Digital Omnibus — EU AI Act Timeline and Enforcement Delay

Definición

Definición técnica

The Digital Omnibus is a European Commission legislative package proposed in February 2025 that consolidates amendments to multiple digital regulations — including the EU AI Act, the GDPR, the NIS2 Directive, and the Cyber Resilience Act — into a single legislative vehicle. Its stated objective is to reduce regulatory complexity and administrative burden for businesses, particularly SMEs, operating under overlapping digital frameworks.

For the EU AI Act specifically, the Digital Omnibus proposes significant changes to enforcement timelines and scope. The most consequential proposal is the delay of the high-risk AI system obligations — originally scheduled to begin applying in August 2026 — to late 2027-2028. It also proposes adjustments to the definition of high-risk AI systems under Annex III, simplifications to conformity assessment procedures for certain categories, and reductions in administrative obligations for specific types of deployers.

As of April 2026, the Digital Omnibus is in legislative process. Its final form will depend on negotiations between the European Commission, the European Parliament, and the Council. Organizations should monitor the legislative process closely, as the final scope of changes may differ from the Commission’s initial proposal.

IMPORTANT: Based on the Digital Omnibus timeline, high-risk AI obligations enforcement is expected 2027-2028, NOT August 2026. Only the prohibited practices ban applied in August 2025.

Por qué importa operativamente

The Digital Omnibus matters because it changes the enforcement timeline that organizations use to plan AI compliance investments. Organizations that have planned their EU AI Act compliance roadmap based on August 2026 high-risk system obligations need to update their planning based on the Digital Omnibus timeline. The delay does not eliminate the obligations — it moves the enforcement date — but it changes the urgency calculus for organizations that had deferred compliance work.

The Digital Omnibus also matters because it signals the European Commission’s responsiveness to industry concerns about compliance burden. The direction of travel in EU AI regulation is toward practical implementation, not regulatory retreat. Organizations that use the delay as an opportunity to build genuine governance capacity rather than deferring indefinitely are better positioned for the eventual enforcement environment.

EU AI Act timeline actualizado / Updated EU AI Act Timeline

Date Milestone
1 August 2024 EU AI Act enters into force
2 February 2025 AI governance provisions (Ch. I and II) apply
2 August 2025 Prohibited AI practices ban applies
Late 2026 Harmonized standards expected (without Digital Omnibus: August 2026)
2027-2028 High-risk AI system obligations (Digital Omnibus delay)
2 August 2027 Full GPAI model obligations (unaffected by Digital Omnibus)

Cómo lo evalúa Zertia

Zertia’s EU AI Act Assessment provides organizations with a current-state analysis based on the most up-to-date legislative timeline, including Digital Omnibus developments. The assessment maps the organization’s AI systems against applicable obligations under the current and evolving regulatory timeline, providing a compliance roadmap that accounts for both the delay in high-risk obligations and the continued applicability of prohibited practices bans and GPAI obligations.

EU AI Act Assessment — [zertia.ai/services/risk-assessments/eu-ai-act-assessment]

CTA

The Digital Omnibus delays enforcement but not the obligations. The window for proactive compliance preparation is open now. Zertia’s EU AI Act Assessment maps your exposure and roadmap.

Contact · Schedule a call · Learn More

Definiciones que se sostienen ante un auditor.

¿Este término aplica a tu proyecto de certificación? Hablemos 30 min sin compromiso.