EU AI Act Goes Live: What the Omnibus Amendments Mean for Your Business
The EU AI Act enters full force on 2 August 2026. Here is what the Omnibus VII amendments changed - and which transparency rules every business must comply with now.

The EU AI Act reaches full application on 2 August 2026 - weeks away. On 29 June 2026, the Council of the EU gave its final approval to the "Digital AI Omnibus" (Omnibus VII), a package of amendments that extends several key deadlines and simplifies compliance for smaller businesses. But one category of obligations did not move: Article 50 transparency rules apply on 2 August 2026 regardless of size or sector, and they affect every business operating a customer-facing AI system in the EU.
Three Key Facts for the Week of 2 August 2026
First: any chatbot, AI assistant, or automated system interacting with users must disclose it is AI by 2 August 2026 - no extension, no SME exceptions. Second: the compliance deadline for most high-risk AI applications - recruitment screening, credit scoring, education systems, biometric identification - was extended by 16 months to 2 December 2027. Third: companies with up to 750 employees and annual revenue under 150 million euros now qualify for expanded SME protections under the AI Act.
What the Omnibus VII Package Changed
The EU reached political agreement on the Omnibus amendments on 7 May 2026. The European Parliament formally endorsed them on 16 June, and the Council gave final approval on 29 June. The changes entered into force three days after publication in the Official Journal of the EU, ahead of the 2 August deadline.
The most significant deadline extension applies to Annex III high-risk AI systems - those used in employment and HR screening, educational institutions, essential services, creditworthiness assessment, and public administration. These systems now face a compliance deadline of 2 December 2027, pushed back 16 months from the original date of 2 August 2026. AI systems embedded as safety components in regulated products face an even longer runway: their deadline moves to 2 August 2028.
For generative AI systems already deployed before 2 August 2026, a four-month grace period applies for synthetic media watermarking obligations. New deployments after 2 August 2026 must comply immediately with watermarking requirements when publishing AI-generated content.
What Did Not Change: August 2 Transparency Is Still Live
The Omnibus extended many timelines, but it left Article 50 untouched. From 2 August 2026:
- Any AI system designed for direct interaction with humans - chatbots, virtual assistants, automated email responders - must inform users they are communicating with an AI.
- Emotion recognition systems and biometric categorization systems must notify the people they analyze.
- Deepfakes and AI-generated audio or video content must be labeled as artificially created using watermarks, metadata, or visible disclosure.
These requirements apply to both providers (companies that build AI systems) and deployers (companies that put them in front of customers). A business running a third-party AI chatbot on its website is a deployer - and the disclosure obligation falls on both parties.
Expanded SME Protections
Under the original AI Act, reduced compliance burdens applied only to small and medium-sized enterprises as defined by EU rules - up to 250 employees and 50 million euros in revenue. The Omnibus extends these protections to "small mid-cap" companies: up to 750 employees and 150 million euros in annual revenue. This matters for the German Mittelstand. Many family-owned manufacturing and technology companies in the 250-750 employee range now qualify for simplified conformity assessment pathways, lower documentation requirements, and priority access to regulatory sandboxes.
New Prohibition: Non-Consensual Intimate Imagery
The Omnibus introduced one new prohibition absent from the original AI Act. AI systems that generate or manipulate non-consensual intimate imagery - so-called nudifier applications - are banned from 2 December 2026. Providers face liability when such output is an intended or foreseeable outcome of the system. This closes a gap that earlier drafts of the AI Act left open.
Industrial AI Exemption
AI systems used exclusively under the EU Machinery Regulation are now exempt from the AI Act's classification requirements. This is relevant for German manufacturers using AI for production line monitoring, predictive maintenance, or automated quality control. If those systems fall under the Machinery Regulation, they do not require AI Act conformity procedures.
Penalties Remain Severe
Nothing in the Omnibus reduced the penalty framework. Maximum fines for violations of prohibited AI practices remain at 35 million euros or 7% of total annual worldwide turnover - whichever is higher. This exceeds GDPR's maximum of 4% of global turnover. For violations of information-sharing obligations between providers and deployers in the supply chain, the fine is up to 3% of global turnover.
What This Means for DACH Businesses
Any German or EU business running a customer-facing AI system - an automated support bot, a lead qualification assistant, an AI-powered scheduling tool - must have transparent disclosure mechanisms live by 2 August 2026. That is the non-negotiable part of the August deadline.
High-risk applications - AI used to screen job applicants, assess creditworthiness, or make decisions about access to essential services - have until December 2027 to reach full compliance. But the risk management frameworks, technical documentation, and human oversight mechanisms the AI Act requires are substantial. Starting those assessments in mid-2027 leaves too little runway. Now is the right moment to begin.
For Mittelstand companies in the newly expanded SME category, the Omnibus provides meaningful regulatory breathing room - but not an exemption. The core obligations apply; the pathways to demonstrate compliance are simplified.
OpSolid designs and builds automation and AI systems for mid-market businesses in Germany and the EU. When integrating AI into business workflows - whether customer-facing or internal - compliance with the AI Act's disclosure requirements and risk classification framework is part of the architecture from the start, not an afterthought.
Sources
- EU Council: Final approval of AI Act simplification, 29 June 2026
- Latham & Watkins: EU AI Act Update - EU Resolves to Change Rules and Extend Deadlines
- Inside Global Tech: EU AI Act Update - Timeline Relief, Targeted Simplification, and New Prohibitions
- TechJack Solutions: EU AI Act Deadlines Are Now Law - What the Council's June 29 Adoption Changes