Timeline · Key Dates

EU AI Act Timeline — Key Dates for US Organizations

until EU AI Act high-risk obligations take effect

Every compliance date US organizations need on their calendar, from the obligations already in force to the 2027 extended deadlines.

The phased implementation schedule

The EU AI Act entered into force on August 1, 2024, but its obligations apply on a staggered timeline. This phased approach was designed to give organizations time to prepare — but for US companies that are just discovering they are in scope, the timeline is already compressed.

Already in force

February 2, 2025 — Prohibited practices and AI literacy. Article 5 prohibitions are enforceable: social scoring, manipulative AI, emotion recognition in workplaces and schools, real-time biometric identification in public spaces (with narrow law enforcement exceptions). Article 4 AI literacy obligations are active for all providers and deployers. Penalties for prohibited practices violations are up to €35M or 7% of global turnover.

August 2, 2025 — GPAI and governance. Chapter V obligations for general-purpose AI models: technical documentation, copyright compliance, training data summaries. Governance structures (Chapter VII), confidentiality rules, and sanctions provisions became applicable. National competent authorities were designated by this date.

Upcoming deadlines

August 2, 2026 — High-risk systems under Annex III. This is the critical deadline for most US organizations. High-risk AI systems used in employment, finance, education, healthcare, law enforcement, and other Annex III sectors must achieve full compliance: conformity assessments completed, technical documentation finalized, risk management systems operational, human oversight mechanisms in place, EU database registration filed. Member States must have at least one operational AI regulatory sandbox by this date.

August 2, 2027 — Annex I product safety and legacy GPAI. High-risk AI systems embedded in regulated products (medical devices, machinery, vehicles) under Annex I must comply. GPAI models placed on the market before August 2, 2025 have until this date to achieve full compliance.

December 31, 2030 — Large-scale IT systems. AI components of large-scale IT systems listed in Annex X that were placed on the market or put into service before August 2, 2027 must be brought into compliance.

Enforcement timeline

National market surveillance authorities began active supervision from August 2, 2025 for GPAI and prohibited practices, and will expand to full enforcement of all provisions from August 2, 2026. The European Commission will evaluate the AI Office's functioning by August 2028 and review the Act's impact and effectiveness every four years starting August 2029.

What this means for US organizations

The August 2, 2026 deadline is the most operationally significant for most US companies. A typical high-risk compliance program requires 4 to 6 months from initiation to completion. Organizations starting now still have sufficient time. Those waiting until summer 2026 will likely face incomplete compliance at deadline.

Related reading

Article 2 Scope · EU AI Act Fines · Database Registration

Assess your exposure

Take our free 5-minute assessment to determine how these obligations apply to your organization.

Start the assessment

This article provides general information about AI regulation. It does not constitute legal advice. Lexara Advisory LLC is an AI governance consulting firm, not a law firm. Published April 2026. About the author.

LA

Lexara Assistant

AI compliance guidance

AI assistant — not a lawyer, not legal advice
We use cookies to analyze site traffic. No tracking without consent. Privacy Policy

Cookie Preferences

Strictly Necessary

Required.

Analytics

Google Analytics.