap of €750,000.
or 3% of global turnover
The maximum for GPAI and Article 50 transparency violations — whichever of the two figures is higher. For a large group, the turnover prong dominates; for everyone else, €15M is the ceiling that concentrates attention.
transparency-breach cap
EU institutions, agencies, and bodies breaching the transparency duties face fines up to €750,000 — a separate, lower tier from the private-sector maximum.
of the two caps
SME and startup fines are capped at the lower of the applicable percentage or flat amount, and penalties overall must be effective, proportionate and dissuasive, taking SME economic viability into account.
Two features of the enforcement design are easy to miss. First, Article 50 enforcement is decentralized — national market surveillance authorities in each member state carry it, which means enforcement intensity will likely vary by country and the first test cases may come from the more active regulators rather than Brussels. Second, the SME proportionality rule is real but not a shield: it caps the amount, not the liability. A small agency running an undisclosed chatbot for EU clients is still in scope from August 2 — the fine math is just different.
07 — Action PlanWhat to do before August 2.
Fifteen days is enough for the transparency tier — these are disclosure and process changes, not conformity assessments. Here is how we would sequence it, in priority order.
Chatbot disclosure audit
Inventory every AI conversational surface reachable by EU users — site chat, WhatsApp flows, voice agents. Add explicit AI disclosure in the interaction itself. This is the most visible, most easily tested duty a regulator can check from a browser.
Content-marking pipeline check
Map where AI-generated image, audio, and video enters EU campaigns. Confirm machine-readable marking survives your editing and export steps. Pre-existing systems have until December 2, 2026; anything new from August 2 needs marking immediately.
Deepfake and editorial policy
Write the two-line policy: synthetic creative depicting real people gets a visible label; AI-assisted text goes through documented human review with a named responsible editor, which generally exempts it from the 50(4) text-disclosure duty.
Re-plan high-risk work to Dec 2027
If you have systems in Annex III scope — hiring tools, credit scoring, education — use the 16 months to do conformity work properly against the harmonized standards now expected late 2026, rather than racing a deadline the standards themselves would have missed.
The trend worth reading underneath the amendments: the EU did not blink on transparency, only on the tier where its own technical standards were late. Delaying Annex III while holding Article 50 firm signals that user-facing honesty about AI — disclosure, marking, labeling — is the part of the regime the EU considers immediately enforceable, no standards bodies required. That is consistent with where enforcement is cheapest to test: a regulator can verify a chatbot disclosure in minutes, while auditing a credit-scoring model takes a harmonized standard and months of technical work.
Looking forward, we expect the August 2026 to December 2026 window to define the enforcement tone. National market surveillance authorities take up Article 50 in August; the watermarking grace period for pre-existing systems and the nudifier transitional period both expire December 2. Early actions will most likely target visible, easily documented failures — undisclosed chatbots and unlabeled synthetic media — because those cases are simple to prove. Teams that treat the transparency checklist as a two-sprint project this summer can reasonably avoid being anyone’s test case. If you want a structured way to run that audit — or to re-baseline a high-risk roadmap against the new dates — our AI transformation engagements cover exactly this scope, and our risk-tier checklist remains the right companion for the tiers the amendments did not touch.
08 — ConclusionAugust 2 is smaller now — not gone.
The deadline got narrower, not softer.
The June 16 amendments turned August 2, 2026 from an everything deadline into a transparency deadline. High-risk obligations moved to December 2027 and August 2028, and Morgan Lewis’s framing is the one to keep: an extension of time, not a relaxation of the underlying obligations.
What remains on August 2 is precisely the part that touches marketing and agency work every day: telling users when they are talking to an AI, marking AI-generated content so machines can detect it, labeling synthetic media that depicts real people, and documenting the human editorial control that exempts AI-assisted copy. Alongside it, the Commission’s GPAI enforcement powers give the rules that have applied since August 2025 their teeth — with fines reaching €15 million or 3% of global turnover.
The practical read is simple. If you shelved AI Act work when the delay headlines hit, un-shelve the transparency tier this week — it is disclosure copy, pipeline checks, and documentation, all achievable before the date. And spend the reclaimed high-risk months doing that work properly against the standards that are actually arriving, so December 2027 is a formality rather than a second scramble.