EU-Flagge mit weiteren Flaggen im Hintergrund
Sven Hoppe / Fotolia
2026-05-07 expert contribution

EU AI Act Update

Simplifications and clarifications for AI have been politically agreed upon. What specific changes the agreement contains, what this means for providers and deployers of AI systems, and how to proceed now.
Contact
AI Projects & Services

Productive Night Shift

On the night of May 6 to May 7, 2026, negotiators from the European Parliament and the Council met again to discuss the requested amendments to the EU AI Act. In the early hours of May 7, 2026, the parties agreed on numerous changes to the AI Act. An initial press release was published by the European Parliament on Thursday morning.

In an initial reaction, the Commission welcomed the agreement and the proposed amendments.

The aim of the changes is to simplify the implementation and practical application of the AI Act, thereby strengthening Europe’s capacity for innovation without weakening its core principles. The key provisions and the risk-based approach of the AI Act will remain unchanged.

But what specific simplifications have been agreed upon?

New Deadlines for High-Risk AI Systems

The following deadlines are now proposed for high-risk AI systems:

  • From December 2, 2027 for AI systems with high-risk applications listed in Annex III (including biometric systems as well as applications in critical infrastructure, education, employment, law enforcement, and border management) — originally scheduled for August 2, 2026 under the AI Act timeline.
  • From August 2, 2028 for AI systems used as safety components that fall under EU product safety and market surveillance legislation — originally planned for August 2, 2027.

In addition, the mandatory watermarking of AI-generated content as a labeling requirement is postponed to December 2, 2026 (instead of February 2, 2027 in the Commission proposal and August 2, 2026 under the original AI Act timeline).

Reduction of Overlaps

Overlapping requirements for machinery products are to be eliminated.

It will be clarified that machinery products only need to comply with sector-specific safety requirements (instead of both the AI Act and sector-specific rules). Safeguards are to be put in place to ensure an equivalent level of health and safety.

The interaction between AI legislation and EU product safety rules, particularly the Machinery Regulation, has therefore been clarified. This is intended to avoid duplication between sectoral and AI requirements.

However, this exemption for machinery products represents a partial sectoral approach and a departure from the uniform horizontal approach of the AI Act. How the associated safeguards will be designed remains unclear (at present). AI-specific requirements—originally defined cross-sectorally and uniformly in the AI Act—are now to be integrated into the Machinery Regulation. Requirements relating to robustness, performance, data governance, risk and quality management, human oversight, and control will therefore be transferred into sectoral regulation.

How, when, and in what form this will be implemented remains unclear for now, leaving affected companies without planning certainty. This exclusion applies only to machinery products and not—as was temporarily considered—to medical devices, in vitro diagnostics, and toys. The departure from the horizontal approach has thus been partially implemented. Clarification of the specifics will follow in the future.

Clarification on Safety Components

A restriction will be introduced regarding what qualifies as a “safety component.”

Products with AI functions that merely support users or optimize performance will not automatically be subject to high-risk obligations—provided that their failure or malfunction does not pose health or safety risks.

Personal Data

The processing of personal data will be permitted where it is strictly necessary. This is intended to help detect and correct biases. However, appropriate safeguards must be maintained for both high-risk and non-high-risk AI systems.

Expanded Relief for SMCs

Exceptions for small and medium-sized enterprises (SMEs) will be extended to include small mid-cap companies (SMCs) in order to promote their growth. Medium-sized companies under the EU definition include those with up to 749 employees, annual revenue of up to €150 million, or a balance sheet total of up to €129 million. In the future, they will benefit from the same AI Act simplifications as SMEs.

Ban on “Nudifier” Apps

AI systems will be banned if they:

  • generate material involving child sexual abuse, or
  • depict the intimate body parts of an identifiable person or show that person engaged in sexually explicit acts without their consent.

The ban applies to:

  • placing such AI systems on the EU market,
  • placing them on the market without adequate safeguards to prevent such content, and
  • using such systems for these purposes.

Content may include images, videos, or audio. Companies are given until December 2, 2026 to adapt their systems.

Conclusion

While the postponements provide operators and users with more time, they do not change the fundamental responsibilities.

The primary reason for the delay—namely the lack of harmonized standards and delayed Commission guidelines—has not yet been resolved and must be addressed more urgently. Only then can companies meaningfully and reliably prepare for the (now later) applicable regulations. The postponement and sequencing of applicability may help ensure that technical standards and support instruments are in place before the rules take effect. Supporting documentation must now be urgently initiated, developed or finalized, and, above all, made publicly available.

Although the agreement is generally welcome, as it aims to eliminate legal uncertainty for all stakeholders and allows time to provide supporting documentation, new uncertainties have arisen regarding machinery products.

The agreement is only provisional and political in nature. It must now be formally adopted through the European legislative process. The European Parliament and the Council must formally approve the amendments. Once adopted, the changes will be published in the Official Journal of the European Union and will enter into force three days later. This should occur before August 2, 2026, in order to avoid legal ambiguities and ensure that the postponements become legally binding before the original dates of application.

Implications for Companies

For now, the guiding principle remains: “Keep Calm and Carry On.”

The changes are not yet legally binding, neither substantively nor in terms of timing. The specific details and legal texts are not yet available. Providers, operators, and other stakeholders in AI systems should therefore remain calm and, if necessary, seek expert support.

If you are unsure how to position yourself with regard to the AI Act or how to achieve AI compliance, we can support you with our AI Act Roadmap. Feel free to contact us for a non-binding initial consultation!

Get in touch with us!

Briefumschlaege als Icons, Netzwerkkonzept
thodonal / stock.adobe.com

We offer our services in consulting projects and in-house workshops and would be happy to provide you with more information about our services and answer any questions.

AI Projects & Services: aips@vde.com

Follow Us
© 2026 VDE Verband der Elektrotechnik Elektronik Informationstechnik e.V.