What is the EU AI Act August 2 2026 deadline?

August 2, 2026 is the enforcement date for EU AI Act obligations on high-risk AI systems listed in Annex III. After this date, deploying a high-risk AI system without completing conformity assessment, implementing human oversight mechanisms, and registering in the EU AI Act database exposes you to fines up to €15 million or 3% of global annual turnover. The deadline applies to both EU and non-EU companies if their AI affects EU residents.

How many days until the EU AI Act August 2026 deadline?

As of May 7, 2026, the EU AI Act August 2 deadline is 87 days away. Companies that have not started compliance work need to begin this week. A realistic minimum timeline for a small team to complete basic high-risk AI compliance is 8-10 weeks, which means May is the last month to start and still finish comfortably before the deadline.

What do I need to complete before August 2 2026?

For high-risk AI deployers, six obligations must be met before August 2: (1) classify each AI system against the Annex III list, (2) obtain the EU Declaration of Conformity from your AI vendor, (3) implement a risk management system, (4) establish human oversight mechanisms that actually function, (5) register the high-risk system in the EU AI Act database, and (6) issue or obtain a conformity assessment. Deployers using third-party AI tools can satisfy most obligations by requesting documentation from vendors — the burden shifts to the provider for the conformity assessment itself.

Is the EU AI Act August 2026 deadline being extended?

Possibly — but not yet. As of May 7, 2026, the EU Digital Omnibus proposal is still in active trilogue negotiations. The second trilogue (April 28, 2026) failed to reach agreement. A third trilogue is scheduled for May 13, 2026. The current proposal would move the Annex III (high-risk) deadline to December 2, 2027 and the Annex I deadline to August 2, 2028. However, no agreement has been enacted — August 2, 2026 remains the operative deadline until the Omnibus is formally adopted and published in the EU Official Journal, which could happen as late as July 2026. Compliance planning should proceed on the August 2026 timeline and treat any extension as a bonus, not a plan.

What is the EU AI Act August 2 2026 deadline?

August 2, 2026 is the enforcement date for EU AI Act obligations on high-risk AI systems listed in Annex III. After this date, deploying a high-risk AI system without completing conformity assessment, implementing human oversight mechanisms, and registering in the EU AI Act database exposes you to fines up to €15 million or 3% of global annual turnover. The deadline applies to both EU and non-EU companies if their AI affects EU residents.

EU AI Act August 2 Deadline: 87 Days Left —…

87 days left. Here is what to do each week.

Phase	Weeks	What you complete
Classify	Weeks 1–2	Know which of your AI tools are high-risk
Document	Weeks 3–6	Vendor conformity docs + your risk management system
Implement	Weeks 7–10	Human oversight operational + database registration
Finalize	Weeks 11–12	Review, test, sign off

If you haven't started: start this week. 8 weeks is the realistic minimum for a small team. You have 12. That is not much buffer.

This Week (May 7–14): Classify Everything

The first and most important step is determining which of your AI tools are actually high-risk under Annex III. Most small teams will find that most of their tools are not high-risk — but the ones that are require immediate action.

Do this now:

List every AI tool your team uses (approved and unapproved)
For each tool, answer: does it make or substantially influence decisions in hiring, credit scoring, healthcare, education, essential services, critical infrastructure, law enforcement, or border control?
For every "yes": you have a high-risk system — move it to your action list
For every "no": document that you checked and why it doesn't qualify — this is your evidence of due diligence
Use the EU AI Act risk tier self-assessment for borderline cases

Output this week: A list of your high-risk AI tools and the Annex III category each falls under. If this list is empty, your August 2 obligations are minimal — document that finding.

Weeks 2–4 (May 14 – June 4): Request Vendor Documentation

For each high-risk AI tool where you are the deployer (you are using a vendor's AI, not building it yourself), the vendor must provide:

EU Declaration of Conformity
Technical documentation summary
Instructions for use with human oversight information
Known limitations and error rates

Do this now:

Send a written request to each high-risk AI vendor asking for their EU Declaration of Conformity
Track responses in a log: vendor, date requested, date received, document location
If a vendor cannot provide an EU Declaration of Conformity, escalate — their product is non-compliant for high-risk deployment and you need to make a decision about continued use
Review each Declaration of Conformity when received — check that the use case you are deploying for is covered

Email template to send to vendors:

Subject: EU AI Act Conformity Documentation Request — [Your Company]

We are conducting EU AI Act compliance preparation for the August 2, 2026 
Annex III deadline. As a deployer of [Product Name], we require the following:

1. EU Declaration of Conformity for [Product Name]
2. Technical documentation summary covering: training data description, 
   accuracy metrics, known limitations, and intended use cases
3. Human oversight guidance for deployers
4. Sub-processor list (if applicable under your DPA)

Please confirm whether [Product Name] has completed conformity assessment 
for EU AI Act Annex III purposes, and the timeline for providing these 
documents if not yet available.

We need this documentation by [DATE — recommend 3 weeks from today].

Weeks 5–8 (June 4 – July 2): Build Your Risk Management System

While waiting for vendor documentation, build your internal risk management system. This is the document that shows you have a live process for identifying and mitigating AI risks.

Minimum required components:

Risk register — each high-risk AI tool, the risks it poses, and your mitigation for each
Monitoring cadence — how often you review performance data, who reviews it, what triggers escalation
Incident response — what happens if the AI produces a discriminatory output, a data breach, or a significant error
Human override procedure — documented process for a human to review, override, or halt the AI
Annual review schedule — date set for next full risk assessment

Copy-paste risk register structure:

AI System: [Name]
Annex III Category: [e.g., Employment — resume screening]
Provider: [Vendor name]
Deployment date: [Date]
EU Declaration received: Yes / No / Pending

Identified risks:
1. [Risk description] → Mitigation: [What you do]
2. [Risk description] → Mitigation: [What you do]

Human oversight mechanism: [Description of how a human reviews/overrides]
Monitoring: [Frequency, who, what metrics]
Escalation trigger: [What event triggers a human review]
Last reviewed: [Date]
Next review: [Date]

Weeks 9–10 (July 2–16): EU AI Act Database Registration

High-risk AI systems must be registered in the EU AI Act database before deployment — or before the August 2 deadline for already-deployed systems.

What to do:

Access the EU AI Act database at the EU AI Office portal (euaioffice.europa.eu)
Register each high-risk AI system: name, category, provider, intended purpose, geographic scope
Save the registration confirmation and registration number
Add the registration number to your internal compliance record for that system

If you are a deployer using a third-party tool, the provider registers the system — but you must verify they have done so and obtain their registration confirmation. Add this to your vendor documentation request.

Week 11 (July 16–23): Test Human Oversight End-to-End

A human oversight mechanism on paper is not the same as one that works. Run an end-to-end test before the deadline.

Test scenario: For each high-risk AI system, simulate a case where the AI output needs human review.

Does the person responsible for review actually have access to override the system?
Is the review process documented and findable by that person?
Does the person know what criteria to apply when reviewing?
Is the outcome of the human review logged?
Can an individual affected by the decision request human review? Is there a process for handling that request?

If any of these fail: Fix before August 2. A mechanism that exists in a document but not in practice will not satisfy the regulation.

Week 12 (July 23 – August 2): Final Review

All high-risk AI tools classified — documentation on file
EU Declarations of Conformity received from all high-risk vendors
Risk management system document complete and signed off
Human oversight mechanisms tested and operational
EU AI Act database registrations confirmed
Technical documentation available for each high-risk system
Internal compliance record complete for each high-risk system
Named owner for AI compliance confirmed and briefed

What If You're Behind Schedule?

If you're at Week 5 of this plan but it's already July:

Triage. Focus in this order:

Complete the Annex III classification — knowing which tools are high-risk is more important than anything else
Get vendor Declarations of Conformity — this is the most important deployer obligation
Document human oversight for each high-risk tool — even a one-page description is better than nothing
Register in the EU AI Act database — this is required but takes hours, not weeks

Incomplete compliance with documentation of good-faith effort is significantly better than no compliance at all. Regulators have stated that August 2026 enforcement will focus on systemic non-compliance and willful disregard, not on teams with documented work-in-progress.

References

EU AI Act (Regulation (EU) 2024/1689) — Articles 9, 11, 17, 72
EU AI Act high-risk AI systems: Annex III
EU AI Office: euaioffice.europa.eu
Related: EU AI Act compliance checklist
Related: EU AI Act risk tier self-assessment

87 days left. Here is what to do each week.

Phase	Weeks	What you complete
Classify	Weeks 1–2	Know which of your AI tools are high-risk
Document	Weeks 3–6	Vendor conformity docs + your risk management system
Implement	Weeks 7–10	Human oversight operational + database registration
Finalize	Weeks 11–12	Review, test, sign off

If you haven't started: start this week. 8 weeks is the realistic minimum for a small team. You have 12. That is not much buffer.

This Week (May 7–14): Classify Everything

Do this now:

List every AI tool your team uses (approved and unapproved)
For each tool, answer: does it make or substantially influence decisions in hiring, credit scoring, healthcare, education, essential services, critical infrastructure, law enforcement, or border control?
For every "yes": you have a high-risk system — move it to your action list
For every "no": document that you checked and why it doesn't qualify — this is your evidence of due diligence
Use the EU AI Act risk tier self-assessment for borderline cases

Output this week: A list of your high-risk AI tools and the Annex III category each falls under. If this list is empty, your August 2 obligations are minimal — document that finding.

Weeks 2–4 (May 14 – June 4): Request Vendor Documentation

For each high-risk AI tool where you are the deployer (you are using a vendor's AI, not building it yourself), the vendor must provide:

EU Declaration of Conformity
Technical documentation summary
Instructions for use with human oversight information
Known limitations and error rates

Do this now:

Send a written request to each high-risk AI vendor asking for their EU Declaration of Conformity
Track responses in a log: vendor, date requested, date received, document location
If a vendor cannot provide an EU Declaration of Conformity, escalate — their product is non-compliant for high-risk deployment and you need to make a decision about continued use
Review each Declaration of Conformity when received — check that the use case you are deploying for is covered

Email template to send to vendors:

Subject: EU AI Act Conformity Documentation Request — [Your Company]

We are conducting EU AI Act compliance preparation for the August 2, 2026 
Annex III deadline. As a deployer of [Product Name], we require the following:

1. EU Declaration of Conformity for [Product Name]
2. Technical documentation summary covering: training data description, 
   accuracy metrics, known limitations, and intended use cases
3. Human oversight guidance for deployers
4. Sub-processor list (if applicable under your DPA)

Please confirm whether [Product Name] has completed conformity assessment 
for EU AI Act Annex III purposes, and the timeline for providing these 
documents if not yet available.

We need this documentation by [DATE — recommend 3 weeks from today].

Weeks 5–8 (June 4 – July 2): Build Your Risk Management System

While waiting for vendor documentation, build your internal risk management system. This is the document that shows you have a live process for identifying and mitigating AI risks.

Minimum required components:

Risk register — each high-risk AI tool, the risks it poses, and your mitigation for each
Monitoring cadence — how often you review performance data, who reviews it, what triggers escalation
Incident response — what happens if the AI produces a discriminatory output, a data breach, or a significant error
Human override procedure — documented process for a human to review, override, or halt the AI
Annual review schedule — date set for next full risk assessment

Copy-paste risk register structure:

AI System: [Name]
Annex III Category: [e.g., Employment — resume screening]
Provider: [Vendor name]
Deployment date: [Date]
EU Declaration received: Yes / No / Pending

Identified risks:
1. [Risk description] → Mitigation: [What you do]
2. [Risk description] → Mitigation: [What you do]

Human oversight mechanism: [Description of how a human reviews/overrides]
Monitoring: [Frequency, who, what metrics]
Escalation trigger: [What event triggers a human review]
Last reviewed: [Date]
Next review: [Date]

Weeks 9–10 (July 2–16): EU AI Act Database Registration

High-risk AI systems must be registered in the EU AI Act database before deployment — or before the August 2 deadline for already-deployed systems.

What to do:

Access the EU AI Act database at the EU AI Office portal (euaioffice.europa.eu)
Register each high-risk AI system: name, category, provider, intended purpose, geographic scope
Save the registration confirmation and registration number
Add the registration number to your internal compliance record for that system

Week 11 (July 16–23): Test Human Oversight End-to-End

A human oversight mechanism on paper is not the same as one that works. Run an end-to-end test before the deadline.

Test scenario: For each high-risk AI system, simulate a case where the AI output needs human review.

Does the person responsible for review actually have access to override the system?
Is the review process documented and findable by that person?
Does the person know what criteria to apply when reviewing?
Is the outcome of the human review logged?
Can an individual affected by the decision request human review? Is there a process for handling that request?

If any of these fail: Fix before August 2. A mechanism that exists in a document but not in practice will not satisfy the regulation.

Week 12 (July 23 – August 2): Final Review

All high-risk AI tools classified — documentation on file
EU Declarations of Conformity received from all high-risk vendors
Risk management system document complete and signed off
Human oversight mechanisms tested and operational
EU AI Act database registrations confirmed
Technical documentation available for each high-risk system
Internal compliance record complete for each high-risk system
Named owner for AI compliance confirmed and briefed

What If You're Behind Schedule?

If you're at Week 5 of this plan but it's already July:

Triage. Focus in this order:

Complete the Annex III classification — knowing which tools are high-risk is more important than anything else
Get vendor Declarations of Conformity — this is the most important deployer obligation
Document human oversight for each high-risk tool — even a one-page description is better than nothing
Register in the EU AI Act database — this is required but takes hours, not weeks

References

EU AI Act (Regulation (EU) 2024/1689) — Articles 9, 11, 17, 72
EU AI Act high-risk AI systems: Annex III
EU AI Office: euaioffice.europa.eu
Related: EU AI Act compliance checklist
Related: EU AI Act risk tier self-assessment

EU AI Act August 2 Deadline: 87 Days Left — Week-by-Week Action Plan

This Week (May 7–14): Classify Everything

Weeks 2–4 (May 14 – June 4): Request Vendor Documentation

Weeks 5–8 (June 4 – July 2): Build Your Risk Management System

Weeks 9–10 (July 2–16): EU AI Act Database Registration

Week 11 (July 16–23): Test Human Oversight End-to-End

Week 12 (July 23 – August 2): Final Review

What If You're Behind Schedule?

References

EU AI Act August 2 Deadline: 87 Days Left — Week-by-Week Action Plan

This Week (May 7–14): Classify Everything

Weeks 2–4 (May 14 – June 4): Request Vendor Documentation

Weeks 5–8 (June 4 – July 2): Build Your Risk Management System

Weeks 9–10 (July 2–16): EU AI Act Database Registration

Week 11 (July 16–23): Test Human Oversight End-to-End

Week 12 (July 23 – August 2): Final Review

What If You're Behind Schedule?

References

Weeks 9–10 (July 2–16): EU AI Act Database Registration

Get the next template in your inbox

Weeks 9–10 (July 2–16): EU AI Act Database Registration

Get the next template in your inbox