The Council of the EU has approved changes to the EU AI Act that postpone key high-risk AI deadlines and adjust how the AI Act interacts with sector-specific product rules.
The headline change is simple: many providers of high-risk AI systems now get more time. But the update is not only a deadline extension. It also adds a new prohibited AI practice, clarifies the role of the AI Office, narrows overlap with sectoral regulation, and creates a machinery-specific exemption path.
Important caveat: the legislative act making these changes official still has to be published in the Official Journal of the European Union. It will enter into force three days after publication.
New AI Act Application Dates
The approved text changes several practical deadlines:
| Date | What changes |
|---|---|
| 2 December 2026 | Grace period ends for providers to implement transparency solutions for AI-generated content |
| 2 August 2027 | New deadline for national competent authorities to establish AI regulatory sandboxes |
| 2 December 2027 | New application date for high-risk AI systems listed in Annex III |
| 2 August 2028 | New application date for high-risk AI systems listed in Annex I |
This matters because the original AI Act timeline had a tighter path for many high-risk obligations. Under the current published Regulation (EU) 2024/1689, the AI Act generally applies from 2 August 2026, with Article 6(1) and corresponding obligations applying from 2 August 2027.
The Council-approved changes move the main compliance dates for high-risk systems further out, while keeping the compliance work firmly on the roadmap.
Annex III vs Annex I: Why the Split Matters
The new dates distinguish between two different high-risk categories.
Annex III high-risk AI systems are standalone use cases listed by sector and purpose. Examples include AI used in education, employment, access to essential services, law enforcement, migration, and administration of justice.
These systems now move to 2 December 2027.
Annex I high-risk AI systems are AI systems connected to products already regulated by EU harmonisation law. This includes areas such as medical devices, toys, lifts, watercraft, aviation, motor vehicles, and other regulated product categories.
These systems now move to 2 August 2028.
That extra split is important for manufacturers. Annex I products already live inside sectoral conformity assessment regimes, so the AI Act update tries to reduce duplicated compliance work where sectoral legislation already imposes AI-specific requirements similar to the AI Act.
New Prohibited AI Practice
The approved text adds a new prohibited practice covering the generation of non-consensual sexual and intimate content or child sexual abuse material.
In practical terms, AI systems that generate nude images of real people, or edit clothing out of existing images to reveal intimate parts, are banned starting in December 2026.
This is a direct response to synthetic intimate abuse and the misuse of image generation or image editing systems. Providers building image generation, face editing, body editing, virtual try-on, content moderation, or creative tooling should treat this as a product safety requirement, not only a content policy issue.
AI Office Competence Is Clarified
The approved text also clarifies when the AI Office supervises AI systems based on general-purpose AI models.
The key point: the AI Office is competent where the general-purpose AI model and the AI system based on that model are developed by the same provider.
The text also lists exceptions where national authorities remain competent. These include systems used in:
- law enforcement
- border management
- judicial authorities
- financial institutions
For companies building both the foundation model and the application layer, this is an important governance detail. The supervisory channel may differ from companies that only integrate a third-party model into a sector-specific product.
Sectoral Rules Get More Weight
One of the most practical changes is the new interplay between the AI Act and existing sectoral rules.
For high-risk AI systems covered by Annex I, the approved text limits the AI Actโs application where sectoral laws already impose AI-specific requirements similar to the AI Act.
This matters for regulated product manufacturers. If a medical device, toy, lift, machine, watercraft system, vehicle component, or other regulated product already has AI-specific obligations under its sectoral framework, the compliance analysis should avoid treating every AI Act requirement as an isolated second layer.
The direction is clear: compliance should still happen, but duplicated obligations should be minimized.
Machinery Products Get a Specific Exemption
Products covered by the machinery regulation, previously classified as high-risk under Annex I, are exempted from direct applicability of the AI Act.
Instead, the European Commission is empowered to adopt secondary legislation under the machinery regulation to add health and safety requirements to machinery systems that are also covered by the AI Act.
For industrial automation, robotics, manufacturing equipment, and AI-enabled machinery, this is a major architectural point. The compliance path may shift from direct AI Act obligations to machinery-specific delegated or implementing requirements.
That does not mean โno AI compliance.โ It means the requirements may come through the machinery framework rather than through direct application of the AI Act.
The Commission Must Help Reduce Compliance Burden
The approved text adds an obligation for the European Commission to provide guidance for economic operators of high-risk AI systems covered by Annex I.
The goal is to help companies comply with high-risk AI requirements in a way that minimizes compliance burden.
This guidance will be important because Annex I products sit at the intersection of AI governance, product safety, conformity assessment, technical documentation, post-market monitoring, and sector-specific supervision.
For operators, the immediate action is to map each AI system against:
- Annex I or Annex III
- applicable sectoral product law
- whether the product falls under machinery rules
- whether AI-specific sectoral requirements already apply
- the new date that controls the compliance plan
What Companies Should Do Now
Do not pause AI Act work just because the high-risk dates moved.
Use the extra time to clean up the pieces that are hardest to retrofit:
- Inventory AI systems and classify them against Annex I and Annex III.
- Identify systems that generate, edit, or label synthetic content.
- Review image generation and image editing safeguards before December 2026.
- Map sectoral product obligations against AI Act requirements.
- Track whether machinery products move into a machinery-regulation compliance path.
- Prepare technical documentation, logging, risk management, and human oversight processes.
- Watch for Commission guidance on Annex I high-risk systems.
The postponement reduces deadline pressure. It does not remove the need for governance.
Key Takeaways
The Council-approved AI Act changes postpone high-risk AI deadlines to 2 December 2027 for Annex III systems and 2 August 2028 for Annex I systems.
National AI regulatory sandboxes move to 2 August 2027.
Providers have until 2 December 2026 to implement transparency solutions for AI-generated content, and December 2026 also becomes the relevant point for the new ban on non-consensual intimate AI content.
The AI Office gets clearer supervisory competence for AI systems based on general-purpose AI models when the same provider develops both the model and the system, with important exceptions for national authorities.
For Annex I products, the update points toward less duplicated compliance where sectoral laws already cover similar AI-specific requirements.
The final legal checkpoint is publication in the Official Journal. Until then, treat the Council approval as the new direction of travel, not as the final published law.
