The AI Act set to be amended again even before many of its provisions have come into effect. We explain what the planned reform of the AI Act entails, the potential implications for businesses, and why companies should be cautious about relying on newly suggested timelines.
Omnibus IV – the initiative for competitiveness in the digital sector
The Omnibus IV package is part of a series of amendments proposed by the European Commission to reduce bureaucracy. The aim is to ease the burden on small and medium-sized enterprises in particular.
In addition to the reform of the General Data Protection Regulation, the European Commission also wants to amend the AI Act.
Note: The Commission´s draft amendment of 19 November 2025 still has to go through the European Union´s legislative process and may significantly amended in the course of this process.
Why should the AI Act be amended?
Firstly, it is unusual that the amendment to the AI Act is to take place before almost all existing provisions have become applicable. The initiative to amend the AI Act is therefore being taken without individual issues having been clarified in court and without any practical experience in implementing the provisions or coordinating with the supervisory authorities.
The Commission, together with various Member States, is convinced that economic competitiveness in the field of AI can only be achieved if the regulatory handbrake (in the form of the AI Act) is applied later – and that this competitiveness is still within reach.
Most provisions of the AI Act are not intended to be amended; rather, their applicability is simply being postponed. The assumption is that, during the additional one and a half years without regulation, companies will emerge or grow that can compete with the investment-heavy (U.S.) tech giants and will then be able to meet the compliance requirements without economic disadvantages. In addition, smaller companies are not supposed to have their growth hindered by compliance obligations at all.
Alongside the easing of certain training requirements, some obligations for high-risk AI systems are also being relaxed. Beyond that, the amendment streamlines many procedures for supervisory authorities and market surveillance and creates new opportunities for AI regulatory sandboxes.
The proposed amendments to the AI Act
The AI Act will see a range of provisions amended and supplemented. On the one hand, this includes an expansion of certain provisions to cover companies belonging to the SME group (micro, small and medium-sized enterprises) and SMCs (small mid-cap enterprises). The aim is to ensure that extensive compliance obligations apply only to large companies, and that the economic development of smaller and now also medium-sized or mid-cap companies (fewer than 750 employees and an annual turnover not exceeding EUR 150 million) is not hindered.
For example, the simplification of technical documentation and the design of quality management systems is planned to be explicitly extended to SMCs. The Commission is expected to issue guidelines for the simplified quality management system.
SMEs and mid-cap companies are also to be taken into account when setting administrative fines. For these companies, fines should no longer be imposed based on whichever amount is higher – between the percentage of annual turnover and the fixed amounts in Art. 99(3)–(5) AI Act (ranging from EUR 7.5 to 35 million) – but instead based on whichever of the two is lower.
On the other hand, the deadlines for the applicability of various provisions are being pushed back by up to one and a half years.
- For high-risk systems under Annex III, the application of the requirements will be postponed from 2 August 2026 to a maximum of 2 December 2027, i.e., by approximately one and a half years.
- For high-risk systems under Annex I, the application of the requirements will be postponed from 2 August 2027 to a maximum of 2 August 2028, i.e., by about one year.
A potential issue regarding the proposed extensions of implementation deadlines is that the deadlines already established and in force under the AI Act may expire while the draft amendment is still going through the EU legislative process. Some of the existing deadlines end on 2 August 2026. From that date onward, the requirements must be complied with unless the reform of the AI Act discussed here is ultimately adopted.
Attention: Relying on extended deadlines entails a certain degree of risk. The Commission has so far not presented any plan for how this risk could be mitigated or avoided.
For high-risk AI systems under Art. 6(1) of the AI Act and Annex I, the reformed Art. 60a and Art. 111 AI Act would apply.
- In particular, Art. 111 AI Act has far-reaching implications. It provides that such systems which are placed on the market and put into service before the date on which the requirements become applicable (2 August 2027 to, at the latest, 2 August 2028) must comply with the requirements of the AI Act only if they undergo a substantial modification after that date. For public authorities using such systems, the long implementation period until 2 August 2030 continues to apply.
- With the new Art. 60a, high-risk AI systems may also be tested outside AI regulatory sandboxes. This is subject to the conditions of a “Real-World Testing Agreement” concluded between the Member States and the Commission.
In addition, providers are no longer required to register when they classify a system listed in Annex III as not being a high-risk AI system. However, under Art. 6(4) of the proposed amendment, this classification must be documented before the service is offered or put into operation.
Providers of AI systems capable of generating artificial audio, image, video, or text content and that were already made available before 2 August 2026 must comply with the labelling obligation for AI-generated content under Art. 50(2) AI Act by 2 February 2027.
Furthermore, the AI Act will no longer contain a direct obligation to ensure AI literacy (Art. 4 AI Act). Instead, the Commission and the Member States are now to “encourage” undertakings to develop such competence through training or continuing education. How such encouragement will be implemented, and to what extent adequate awareness and know-how within companies is expected to be achieved, remains unclear.
The new Art. 4a incorporates, first, the former Art. 10(5) AI Act. This provision constitutes an exception allowing the processing of special categories of personal data or other sensitive data (health data, political opinions, etc.) for the purpose of detecting biases or distortions in AI systems and correcting them in high-risk systems. Secondly, paragraph 2 expands this exception for deployers of such systems where the processing is necessary and proportionate for the prevention of biases.
AI regulatory sandboxes, which enable new AI applications to be tested under real-world conditions already during development, may, under the proposed Art. 57(3a), also be established by the AI Office. In addition, the real-world conditions governing such tests are to be set out in a dedicated document.
Outlook
The planned reform eases several requirements of the AI Act and, in particular, broadens the group of companies that will be permitted to implement these requirements in a less comprehensive manner. However, the amendments primarily aim to give companies additional time to comply with the obligations.
Affected companies should adjust their existing implementation timelines only once the reform is certain. The remaining time should then be used to establish robust AI management systems to ensure reliable compliance.
