The digital omnibus AI Act delay 2026 is now confirmed: the European Parliament formally endorsed the deal on 16 June 2026 and the Council of the EU gave its final green light on 29 June 2026, pushing the AI Act’s high-risk obligations for stand-alone Annex III systems from 2 August 2026 to 2 December 2027. For research institutions running admissions, assessment, or exam-proctoring AI classified under Annex III’s education category, this removes an imminent compliance cliff but does not remove the obligation itself.
The Digital Omnibus on AI is the European Commission’s targeted amendment package to Regulation (EU) 2024/1689 (the AI Act), tabled on 19 November 2025 to defer the applicability of high-risk obligations while harmonised technical standards catch up with the legislative timetable. It is distinct from the broader “Digital Omnibus” simplification package covering GDPR and the ePrivacy Directive, which is proceeding on a separate track.
- What is the Digital Omnibus on AI?
- Timeline: how the delay was finalised
- New compliance dates for high-risk AI systems
- What changes for research institutions under Annex III
- Answer-first Q&A
- Implications and what happens next
What is the Digital Omnibus on AI?
The Digital Omnibus on AI is a package of targeted amendments to the EU AI Act, proposed by the European Commission to defer the applicability of high-risk AI obligations and to soften or clarify a handful of adjacent provisions. It does not alter the AI Act’s underlying risk-based architecture: the definitions of high-risk AI, the prohibited-practice list, and the general-purpose AI (GPAI) model rules all remain unchanged.
Two changes matter most for institutional AI governance. First, the compliance timeline for high-risk AI systems is pushed back by more than a year. Second, a new prohibition targeting AI-generated non-consensual intimate imagery (“nudifiers”) and child sexual abuse material (CSAM) is inserted into Article 5, with a transitional period running to 2 December 2026.
Timeline: how the delay was finalised
The delay moved through five distinct stages before becoming binding. Each stage narrowed the uncertainty that had left institutions unable to plan with confidence through the first half of 2026.
- 19 November 2025 — the European Commission tabled the Digital Omnibus on AI, proposing a conditional delay mechanism for Annex III high-risk obligations.
- 18 March 2026 — the European Parliament’s lead committee signalled support for postponement, initially floating a shorter extension to 2 November 2026 rather than the Commission’s later date.
- 6–13 May 2026 — trilogue negotiators reached a provisional political agreement, subsequently confirmed by Member State representatives in the Council (Coreper).
- 16 June 2026 — the European Parliament formally endorsed the agreed text in plenary.
- 29 June 2026 — the Council of the EU gave its final approval, completing the co-legislative procedure.
Formal publication in the Official Journal of the European Union is expected before 2 August 2026, the date on which the amended provisions are designed to take legal effect. Until publication, the original 2 August 2026 deadline technically remains in force — a distinction several early client alerts flagged as a live risk for institutions that stopped preparing prematurely.
New compliance dates for high-risk AI systems
The Omnibus replaces the Commission’s original conditional trigger with fixed calendar dates. Annex III stand-alone high-risk systems — including those used for recruitment, credit scoring, law enforcement, border control, and education — now have until 2 December 2027 to comply, instead of 2 August 2026. Annex I systems embedded in already-regulated products, such as medical devices and machinery, move to 2 August 2028.
| Obligation | Original date | New date | Status |
|---|---|---|---|
| Unacceptable-risk prohibitions (Article 5); AI literacy (Article 4) | 2 Feb 2025 | Unchanged (literacy duty softened) | In force |
| GPAI model obligations; AI Office operational | 2 Aug 2025 | Unchanged | In force |
| Article 50 transparency (AI-generated content disclosure) | 2 Aug 2026 | 2 Aug 2026 (largely unchanged) | Proceeding as scheduled |
| Article 50(2) watermarking grace period for existing systems | 2 Aug 2026 | 2 Dec 2026 | Deferred (grace period) |
| New Article 5 ban on non-consensual intimate imagery/CSAM AI | — | 2 Dec 2026 (transitional period ends) | New provision |
| Annex III high-risk obligations (incl. education/admissions AI) | 2 Aug 2026 | 2 Dec 2027 | Deferred |
| Member state AI regulatory sandboxes (Article 57) | 2 Aug 2027 | 2 Aug 2027 (sandbox timeline unaffected for Annex III) | Unchanged |
| Annex I high-risk obligations (embedded, e.g. medical devices) | 2 Aug 2027 | 2 Aug 2028 | Deferred |
Two provisions are not deferred. The Article 50 transparency duty — telling users they are interacting with an AI system, and labelling AI-generated content — largely proceeds on the original 2 August 2026 schedule, with only the narrower watermarking sub-obligation under Article 50(2) receiving a four-month grace period for systems already on the market.
What changes for research institutions under Annex III
Annex III, paragraph 3 of the AI Act designates AI systems used in the education and vocational training domain as high-risk where they determine access or admission to an institution, evaluate learning outcomes, assess the appropriate level of education for an individual, or monitor and detect prohibited behaviour by students during tests. This is the category most directly relevant to research institutions and universities.
Concretely, the delay reaches:
- Admissions and PhD-selection algorithms that rank or filter applicants;
- Automated assessment and grading tools used to evaluate learning outcomes;
- Exam-proctoring and academic-integrity-monitoring systems deployed during tests;
- Tools that assign students to a particular level or track of study.
Research-integrity screening tools (plagiarism and image-manipulation detection) and grant- or funding-evaluation algorithms sit in a greyer area: they may qualify as high-risk under other Annex III categories — such as access to essential public services — depending on how decisively the AI output determines an outcome for the individual concerned. Institutions should not assume a blanket exemption; classification still depends on the specific use case, not the sector label.
The practical effect of the delay is headroom, not relief. Conformity assessments, technical documentation, human-oversight design, and post-market monitoring for Annex III education systems must still be built — the deadline for having them in place has simply moved from 2 August 2026 to 2 December 2027. Institutions that paused compliance work in anticipation of the delay now have a defined, and shorter than expected, runway of roughly seventeen months from the June 2026 vote.
Answer-first Q&A
What is the EU AI Act Digital Omnibus?
The Digital Omnibus on AI is a European Commission proposal, tabled 19 November 2025 and finalised through Parliament and Council votes in June 2026, that amends the AI Act to defer high-risk compliance deadlines and adjust several related provisions without changing the Act’s core risk-based structure.
When do high-risk AI obligations now apply under the AI Act?
Stand-alone Annex III high-risk systems, including education and admissions AI, must comply by 2 December 2027. AI embedded in already-regulated products under Annex I, such as medical devices, must comply by 2 August 2028, both later than the original 2026/2027 dates.
Does the delay apply to AI used in education and research admissions?
Yes. Annex III explicitly classifies AI systems governing admission decisions, learning-outcome evaluation, and exam proctoring as high-risk. These systems’ compliance deadline moves with the rest of Annex III, from 2 August 2026 to 2 December 2027, once the Omnibus is published.
What still happens on 2 August 2026 despite the delay?
The Article 50 transparency obligations — disclosing AI interactions and labelling AI-generated content — remain on schedule for 2 August 2026. Only the narrower watermarking duty under Article 50(2) gets a four-month grace period, to 2 December 2026, for systems already on the market.
Implications and what happens next
For research administrators, the confirmed timeline changes planning horizons more than it changes obligations. Governance work — data-quality checks, human-oversight protocols, and documentation for admissions and assessment AI — can now be sequenced over roughly seventeen months rather than weeks.
The Omnibus must still be published in the Official Journal before the new dates bind; until then, 2 August 2026 remains the legal default. Institutions should treat formal publication, expected in the weeks following the 29 June 2026 Council approval, as the trigger to lock in updated compliance calendars, not the political agreement alone.
Institutions building governance around admissions, assessment, and research-integrity AI should track both the AI Act’s Annex III scope and adjacent standards work as they mature.
For related institutional definitions and terminology, see the CASRAI Open Research Glossary and the research administration resource hub.