European Parliament committees voted 101-9 on March 23, 2026 to postpone key AI Act compliance deadlines for high-risk systems. The original August 2026 deadline now shifts to December 2027 for most systems and August 2028 for specific categories.
What
changed
The AI Act, which entered into force in August 2024, set ambitious timelines for companies deploying high-risk AI systems — those used in critical infrastructure, employment decisions, law enforcement, and biometric identification. Under the original schedule, providers had 24 months to comply, meaning an August 2026 deadline.
The committee vote extends this to December 2027 for general high-risk systems and August 2028 for certain categories. The 101-9 margin suggests broad cross-party support for the delay.
No official Commission statement has been published yet, but the vote reflects industry pressure around implementation complexity. The Act requires conformity assessments, risk management systems, data governance protocols, and transparency documentation — processes that many mid-sized AI providers argued were unrealistic within 24 months.
Who
this affects
Companies operating AI systems classified as high-risk under Annex III of the AI Act now have 18 additional months. This includes:
- HR tech platforms using CV screening or interview analysis
- Credit scoring and loan approval algorithms
- Biometric identification systems (except real-time remote biometric identification, which remains banned in public spaces)
- Critical infrastructure management tools
Founders building in these categories gain time to implement technical documentation, establish human oversight mechanisms, and undergo third-party conformity assessments. For bootstrapped startups, this delay may mean the difference between compliance and market exit.
[Compare regulatory timelines across jurisdictions →](/calculator?destination=EU)
Counter-narrative:
delay or structural problem?
The vote margin (101-9) suggests little opposition, but the delay raises a question: if 24 months was insufficient, will 42 months be enough?
The AI Act's compliance burden is not just a matter of time. It requires legal expertise, technical audits, and ongoing monitoring infrastructure. Smaller companies without dedicated compliance teams may still struggle, even with the extension.
Some industry observers argue the delay reflects a deeper issue: the Act's risk classification system may be too broad. A CV screening tool used by a 10-person startup faces the same conformity assessment requirements as a biometric border control system deployed by a national government.
Whether the extension leads to smoother implementation or simply postpones the same bottleneck remains to be seen. The Commission has not announced plans to revise the risk classification framework.
What
happens next
The committee vote is not final law. It must pass a full Parliament vote, then be approved by the Council of the EU. If both bodies agree, the amended deadlines become binding.
Companies should not assume automatic approval. The Commission could propose alternative timelines or conditions. Until the amendment is published in the Official Journal, the original August 2026 deadline technically remains in force.
For now, the vote signals political willingness to accommodate industry concerns. Whether that translates into workable regulation depends on how the next 18 months are used.
[Check your AI system's risk classification →](/calculator?destination=EU)