If you ship an AI agent or a RAG app that touches anyone in the EU, August 2, 2026 is the date that should be circled on your calendar. That’s roughly six weeks out as I write this, and it’s when the rest of the EU AI Act switches from “written down” to “enforceable, with fines.”
Most of the coverage you’ll find is written by law firms for other lawyers. Dense, hedged, 3,000 words before they tell you whether you actually have to do anything. I’d rather just answer the question most builders are actually asking: am I on the hook, and for what?
Quick disclaimer before we go further — I’m a practitioner who reads this stuff closely, not your lawyer. If you’re making a bet-the-company call, get real legal advice. But you can do a lot of the triage yourself, and that’s what this post is for.
What actually flips on August 2, 2026
Here’s the thing people get wrong: the AI Act didn’t all land at once. It’s been switching on in stages since 2024.
The prohibited-practices ban (social scoring, certain biometric stuff) went live February 2025. The obligations on general-purpose AI model providers — the OpenAIs, Anthropics, Googles of the world — kicked in August 2, 2025. So the foundation-model makers have technically been under the rules for almost a year already.
What changes on August 2, 2026 is two-fold. First, the remainder of the Act starts to apply — most of the chapters that were sitting dormant. Second, and this is the part that matters for budgets, the EU gets its actual enforcement teeth for GPAI. The Commission’s power to investigate and fine general-purpose model providers directly, under Article 101, applies from this date. Before August 2026 the rules existed but the EU-level fining machinery wasn’t switched on. Now it is.
Member states are also supposed to have their penalty regimes and at least one national “regulatory sandbox” operational by this point. Translation: the people who can fine you are now staffed and funded.
The one distinction that decides your whole compliance load: deployer or provider
Almost everything hinges on which bucket you’re in. Get this right and most of the rest falls into place.
A provider is whoever develops a GPAI model and puts it on the EU market — via API, by publishing weights, or by baking it into a product. The model makers are providers. So is anyone who substantially modifies someone else’s model.
A deployer is whoever uses an AI system under their own authority. If you’re calling GPT-5.6 or Claude through an API and wrapping it in your own app, building a RAG pipeline on top of a foundation model, or standing up an agent that uses tools — you are, in the overwhelming majority of cases, a deployer. Not a provider.
That matters enormously, because the heavy model-level obligations — training-data summaries, copyright policies, technical documentation written to the AI Office’s spec, systemic-risk testing — those sit on the provider. As a deployer building on top of GPT or Claude or Gemini, you mostly don’t inherit them. The provider already did that homework, and part of their obligation is handing you the documentation you need.
So the first move isn’t to panic-buy compliance software. It’s to figure out, honestly, whether anything you’re doing reclassifies you as a provider.
When a deployer accidentally becomes a provider
This is the trap. You can cross the line without meaning to.
The clearest rule on the books: if you fine-tune or modify a third-party model and the training compute you used exceeds one-third of the compute used to train the original, you become the provider of a new GPAI model — with all the provider obligations that brings. For 99% of teams doing light fine-tuning or LoRA adapters, you’re nowhere near that threshold. You’re fine.
But there’s a subtler version. If you rebrand a model as your own, or you modify a model that already carries systemic-risk status (the really big frontier models), you can pick up obligations you didn’t expect — including, in the systemic-risk case, notifying the Commission directly. Most startups will never touch this. If you’re a company doing serious continued pretraining on a frontier base model, though, talk to counsel before you ship.
For everyone else building agents and apps on hosted APIs: you’re a deployer. Breathe.
What deployers actually have to do
So you’ve established you’re a deployer. The load is lighter, but it’s not zero — and it scales with how risky your use case is.
If your agent does something the Act classifies as high-risk — screening job candidates, scoring creditworthiness, anything in education assessment, biometric categorization, law-enforcement-adjacent work — you carry real deployer obligations. Human oversight that’s genuine and not a rubber stamp. Monitoring the system in production. Keeping the automatically generated logs. Telling affected people when a high-risk system is being used on them. Making sure you actually operate the thing the way the provider’s instructions say.
Here’s a piece of good news on timing, though. The high-risk obligations for standalone Annex III systems — recruitment, credit scoring, education, and friends — got pushed back. Under the Digital Omnibus deal that EU lawmakers reached provisional agreement on in May 2026, those move to December 2, 2027. AI embedded in regulated products under Annex I slides further, to August 2, 2028. So if your agent is high-risk in that standalone sense, the binding date for the heaviest stuff is now late 2027, not this August.
What did not get delayed: the GPAI rules and enforcement powers landing August 2026, and the transparency obligations.
And transparency is the part that catches a lot of otherwise-low-risk apps. If your system interacts with people, they generally need to know they’re dealing with AI and not a human. If you generate or manipulate images, audio, or video — deepfake-style synthetic media — that output needs to be marked as artificially generated. Chatbots and content-generation agents land here even when they’re nowhere near “high-risk.” It’s a lighter lift than full high-risk compliance, but it’s real, and it applies broadly.
One more wrinkle worth knowing: the Omnibus also folded a new Article 5 prohibition into the Act — AI tools built to generate non-consensual intimate imagery and CSAM. That’s a hard ban, not a documentation exercise.
The fines, since that’s what people really want to know
The penalty structure has three tiers, and they’re calculated as “this fixed amount or this percentage of global turnover, whichever is higher” — which is the EU’s way of making sure the number actually stings a large company.
- Prohibited practices (the Article 5 bans): up to €35 million or 7% of total worldwide annual turnover.
- Most other violations — including breaches of the high-risk obligations that fall on deployers and providers: up to €15 million or 3%.
- Supplying incorrect, incomplete, or misleading information to authorities: up to €7.5 million or 1%.
For GPAI model providers specifically, the EU-level fines under Article 101 are capped at 3% of global annual turnover or €15 million, whichever is higher — and that’s the power that switches on this August.
There’s some proportionality baked in for smaller companies — SMEs and startups face caps oriented to the lower of the amounts rather than the higher, and authorities are told to weigh company size. So a two-person startup isn’t staring down €35M in practice. But “we’re small” is a mitigation, not an exemption.
Who’s actually out of scope
Not everyone needs to care, and it’s worth ruling yourself out if you can.
Purely personal, non-professional use is out. Models and systems used solely for scientific research and development are out. Free and open-source GPAI models get a partial carve-out from some provider obligations — though notably not from the copyright and training-summary requirements, and not if the model hits systemic-risk scale.
And if your AI never touches the EU market or EU users at all, the Act doesn’t reach you. The catch is the Act’s reach is based on whether the output is used in the EU, not where your servers sit. A US company whose agent produces results consumed by someone in Germany is in scope. Geofencing your servers doesn’t get you out; geofencing your users might.
A pre-deadline checklist for small teams
If you’ve got six weeks and no compliance department, here’s where I’d spend the time, roughly in order.
1. Write down your role for each AI feature. Provider or deployer? For most of you it’s deployer across the board — but document why, because that reasoning is your first line of defense. Note your fine-tuning compute if you fine-tune anything, so you can show you’re under the one-third threshold.
2. Map each system to a risk tier. Prohibited (stop now), high-risk, limited (transparency only), or minimal. Be honest about whether anything you do touches hiring, credit, education, or biometrics — that’s the line between “transparency notice” and “real obligations.”
3. Turn on transparency. Make sure users know they’re talking to AI. Mark synthetic media as generated. This is the cheapest box to check and the one most likely to apply to you.
4. Collect your providers’ documentation. Whoever’s model you build on owes you compliance information. Get it on file now — OpenAI, Anthropic, Google, and the rest publish this. If you ever face a question, “here’s what our model provider attests” is a much better answer than a shrug.
5. Keep logs. If anything you run is high-risk, retained logs are mandatory. Even if it isn’t, log retention is cheap insurance and you probably want it for debugging anyway.
6. Set up human oversight that’s real. Not a checkbox that says “a human can intervene.” An actual person with the authority and the tooling to stop or override the agent, and a defined moment where they do.
The honest read on all this: if you’re a small team building agents on hosted APIs for ordinary business use cases, August 2026 is far less scary than the headlines suggest. The crushing obligations live with the model providers, and the heavy deployer stuff for high-risk use got punted to late 2027. Your real homework is transparency, knowing your role, and keeping a paper trail.
The teams that should be sweating are the ones doing high-risk things — automated hiring, lending decisions — and assuming the 2027 delay means they can ignore it. December 2027 isn’t a snooze button; building genuine human oversight and documentation into a live product takes months, not weeks.
If you only do one thing this week, do step one: write down, for each feature you ship, whether you’re a deployer or a provider and why. Everything else gets easier once that’s on paper.
Sources: European Commission — AI Act, EU AI Act Implementation Timeline, Commission Guidelines for GPAI providers, Gibson Dunn — Omnibus postponed high-risk deadlines, Hogan Lovells — delay for high-risk AI rules. Deadlines and Digital Omnibus details current as of June 2026 and subject to formal adoption — confirm against the Official Journal text before relying on them.