All Deadlines at a Glance
| Date | What Applies | Key Articles | Status |
|---|---|---|---|
| 1 Aug 2024 | EU AI Act enters into force | Art. 113 | ✓ In Effect |
| 2 Feb 2025 | Prohibited practices + AI literacy | Arts. 4, 5 | ✓ In Effect |
| 2 May 2025 | GPAI codes of practice due | Chapter V | ✓ In Effect |
| 2 Aug 2025 | GPAI rules + governance + penalties | Chs. III§4, V, VII, XII | ✓ In Effect |
| 2 Aug 2026 | Majority of rules — high-risk enforcement starts | Full Reg., Annex III | Upcoming — Critical |
| 2 Aug 2027 | High-risk AI in regulated products | Art. 6(1), Annex I | Upcoming |
Detailed Timeline
1 August 2024
EU AI Act Enters into Force
The regulation was published in the Official Journal and entered into force. The 24-month countdown to full application began. At this point, no obligations were directly enforceable yet — this date simply started the clock.
Article 113
2 February 2025
Prohibited Practices + AI Literacy Apply
All eight prohibited AI practices under Article 5 became enforceable — social scoring, subliminal manipulation, untargeted facial scraping, emotion recognition in workplaces and schools, biometric categorisation on sensitive attributes, and more. AI literacy obligations (Article 4) also kicked in: providers and deployers must ensure staff have sufficient understanding of the AI systems they work with.
Articles 4, 5 · Chapters I, II
2 May 2025
GPAI Codes of Practice Due
Codes of practice for General-Purpose AI model providers were supposed to be finalised by this date, giving providers a framework to demonstrate compliance ahead of the August 2025 enforcement. These codes cover transparency, copyright compliance, and training data documentation.
Chapter V
2 August 2025
GPAI Rules + Governance Operational
Rules for General-Purpose AI models became fully applicable. All GPAI providers must now maintain technical documentation, provide downstream provider information, comply with copyright rules, and publish training data summaries. GPAI models with systemic risk (>10^25 FLOPs) face additional obligations: adversarial testing, incident reporting, cybersecurity measures, and energy consumption reporting. Governance structures, notified body frameworks, and penalty provisions also took effect.
Chapters III§4, V, VII, XII · Article 78
2 August 2026
Majority of Rules Apply — Full Enforcement Starts
This is the deadline that matters most under current law. All high-risk AI systems listed in Annex III must comply with the full set of requirements under Articles 8–15: risk management, data governance, technical documentation, record-keeping, transparency, human oversight, accuracy, robustness, and cybersecurity. Market surveillance authorities begin active enforcement. Deployer obligations (Article 26) are fully enforceable, including fundamental rights impact assessments (Article 27). Transparency obligations under Article 50 (chatbots, deepfakes, emotion recognition disclosure) also kick in. Article 99 sets maximum fine tiers for these obligations, while actual penalty application depends on the breach, national rules, and supervisory practice.
Full Regulation · Annex III
2 August 2027
High-Risk AI in Regulated Products
The final transition period ends. High-risk AI systems used as safety components of products covered by existing EU harmonised legislation — medical devices, machinery, vehicles, toys, lifts, marine equipment — must now comply with the AI Act on top of their existing product safety regulations. This affects AI embedded in physical products under Annex I, Section B.
Article 6(1) · Annex I
Digital Omnibus Watch
The European Commission's Digital Omnibus proposal (November 2025) could conditionally push back certain high-risk AI system deadlines from August 2026 to proposal-stage dates such as 2 December 2027 and 2 August 2028 — but only if the law is amended. As of 20 April 2026, the Council adopted its position on 13 March 2026, Parliament adopted its position on 26 March 2026, and trilogue negotiations have launched. It is not enacted law.
Our recommendation: Plan for 2 August 2026 as the binding high-risk compliance deadline. If an Omnibus backstop is later adopted, treat it as contingency time for refinement — not as your baseline. Evidence assembly, risk management system setup, and training programmes still take months, not weeks.
What Applies When — By Obligation Type
| Obligation | Enforcement Date | Who It Affects | Max Penalty |
|---|---|---|---|
| Prohibited practices (Art. 5) | 2 Feb 2025 | All providers & deployers | €35M / 7% |
| AI literacy (Art. 4) | 2 Feb 2025 | All providers & deployers | €15M / 3% |
| GPAI model obligations (Arts. 51-56) | 2 Aug 2025 | GPAI model providers | €15M / 3% |
| High-risk requirements (Arts. 8-15) | 2 Aug 2026 | High-risk AI providers | €15M / 3% |
| Deployer obligations (Art. 26) | 2 Aug 2026 | High-risk AI deployers | €15M / 3% |
| Transparency (Art. 50) | 2 Aug 2026 | Chatbots, deepfakes, emotion AI | €15M / 3% |
| Harmonised product AI (Annex I) | 2 Aug 2027 | AI in regulated products | €15M / 3% |
Frequently Asked Questions
The majority of the EU AI Act provisions — including the Annex III high-risk obligations under current law — become enforceable on 2 August 2026. This is the critical compliance deadline for most organisations unless the law is later amended. Some provisions took effect earlier (prohibited practices on 2 February 2025, GPAI rules on 2 August 2025), and the final tranche for high-risk AI in harmonised legislation products applies from 2 August 2027.
The Digital Omnibus proposal could postpone certain high-risk AI obligations to 2 December 2027 and some Annex I obligations to 2 August 2028 if enacted. Parliament has also floated proposal-stage watermarking transition dates of 2 November 2026 and 2 February 2027, but those are not current law. As of 20 April 2026, the Council adopted its position on 13 March 2026, Parliament adopted its position on 26 March 2026, and trilogue negotiations have launched. Plan for 2 August 2026 until the law actually changes.
Article 99 sets the penalty ceilings, and the penalty framework became applicable from 2 August 2025. The upper tiers are up to EUR 35 million or 7% of global turnover for prohibited practices, up to EUR 15 million or 3% for most other breaches, and up to EUR 7.5 million or 1% for supplying incorrect information. Actual enforcement depends on the breach, national implementation, and supervisory action. SMCs and startups pay the lower of the two figures in each tier.
As of 20 April 2026, two main current-law phases are already live: (1) Since 2 February 2025 — the eight prohibited AI practices under Article 5, plus AI literacy obligations under Article 4. (2) Since 2 August 2025 — GPAI rules, governance structures, notified body frameworks, and penalty provisions entered into application. Annex III high-risk requirements and Article 50 transparency obligations remain scheduled for 2 August 2026 under current law.
The countdown is calculated live on this page. The enforcement date is 2 August 2026.
Related Resources
Need More Practical Guidance?
Explore the free EU AI Compass tools and guides to classify your use case, understand your obligations, and move to the next compliance step.
Disclaimer & Sources
This page is provided for educational and informational purposes only by Move78 International Limited. It doesn't constitute legal advice. Regulatory interpretation may evolve as enforcement develops and as the Digital Omnibus proposal progresses.
Sources: Regulation (EU) 2024/1689 (Eur-Lex) · AI Act Service Desk · EC AI Policy