Jones Walker Logo
  • News & Insights
  • Professionals
  • Services
  • News & Insights
  • Professionals
  • Services

  • Firm
  • Offices
  • Careers
  • Events
  • Media Center
  • Blogs
  • Contact

  • text

AI Law and Policy Navigator

Yes, August 2 Still Matters: The EU Approved a High-Risk AI Delay, but Most Transparency Obligations Remain

By Jason M. Loring, Michelle Ramsden, Andrew R. Lee
July 16, 2026

For more than a year, August 2, 2026, stood as the EU AI Act’s expected enforcement cliff: the day the high-risk regime for Annex III systems used in employment, creditworthiness assessment, education, and access to essential services would finally apply. In June, the European Parliament and Council approved the Digital Omnibus, which moves that deadline to December 2, 2027, once the amendments are published in the Official Journal and enter into force. High-risk systems embedded in regulated products generally move to August 2, 2028. 

But the Omnibus left most of the Act’s transparency obligations exactly where they were. If your organization provides EU-facing chatbots or generative AI systems, deploys synthetic media, uses emotion recognition or biometric categorization systems, or publishes certain AI-generated public interest content, most relevant Article 50 deadlines remain August 2.

Publication in the Official Journal is expected during July 2026, with the amendments entering into force on the third day after publication. That publication should be confirmed before relying on the delayed high-risk dates; until the amendments enter into force, the AI Act’s original schedule remains legally operative.

What the Digital Omnibus Actually Delayed

This should be treated as a reprieve rather than a repeal. The EU deferred the high-risk timeline because national authorities and harmonized technical standards were not ready, not because it abandoned the requirements. Obligations for stand-alone high-risk systems within the specified Annex III use cases, including employment and worker management, creditworthiness assessment, certain life and health insurance underwriting contexts, education, and access to essential services, will now apply December 2, 2027, instead of August 2, 2026. High-risk AI embedded in regulated products under Annex I moves to August 2, 2028. Conformity assessments, technical documentation, human oversight controls, and applicable EU database registration requirements are still coming. Companies that treat the extra sixteen months as cancellation rather than runway will face the same obligations later, with less time to build the controls they require.

What Still Turns On August 2

Article 50 of the AI Act applies from August 2, 2026. It assigns distinct duties to providers and deployers, each with its own scope, limitations, and exceptions.

  • AI-interaction disclosure. Providers must design systems that interact directly with people so that users are informed they are interacting with an AI system, unless that fact is already obvious to a reasonably well-informed, observant, and circumspect person in the circumstances.

  • Provider-side content marking. Providers of systems that generate or manipulate synthetic audio, image, video, or text content must ensure that outputs are marked in a machine readable format and detectable as artificially generated or manipulated, to the extent technically feasible, taking into account the specific characteristics and limitations of the relevant content and technology.

  • Emotion recognition and biometric categorization notice. Deployers of emotion recognition or biometric categorization systems must inform individuals exposed to those systems, subject to the Act’s applicable limitations and exceptions.

  • Deepfake disclosure. Deployers who use AI to generate or manipulate image, audio, or video content that constitutes a deepfake must disclose that the content was artificially generated or manipulated, subject to tailored disclosure treatment for evidently artistic, creative, satirical, fictional, and analogous works.

  • Public interest text disclosure. Deployers publishing AI-generated or manipulated text to inform the public on matters of public interest must generally disclose that fact — but the Act exempts content that has undergone human review or editorial control where a person or entity holds editorial responsibility for publication. That exception matters directly for law firms, publishers, and communications teams using AI-assisted drafting; it is the reason a company using AI to help write public-facing copy is not automatically swept into this obligation the way a synthetic media workflow is.

Across these duties, timing and presentation matter. Required information must be provided in a clear and distinguishable manner, consistent with applicable accessibility requirements, and no later than the first interaction or exposure.

One transition is worth isolating because it is easy to misread. Providers of AI systems covered by Article 50(2) and placed on the market before August 2, 2026, have until December 2, 2026, to implement the required technical marking solutions. That grace period is narrow: it applies only to the provider-side marking obligation for legacy systems, not to the other Article 50 duties, and it does not apply to systems placed on the market from August 2 forward. Treating it as a general postponement of Article 50 would be a mistake.

The potential enforcement exposure is significant. Article 50 violations fall within the AI Act’s penalty tier carrying fines of up to €15 million or, for an undertaking, 3 percent of total worldwide annual turnover for the preceding financial year, whichever is higher. Those figures are statutory ceilings, not automatic penalties. The Act requires proportionality, and for qualifying SMEs, including startups, the applicable maximum is the lower rather than the higher of the fixed amount and percentage-based ceiling. But the ceiling itself signals how seriously the EU intends this obligation to be taken.

Why US Companies Are in Scope

The AI Act reaches beyond Europe. The Act applies to providers placing AI systems on the Union market or putting them into service there, regardless of where the provider is established. It also reaches providers and deployers established outside the EU where the output produced by the system is used in the Union. A customer service chatbot placed on the Union market or offered as part of an EU deployment, synthetic video produced for a European marketing campaign, or AI-generated public interest content used in the Union may create an Article 50 obligation for a US-based organization, but the analysis is role- and fact- specific. Mere accessibility from within the EU is not, by itself, the trigger. Companies should identify whether they are acting as a provider or a deployer for each system and connect that role to a specific jurisdictional hook under the Act before assuming (or assuming away) coverage.

Non-EU establishment is not a safe harbor. US organizations whose systems are offered in the Union, or whose outputs are used there, should evaluate their role and their Article 50 exposure now, on a system-by-system basis, rather than treating the question as answered by geography alone.

What to Do Before August 2

  • Map roles and EU touchpoints. Identify every chatbot, generative system, synthetic media workflow, and public interest publication process with a meaningful EU market, deployment, or output use connection, and determine for each whether the organization is acting as a provider, deployer, or both.

  • Separate the Article 50 duties. Chatbot disclosure, provider-side content marking, notices for emotion recognition and biometric categorization systems, deepfake labeling, and public interest text disclosure apply to different actors and carry different exceptions. Treating them as a single control invites both over- and under-compliance.

  • Identify legacy systems. Determine which content generating systems were placed on the market before August 2 and may qualify for the December 2, 2026, marking transition — and confirm that no other system is being mistakenly folded into that runway.

  • Build and test the disclosures now. Confirm that chatbot notices appear at the right point in the interaction, that labels are clear and accessible, and that machine readable markings survive the organization’s actual publication and distribution workflows.

  • Document your exceptions. Where the organization concludes that an obligation does not apply based on obviousness, human review and editorial responsibility, or the tailored treatment for creative works, document the facts supporting that conclusion as part of the compliance record.

  • Evaluate the Code of Practice. On July 8, 2026, the Commission concluded that the Commission-facilitated Code adequately covers the obligations under Articles 50(2), (4), and (5), and the AI Board adopted its adequacy assessment the following day. Organizations should compare their controls against the Code and evaluate whether signing it offers a more predictable compliance path than developing and defending a bespoke approach. Adherence can help demonstrate compliance, but it is not conclusive evidence of compliance. The Code does not address every Article 50 issue. The Commission issued broader draft Article 50 guidelines for consultation on May 8, 2026; that consultation closed June 3, and organizations should monitor the guidelines’ finalization.

  • Keep the high-risk work moving. Use the runway to December 2027 to finish conformity assessments and governance controls, not to shelve them.

Three Key Takeaways

1. August 2 still matters. The Digital Omnibus delayed the high-risk regime, but most Article 50 transparency obligations remain scheduled to apply on August 2, 2026.

2. Article 50 is not one disclosure rule. Chatbot notices, provider-side content marking, notices for emotion-recognition and biometric-categorization systems, deepfake labeling, and public interest text disclosure apply to different actors and carry different exceptions. Conflating them creates a predictable risk of both over- and under-compliance.

3. The December transition is narrow. Providers of certain systems already on the market receive additional time to implement technical marking solutions. That should not be mistaken for a general postponement of Article 50.

 

For questions about EU AI Act transparency compliance and building an AI governance program that travels across borders, please contact the Jones Walker Privacy, Data Strategy and Artificial Intelligence team. Stay tuned and subscribe for continued insights from the AI Law and Policy Navigator.

Related Professionals
  • Andrew R. Lee
  • Jason M. Loring
  • Michelle Ramsden

Related Practices

  • Privacy, Data Strategy, and Artificial Intelligence
Sign Up For Alerts
© 2026 Jones Walker LLP. All Rights Reserved.
PrivacyDisclaimerAvident Advisors
A LexMundi Member