The Omnibus Trilogue Failed. The August 2026 Deadline Is Back.

What happened

The Cypriot Presidency of the Council convened the first political trilogue on the Digital Omnibus on AI on 28 April 2026. The session ran for approximately 12 hours and ended in the early hours of 29 April without an agreed text (IAPP).

Both the European Parliament (which voted 569–45–23 on 26 March) and the Council (general approach adopted 13 March) had entered the trilogue with mandates broadly supporting the Commission’s proposal to defer high-risk deadlines. The expectation across the regulatory advisory community was that the trilogue would produce a political agreement the same night. It did not.

A follow-up trilogue is expected in mid-May 2026 (The Next Web). The Cypriot Presidency holds the rotating Council chair until 30 June 2026. If no agreement is reached by then, the Lithuanian Presidency takes over in July, which would likely push the final text into the autumn at the earliest.

Why it failed

The sticking point was conformity assessment architecture for AI embedded in regulated products — specifically, whether AI components in products covered by Annex I Section A (machinery, medical devices, civil aviation, etc.) should undergo conformity assessment under existing sectoral legislation or under a new AI Act–specific procedure (Ropes & Gray).

The Parliament favoured deferring to sectoral law: if a medical device already goes through CE marking under the Medical Devices Regulation, the AI component should be assessed as part of that existing process. The Council resisted, arguing that this approach creates gaps where sectoral bodies lack AI-specific competence. The Commission occupied a middle position. Neither side moved enough to close the gap in the available time.

This is not a cosmetic disagreement. The conformity assessment question determines which notified bodies assess AI risk, which standards apply, and how compliance costs are distributed across supply chains. It was always the hardest open issue in the Omnibus, and it remains unresolved.

What this means for the deadline

The legal position is straightforward: the original 2 August 2026 deadline for high-risk AI system obligations under Article 113 of Regulation (EU) 2024/1689 remains in force. The Omnibus is a proposed amendment. Until it completes trilogue, passes formal adoption in both institutions, and is published in the Official Journal, it has no legal effect.

Most regulatory advisors are now recommending that organisations prepare against the original August 2026 deadline. IAPP, Modulos, and Ropes & Gray all take this position. Even if the mid-May trilogue succeeds, the remaining legislative steps (legal-linguistic review, formal Council and Parliament adoption, Official Journal publication) take weeks. The margin for the Omnibus to enter into force before 2 August is now extremely thin.

What to do now

1. Establish your risk classification

   Run regula check . in your project root. This scans your codebase against 389 risk patterns and classifies your system under the EU AI Act risk tiers. If you are not high-risk, the deadline question is less urgent — but Article 5 prohibitions and Article 50 transparency obligations are already in force regardless.

2. Run a gap assessment against Articles 9–15

   If you are high-risk, run regula gap . to see which obligations you currently meet and which you do not. The output shows per-article compliance scores with effort estimates. This gives you a concrete scope of work, not a vague sense of exposure. See our decision framework for how to prioritise across the three compliance tracks.

3. Build the documentation scaffolding now

   Articles 11 and 12 require technical documentation and automatic logging. These take time but are straightforward to start. Run regula docs . to generate an Annex IV documentation template pre-filled from your actual codebase. Starting the documentation now buys you time on the harder obligations (risk management under Article 9, human oversight under Article 14).

4. Track the next trilogue

   The follow-up trilogue is expected mid-May 2026. Regula’s delta log tracks every regulatory change with primary sources. Run regula regwatch to check whether your installed ruleset reflects the latest regulatory state. When the trilogue produces an outcome, the delta log will be updated.

Where Regula fits

Regula is a static code scanner that identifies regulatory risk indicators in your codebase. It tells you your risk tier, shows which Articles 9–15 obligations apply, and generates documentation scaffolding. It does not replace legal advice, and it does not monitor the legislative process in real time. What it does is give you a concrete, code-level starting point so that when your legal counsel says “prepare for August”, you know exactly what “prepare” means for your specific codebase. For background on the Omnibus proposal itself, see our earlier post: The EU AI Act Omnibus Delay: What Developers Actually Need to Know.

Keep reading

• August 2026 or December 2027? A developer’s guide to the Omnibus uncertainty — Three-track framework for planning under deadline uncertainty
• The EU AI Act Omnibus Delay: What Developers Actually Need to Know — Full background on the Omnibus proposal, deadlines, and risk-tier analysis
• Does the EU AI Act Apply to Your AI App? — Quick applicability check for your product
• Most startups are ignoring the EU AI Act — When ignoring it stops being rational

Discuss on Hacker News