← All EU AI Act guides

EU AI Act timeline: the deadlines that matter — 2026-06-24

EU AI Act timeline: the deadlines that matter — 2026-06-24

TL;DR — The EU AI Act phases in compliance over three years: prohibited AI systems banned immediately (February 2025), high-risk systems must comply by August 2026, and remaining rules take effect by August 2027. Most organizations should begin audits and governance updates now to meet these deadlines.

What are the key dates in the EU AI Act timeline?

The EU AI Act creates a staggered enforcement schedule:

  • February 2, 2025: Prohibitions on certain AI practices enter force (e.g., social scoring, subliminal manipulation).
  • August 2, 2026: High-risk AI system requirements take effect. Organizations must implement risk assessments, documentation, monitoring, and human oversight.
  • August 2, 2027: All remaining obligations apply, including transparency rules, model documentation for large language models, and obligations for general-purpose AI systems.

Which AI systems face the strictest requirements first?

High-risk AI systems—those used in critical infrastructure, employment, education, and law enforcement—must comply by August 2026. These include resume screening tools, biometric identification systems, and automated decision-making in credit or benefit allocation. Providers must conduct conformity assessments, maintain technical documentation, and implement post-market monitoring.

What must organizations do now to prepare?

  1. Inventory your AI systems: Classify them by risk level under the EU AI Act.
  2. Conduct impact assessments: Document how your systems affect users and compliance status.
  3. Update governance: Establish AI risk management procedures and assign accountability.
  4. Review data practices: Ensure training and test data meet quality and bias standards.
  5. Plan for documentation: Begin compiling technical records and performance metrics.

Do these deadlines apply to non-EU organizations?

Yes. The EU AI Act applies extraterritorially to any AI system placed on the EU market or affecting EU residents. Non-EU providers of high-risk systems must appoint an EU representative and comply with the same August 2026 deadline.

What happens if we miss the deadlines?

Non-compliance carries administrative fines up to €30 million or 6% of annual global turnover (whichever is higher) for high-risk violations. Earlier action reduces implementation costs and regulatory risk.

Frequently asked questions

Q: Does the EU AI Act affect foundation models?
A: Yes. Providers of general-purpose AI models with systemic risk must comply by August 2027, including transparency reporting and model evaluation documentation under the EU AI Act.

Q: Can we use a third-party compliance service?
A: Yes. Notified bodies and compliance consultants can assist with documentation and conformity assessments, though legal and technical accountability remains with your organization.

Q: Are legacy systems exempt?
A: No. Systems deployed before August 2026 must still comply by that date unless they pose minimal risk. The EU AI Act does not grandfather existing deployments.

Q: What if our AI system is borderline high-risk?
A: Conduct a documented risk assessment. When in doubt, apply high-risk safeguards early to avoid costly retrofitting.

Sources

[1] Regulation (EU) 2024/1689 (EU AI Act) — https://eur-lex.europa.eu/legal-content/EN/TXT/?uri=CELEX:32024R1689


This article is informational and does not constitute legal advice. Consult qualified counsel for your specific situation.