Logan Kelly
The EU AI Act's August 2, 2026 deadline didn't disappear — only part of it did. See what still applies to AI agents and how Waxell enforces it.

The EU AI Act's August 2, 2026 deadline is real. It is seventeen days away as of this writing. It is also, for most teams building AI agents, not the deadline they think it is.
For the past two months, "EU AI Act August 2026" has circulated as shorthand for the Act's high-risk obligations under Annex III — human oversight, audit trails, technical documentation for AI systems used in employment, essential services, and law enforcement. That deadline moved. On May 7, 2026, the Council of the EU and European Parliament reached a provisional agreement to defer it; the European Parliament's plenary approved the deal 423–57 on June 16, 2026; and the Council gave its final sign-off on June 29, 2026. Annex III's high-risk obligations for stand-alone AI systems now apply from December 2, 2027, with AI embedded in already-regulated products (medical devices, machinery, industrial equipment) pushed further to August 2, 2028. As of this writing the amended text has not yet been confirmed as published in the Official Journal of the EU — publication is expected in mid-to-late July 2026, with the changes entering into force three days later — so treat December 2, 2027 as the operative planning date, not yet the fully executed legal date.
That's the deferral everyone has heard about. What's gotten less attention is what the Digital Omnibus did not defer, and it's directly relevant to any team running AI agents that generate or publish content: Article 50's transparency obligations for deployers still apply from August 2, 2026. If your agents produce or manipulate synthetic audio, image, video, or text — and increasingly, agentic workflows do exactly that — you have obligations arriving in the next few weeks that have nothing to do with the Annex III deferral making headlines.
What Actually Changed, and What Didn't
Three separate deadlines got tangled together in most coverage of the Digital Omnibus. They're worth pulling apart:
Annex III high-risk obligations (deferred). The requirements for technical documentation, human oversight (Article 26), and automatic event logging (Article 12) for high-risk AI systems — the ones covered in depth in our earlier breakdown of the Annex III deferral — now apply from December 2, 2027 for stand-alone systems. This is the deferral. If your agents don't touch employment decisions, essential services access, law enforcement, or the other Annex III categories, this deadline was never yours to worry about in the first place.
Provider-side content marking (partially deferred). Article 50 requires providers of generative AI systems to embed machine-readable markers in AI-generated audio, image, video, and text, so the content can be identified as artificially generated or manipulated. The Digital Omnibus gives a four-month grace period here: systems already on the market before August 2, 2026 have until December 2, 2026 to implement this marking. New systems placed on the market after August 2, 2026 don't get the grace period.
Deployer-side labeling (not deferred — still August 2, 2026). This is the one most agent-building teams are underestimating. Under Article 50, deployers of AI systems that generate or manipulate deepfakes, or that generate or manipulate text published to inform the public on matters of public interest, must clearly disclose that the content is artificially generated. This obligation was untouched by the omnibus. It applies from August 2, 2026, in full. If an AI agent in your stack drafts public-facing content, summaries, or communications and that content reaches an audience without disclosure, the clock is already running.
The European Commission also published its final Code of Practice on marking and labeling of AI-generated content on June 10, 2026, splitting guidance into a provider track (machine-readable marking and detection) and a deployer track (labeling deepfakes and public-interest text) — worth reading if your agents touch either category.
Why "We're Not High-Risk" Isn't the Same as "We're Compliant"
Most of the compliance conversation in AI engineering teams over the past year has centered on Annex III, because that's where the largest fines sit — up to €15 million or 3% of global annual turnover for high-risk non-compliance. Teams that confirmed their agents don't fall into an Annex III category have, reasonably, deprioritized EU AI Act work. The Digital Omnibus's Annex III deferral reinforces that instinct.
But Article 50's transparency obligations apply regardless of risk tier. An AI agent doesn't need to be "high-risk" to be a deployer-side content generator that owes a disclosure. A marketing agent drafting a press statement, a customer-facing chatbot generating a summary that gets published, an agent producing synthetic media for an ad campaign — none of these are Annex III use cases, and all of them are Article 50 use cases with an August 2, 2026 deadline that didn't move.
This is the gap the Digital Omnibus coverage mostly glossed over: two different clocks, on two different articles, moving at two different speeds. Conflating them either creates false urgency (panicking about Annex III audit trails you don't need until 2027) or false calm (assuming the whole Act got pushed back, when the transparency piece didn't).
What This Requires From an Agent Architecture
Meeting the August 2, 2026 deployer obligation isn't a policy document — it's a runtime behavior. The disclosure has to actually attach to the content before it reaches an audience, every time, without relying on a human remembering to add it manually. That's an enforcement problem, not a documentation problem, and it's the same architectural gap that shows up whenever compliance depends on what an agent is supposed to do rather than what it's prevented from doing without the right step happening first.
How Waxell handles this: Waxell's policy enforcement layer includes a Content policy category — one of 50+ policy categories available out of the box across Waxell Observe and Runtime — that can require a disclosure or labeling step before generated content is allowed to leave the agent's execution boundary, rather than trusting the model to remember to add one. Because policy evaluation happens pre-execution, a missing disclosure step blocks the output instead of producing an unlabeled deepfake or an unmarked AI-generated statement that ships anyway. Every evaluation — disclosure applied, disclosure missing, action blocked — is captured as a durable execution record, which is the same audit infrastructure a compliance team would need to show a regulator that Article 50 obligations were actually being enforced, not just documented. Waxell Observe instruments this across 200+ supported libraries and frameworks with two lines of code, so the enforcement layer doesn't require rebuilding the agent that's already in production.
For teams that also fall under Annex III and are using the deferral to build compliance infrastructure properly rather than pausing entirely, our earlier post on the December 2027 deadline and the audit trail requirements auditors actually ask for cover that build-out in more depth.
What to Do in the Next Two Weeks
If you're running AI agents that generate or manipulate content and any of it becomes public-facing, the practical checklist before August 2, 2026 is short:
Inventory which agents produce public-facing content. Deepfakes, synthetic media, and AI-generated or AI-manipulated text published on matters of public interest are the specific Article 50 deployer triggers — internal tooling and non-public drafts are not in scope the same way.
Confirm whether disclosure happens today, and how. If it's a step a human adds manually before publishing, that's a compliance gap waiting for the one time someone forgets.
Move disclosure into the execution path, not the documentation. A policy that fires before content leaves the agent is enforceable; a style guide instruction to the model is not.
Separate this from your Annex III planning. Use the extra runway on Annex III (now December 2027) to build audit infrastructure properly. Don't let that longer timeline create the impression that the August 2, 2026 transparency deadline moved with it — it didn't.
Frequently Asked Questions
Did the EU AI Act's August 2, 2026 deadline get postponed?
Partially. The Annex III high-risk obligations that most compliance discussions focus on were deferred to December 2, 2027 under the Digital Omnibus on AI (Council final approval June 29, 2026; Parliament approval June 16, 2026). But Article 50's deployer-side transparency obligations — disclosing AI-generated deepfakes and public-interest text — were not deferred and still apply from August 2, 2026.
What is Article 50 of the EU AI Act?
Article 50 sets transparency obligations for AI systems. It requires providers of generative AI systems to embed machine-readable markers identifying AI-generated content, and requires deployers of systems that produce deepfakes or AI-generated text on matters of public interest to disclose that the content is artificially generated.
Does the provider marking obligation also apply August 2, 2026?
Not for systems already on the market. The Digital Omnibus gives a four-month grace period for provider-side machine-readable marking: systems on the market before August 2, 2026 have until December 2, 2026 to comply. New systems entering the market after August 2, 2026 don't get that grace period.
Do AI agents count as "generative AI systems" under Article 50?
If an agent generates or manipulates audio, image, video, or text output — including text summaries, drafted communications, or synthetic media — it can trigger Article 50 obligations depending on whether that output is public-facing and whether it constitutes a deepfake or public-interest content. This is a narrower and more literal test than the Annex III "high-risk" categorization, which is why agents that aren't remotely high-risk can still owe an Article 50 disclosure.
What are the penalties for missing Article 50 transparency obligations?
The AI Act's tiered penalty structure applies broadly across the Act; Annex III non-compliance specifically carries fines up to €15 million or 3% of global annual turnover, whichever is higher. Regulatory guidance on Article 50-specific enforcement is still developing as national authorities stand up enforcement capacity, which is a reason to treat "the fine is smaller" as an assumption rather than a plan.
Has the Digital Omnibus been formally published yet?
As of this writing, the Council of the EU gave final approval on June 29, 2026, following the European Parliament's June 16, 2026 vote. Formal publication in the Official Journal of the EU — after which the amendments take legal effect three days later — was expected in mid-to-late July 2026 but had not been independently confirmed as complete at the time this post was drafted. Confirm current status against the EU AI Act Service Desk timeline before finalizing any compliance plan built on these dates.
Get access to Waxell Runtime and put a policy-enforced disclosure step in front of every piece of AI-generated content your agents publish — before August 2, 2026 makes that a regulatory question instead of a design choice.
Sources
Shumaker, Loop & Kendrick: EU AI Act — Council Gives Final Green Light to the Digital Omnibus on AI
Gibson Dunn: EU AI Act Omnibus Agreement — Postponed High-Risk Deadlines and Other Key Changes
White & Case: EU Agrees Digital Omnibus Deal to Simplify AI Rules
European Commission: Code of Practice on marking and labelling of AI-generated content
EU Artificial Intelligence Act: Article 50 — Transparency Obligations
Agentic Governance, Explained




