Is the May 2026 omnibus now law?

No. On 7 May 2026 the Council and Parliament reached a provisional political agreement on the AI omnibus, also called the Digital Omnibus. It still needs formal adoption before it becomes binding law, so treat the dates as the intended timeline rather than settled obligations.

Does the EU AI Act apply to builders based in India or the UK?

Yes, if you serve EU users or place an AI system or output on the EU market. The Act applies extraterritorially, so an Indian or UK team selling into the EU is in scope even with no EU office. It does not regulate your purely domestic India or UK operations.

What is the most urgent deadline under the revised timeline?

Transparency obligations take effect from August 2026, with a grace period for generative-AI synthetic-content labelling running to 2 December 2026. High-risk system rules are postponed to 2 December 2027, so the near-term work is labelling and disclosure, not full high-risk conformity.

How does this compare to India's DPDP and the UK's approach?

India has no standalone AI Act; AI is governed through the DPDP Act, phased through May 2027, plus sector rules and a February 2026 deepfakes framework. The UK has no dedicated AI bill and one looks unlikely in 2026, with focus on innovation through AI Growth Zones and regulatory sandboxes.

EU AI Act Omnibus: What the May 2026 Simplification Changes

What you need to know

It is a political agreement, not yet law. On 7 May 2026 the Council and Parliament agreed provisionally on the AI omnibus (the Digital Omnibus). Formal adoption still has to follow, so the dates below are the intended timeline rather than settled obligations.
High-risk rules are postponed. Obligations for high-risk systems — biometrics, critical infrastructure, education, employment, migration, asylum and border control — move to 2 December 2027, a delay from the original August 2026 date.
Transparency lands sooner. Transparency rules take effect August 2026, and the grace period for generative-AI synthetic-content labelling runs to 2 December 2026. That is the nearer-term work.
It reaches you wherever you are. The Act applies extraterritorially. An Indian or UK team that serves EU users or places AI output on the EU market is in scope, even with no EU office.
Your home rules are different. India's DPDP and the UK's innovation-first stance do not mirror the EU regime. If you ship into the EU, you run two playbooks at once.

Pro tip

Do not wait for formal adoption to start the cheap work. Synthetic-content labelling, an AI disclosure line in your user interface, and a one-page system inventory cost almost nothing to build now and are the obligations that bite first in late 2026. The expensive high-risk conformity work is what the postponement actually buys you time on.

What the omnibus actually agreed

The headline is simplification. The EU AI Act, adopted in 2024, set a staggered roll-out, and the original calendar put a heavy band of obligations on high-risk systems from August 2026. The omnibus — reported as a provisional political agreement reached on 7 May 2026 and also referred to as the Digital Omnibus — re-spaces that calendar and trims some of the administrative load. It is important to be precise about its status: a political agreement between the Council and the Parliament is the negotiating milestone before the text is finalised and formally adopted. Until that adoption happens, none of the revised dates are legally binding, and the detail can still move. Plan against them, but build with a margin.

Three changes matter most for builders. First, transparency rules — the obligations that require you to tell people when they are interacting with AI, and to label AI-generated or manipulated content — take effect from August 2026. Second, the grace period for generative-AI synthetic-content transparency and labelling is set to 2 December 2026, giving providers a runway to get machine-readable marking and user-facing disclosure in place. Third, and most consequential for budgets, the rules for high-risk AI systems are postponed to 2 December 2027.

The revised timeline at a glance

Here is the agreed sequence, with who each milestone actually hits. Treat the dates as provisional pending formal adoption.

Date	Obligation	Who it hits
7 May 2026	Provisional political agreement on the AI omnibus reached (not yet law)	Everyone in scope — signal to start planning
August 2026	Transparency rules take effect — disclose AI interaction and AI-generated content	Any provider or deployer serving EU users, including IN/UK teams
2 December 2026	End of grace period for generative-AI synthetic-content transparency and labelling	Generative-AI providers and anyone shipping synthetic media into the EU
2 December 2027	High-risk system rules apply (postponed from August 2026)	Providers of biometrics, critical infrastructure, education, employment, migration, asylum, border control

Watch out

The postponement only covers high-risk obligations. The transparency and labelling deadlines in late 2026 are unchanged in substance and arrive first. If your product is a chatbot, a content generator, or anything that produces synthetic media, your earliest binding work is labelling — not the 2027 high-risk regime. Do not let the 2027 headline lull you into deferring the 2026 tasks.

Why this reaches Indian and UK builders

The most common mistake we see is teams outside the EU assuming the Act is somebody else's problem. It is not, because the AI Act applies extraterritorially. The trigger is not where you are incorporated; it is whether you place an AI system on the EU market, or whether the output of your system is used in the EU. A Bengaluru startup whose API is called by a customer in Berlin is in scope. A London agency whose generated marketing assets are published to EU audiences is in scope. No EU office is required.

This is the crucial framing for our dual market. The EU rules do not apply to your purely domestic operations. An Indian SaaS product serving only Indian users is governed by India's DPDP and sector rules, not the AI Act. A UK tool used only by UK customers answers to UK law. The AI Act enters the picture specifically when you sell into, or serve users in, the EU. So the practical question for an Indian or UK builder is not "do I have to comply with the EU AI Act?" in the abstract — it is "does any slice of my traffic, my customers, or my outputs touch the EU?" If yes, that slice is in scope, and you run the EU playbook alongside your home one.

Every article here is written for builders shipping into regulated markets

AI Tech Connect lists AI engineers, founders and researchers across India and the UK — and the people hiring browse it to find them. Adding your profile is free.

Browse Builders →

How it sits next to India's DPDP and the UK's approach

If you operate across India, the UK and the EU, you are reconciling three quite different regulatory philosophies, and it helps to hold them apart clearly.

India has no standalone AI Act. AI is regulated through the Digital Personal Data Protection Act, whose obligations are being phased in through May 2027, together with sector-specific rules from bodies such as the RBI and SEBI. India's February 2026 deepfakes framework is an early global precedent for synthetic-media governance and is worth studying precisely because it foreshadows where labelling expectations are heading. The thrust is data protection and content authenticity rather than a risk-tiered system regime.

The UK has deliberately not legislated. No dedicated AI bill materialised in 2025, and one in 2026 currently seems unlikely. Instead the UK is leaning on innovation levers — AI Growth Zones and AI Growth Labs that function as regulatory sandboxes — and on existing regulators applying their own remits. For a UK builder, this means lighter domestic touch but no exemption from the EU regime the moment you serve EU users.

The EU is the outlier: a horizontal, risk-tiered, prescriptive regime with hard deadlines and meaningful penalties. For most builders the EU is therefore the binding constraint when you go cross-border, because it is the strictest of the three. The pragmatic engineering answer is to design to the EU standard for any feature that might serve EU users, and treat India's DPDP and the UK's lighter rules as the floor your domestic product already clears.

From a verified Builder

"We almost split our product into an EU edition and a rest-of-world edition. In the end it was cheaper to build the transparency and labelling layer once, to the EU bar, and ship it everywhere. The DPDP and UK requirements were a subset of what we had already done for the EU."

— Anjali, Verified Builder · Bengaluru, IN

What to do now, and by each deadline

Here is the planning sequence we would run, ordered by the revised calendar. None of this is legal advice — confirm the final text once it is formally adopted — but it is the work that is cheap to start and expensive to leave late.

Now (before formal adoption)

Map your EU exposure. Write down which products, endpoints and outputs reach EU users. This single inventory decides what is in scope and is the document every later step references.
Classify each system. Tag each as minimal-risk, transparency-only, or potentially high-risk (biometrics, employment screening, education, critical infrastructure, and the rest of the listed domains). The classification drives which deadline applies to you.
Stand up a disclosure layer. Add the user-facing "you are interacting with AI" notice and wire in synthetic-content marking. This is the work that the August and December 2026 dates require, and it is mostly product and UI effort.

By August 2026 — transparency rules take effect

Ship AI-interaction disclosure anywhere an EU user might converse with your system.
Turn on AI-generated-content labelling for outputs visible to EU users, even ahead of the synthetic-media grace deadline.
Document it. Keep a short record of what you disclose and where — it is the evidence trail if anyone asks.

By 2 December 2026 — synthetic-content grace period ends

Finalise machine-readable marking of AI-generated and manipulated media so it is detectable downstream.
Confirm coverage across every surface — image, audio, video and text generation paths all need the labelling.

By 2 December 2027 — high-risk rules apply

Only if you operate a high-risk system: build the conformity work — risk management, data governance, technical documentation, human oversight and post-market monitoring. This is the heavy lift the postponement gives you breathing room for.
Use the extra year deliberately. The 2027 date is not free time; it is the runway to do the expensive work properly rather than in a panic.

The bottom line for builders

The omnibus is good news in shape: it postpones the most demanding obligations and simplifies the administrative load, which is a genuine reprieve for any team operating a high-risk system. But it is not yet law, and the transparency and labelling work it leaves on the near calendar is unchanged and arrives first. For Indian and UK builders the discipline is the same as ever — figure out exactly where you touch the EU, build to the EU bar on those surfaces, and treat your DPDP and UK obligations as the floor underneath. Start the cheap disclosure work now; spend the postponement on the expensive high-risk work, not on waiting.

The European Commission's AI Act materials are at digital-strategy.ec.europa.eu. India's DPDP Act text is at meity.gov.in.

The EU AI Act omnibus: what May 2026's simplification changes for builders shipping into the EU