The EU AI Act blinked — your logging requirements didn't

The EU AI Act omnibus moved high-risk deadlines to 2027–28. The logging, oversight, and inventory work is still yours — and reliability needs it anyway.


Diagram: EU AI Act timeline after the 2026 omnibus — deadlines that moved (Annex III to December 2027, Annex I to August 2028) versus obligations already in force and unchanged

On June 29, the Council of the EU gave its final green light to the AI Act simplification package — the “digital omnibus” that had been provisionally agreed in May. The headline: the high-risk obligations that were due to hit on August 2, 2026 are moving. Stand-alone Annex III systems get until December 2, 2027; AI embedded in regulated products under Annex I gets until August 2, 2028 (Gibson Dunn has the clean summary).

If your roadmap had an August line item labeled “AI Act readiness,” you just inherited sixteen months. I want to talk you out of spending them the way most organizations are about to.


What moved, what didn’t

The omnibus is schedule relief, not scope relief. The Act’s architecture — risk tiers, obligations, penalties up to €15 million or 3% of global turnover — is intact. And three sets of obligations didn’t move at all:

  • Article 5 prohibitions (unacceptable-risk practices) — in force since February 2025.
  • GPAI model obligations (Articles 51–56) — in force since August 2025. Mostly a model-provider problem, with a downstream catch: fine-tune or substantially modify a general-purpose model and you can inherit provider-like duties.
  • Article 50 transparency — still lands August 2, 2026, three weeks from now: disclose AI interaction to users, mark synthetic content, with a four-month grace period for watermarking systems already on the market.

So “the AI Act got delayed” is true only for the middle of the pyramid. The bottom is live, the top has been live for a year, and a transparency deadline is about to arrive on schedule.

Why the retreat? Readiness, mostly. The Cloud Security Alliance’s research notes documented a wide enterprise gap against the original date, harmonized standards were late, and regulators weren’t staffed. The EU looked at an August wall few could climb and moved the wall.


Why platform teams got this assignment

Strip the legal language from the high-risk requirements (Articles 8–15) and read them as an infrastructure spec. That’s what they are:

A documented risk management system across the lifecycle. Data governance over training and input data. Technical documentation that stays current. Automatic logging of system events for traceability. Human oversight designed into the system, with overseers able to understand capabilities and intervene. Accuracy, robustness, and cybersecurity appropriate to purpose — measured, not asserted.

None of that is producible by a compliance officer with a template the quarter before a deadline. Every line is a platform capability with a long lead time, and — this is the part I find genuinely elegant — every line is something a serious reliability practice builds anyway:

  • Automatic logging is tracing the agent loop wearing a tie. Span-level records of what the system saw, decided, and did, attributable to a real identity rather than a shared key — you want this for debugging before any regulator wants it for audit.
  • Human oversight is the bounded-autonomy approval architecture: defined authority limits, an approval surface that shows blast radius, an intervention path that’s been tested rather than diagrammed.
  • Accuracy and robustness is an evaluation pipeline — measured evidence of how the system behaves, including under fault injection, versioned alongside the system it describes.
  • The inventory that classification requires is the same agent and AI-system catalog you need operationally the moment more than one team ships agents. You cannot classify what you cannot enumerate — and you can’t secure or observe it either.

I’ve made the no-anonymous-inference-endpoints argument on pure operational grounds; the Act arrives at the same architecture from the legal side. When two unrelated forcing functions independently specify the same infrastructure, that’s usually the infrastructure to build.


The trap in the extra sixteen months

Here’s the pattern I’d bet on, because it’s what every deadline extension produces: organizations that treated the Act as a compliance project will stop, because the project lost its date. Then mid-2027 arrives, the work restarts under pressure, and it gets built as what it was always mislabeled as — a checkbox layer, bolted beside production instead of into it. Logging that exists for auditors but that no engineer trusts during an incident. Oversight workflows that route around the real deployment path. Documentation that describes the system as of its last annual review.

The alternative costs less and yields more: build the capabilities as reliability infrastructure on your own schedule, and let compliance be a view over systems you run because they make your platform better. The deferral is exactly the runway that approach needs — 12 to 24 months is the honest estimate for logging, oversight, and evaluation capabilities at enterprise scale, which is almost precisely what the omnibus handed back.


Honest caveats

I’m an infrastructure architect, not a lawyer; classification questions belong with counsel, and this post is not legal advice. The omnibus text awaited Official Journal publication as I wrote this — final numbers can shift in small ways. Most internal SRE tooling is genuinely not high-risk under Annex III, so don’t let anyone sell you a compliance platform on fear alone; the safety-component and Annex I edges (critical infrastructure, machinery, medical devices, aviation) are where platform work most often crosses the line, and regulated industries were always going to live closer to it. And deadline politics aren’t over — dates have moved once and could move again, in either direction, which is precisely why anchoring the work to reliability value instead of legal dates is the only planning that survives.


What to do Monday

  • Build the AI system inventory — every model, agent, and AI-assisted decision path, with intended purpose, data touched, and who’s affected. First artifact everyone asks for; prerequisite for literally everything else.
  • Run a rough Annex III classification pass with counsel. An afternoon’s mapping kills months of ambient anxiety and tells you if you have a real high-risk exposure or none.
  • Check Article 50 now, not in 2027. User-facing AI must disclose itself, synthetic content must be marked — that deadline is August 2, this year.
  • Point your logging roadmap at audit-grade traceability. Per-decision traces with identity attribution serve incidents today and regulators later; one build, two customers.
  • Write the human-oversight spec for your highest-authority agent — limits, approval surface, intervention path, and evidence it was tested. That document is reliability engineering this quarter and compliance evidence in 2027.

The omnibus is a rare gift from Brussels: the requirements stood still while the clock moved. Teams that read it as permission to stop will meet these requirements twice — once badly, later. Teams that read it as runway get to build the logging, oversight, and evaluation layer once, properly, for the systems they were already going to have to trust.

Frequently asked questions

What did the EU AI Act omnibus actually change?

It moved the high-risk compliance deadlines while keeping the rest of the Act intact. Obligations for stand-alone high-risk systems under Annex III, originally applicable on August 2, 2026, are deferred to December 2, 2027; for AI embedded in regulated products under Annex I, to August 2, 2028. Everything already in force stays in force: the Article 5 prohibitions (since February 2025), the general-purpose AI model obligations (since August 2025), and the Article 50 transparency requirements still land on August 2, 2026, with a four-month grace period for watermarking existing systems. The political agreement came in May 2026 and the Council gave its final approval on June 29, 2026, with Official Journal publication expected shortly after.

Does the delay mean engineering teams can pause EU AI Act work?

Pausing is the expensive option. The Annex III capabilities — a documented risk management system, data governance, technical documentation, automatic logging, human oversight, and accuracy/robustness/cybersecurity safeguards — are 12-to-24-month platform builds for most organizations, which is roughly the runway the deferral restored. Industry readiness surveys were showing large enterprise gaps against the original 2026 date, which is a big part of why it moved. And nearly every required capability doubles as reliability infrastructure you'd want anyway: audit-grade logging is tracing, human oversight is an approval workflow, robustness testing is an evaluation pipeline. Teams that pause rebuild the same things later, under deadline pressure, twice.

Which EU AI Act obligations apply to AI systems in 2026 right now?

Three sets are live regardless of the omnibus. Article 5 prohibitions on unacceptable-risk practices have applied since February 2025. General-purpose AI model obligations (Articles 51–56) have applied to model providers since August 2025 — relevant downstream because fine-tuning or substantially modifying a GPAI model can pull you into provider-like duties. And Article 50 transparency obligations — disclosing AI interaction to users, marking synthetic content — still take effect August 2, 2026, unmoved by the omnibus apart from a four-month watermarking grace period for systems already on the market. Penalties scale up to €15 million or 3% of global annual turnover.

Is internal SRE and platform tooling considered high-risk under the EU AI Act?

Usually not. High-risk status under Annex III attaches to specific use-case categories — employment decisions, credit scoring, critical-infrastructure safety components, and similar — not to AI use in general, so an internal incident-triage agent or log summarizer typically isn't high-risk. The two places platform teams get pulled in: AI that becomes a safety component of critical infrastructure or of an Annex I regulated product (machinery, medical devices, aviation) can be high-risk, and classification requires an actual inventory-and-mapping exercise rather than a vibe. That inventory is the first artifact regulators, auditors, and your own lawyers will ask for — build it even if every entry turns out low-risk.