Announcement4-week governed pilot: move one real workflow into controlled production
KLA Digital Logo
KLA Digital
EU AI Act
Last updated: Jun 2, 2026 · 6 min

EU AI Act timeline + key dates

Key dates in plain language, plus what to operationalize at each phase (controls + evidence). Note: the proposed Digital Omnibus would defer the Annex III high-risk obligations and the FRIA requirement from 2 August 2026 to 2 December 2027 (provisional, not yet enacted as of June 2026).

Return to the EU AI Act HubRun the checker

Orientation only. Not legal advice.

Who this matters for

Anyone planning EU AI Act readiness and budgeting implementation work.

What you'll leave with

A phased "what to do now" plan mapped to milestones and evidence artifacts.

Key milestones (orientation)

  • 12 Jul 2024: Published in the Official Journal. Start of the countdown. Use this date to sanity-check phased applicability timelines.
  • 1 Aug 2024: Entered into force. The regulation is in force, with many obligations phasing in later.
  • 2 Feb 2025: Prohibited practices apply (Article 5). High-risk or not, banned use cases should be removed or redesigned.
  • 2 Aug 2025: General-purpose AI (GPAI) obligations begin. Provider-side duties start phasing in for GPAI models and systemic-risk models.
  • 2 Aug 2026: Most obligations apply under the current text. The proposed Digital Omnibus would defer the Annex III high-risk obligations and the FRIA requirement to 2 December 2027 (provisional). High-level operational programs should be live, not "in planning".
  • 2 Aug 2027: Some high-risk rules fully apply. Later-stage requirements and category-specific obligations phase in.

What to do now (fast)

  • Inventory AI systems + owners; classify by intended purpose and deployment region.
  • Remove "stop-ship" prohibited patterns and document remediation decisions.
  • Stand up an evidence trail: versioning, change control, and audit logs that answer "what ran when".
  • If high-risk is likely: start Annex IV technical documentation and QMS processes early.
  • Agree an internal cadence (monthly) for monitoring + update evidence packages.

Evidence artifacts to keep

  • Classification memo (assumptions + rationale)
  • Risk register and mitigation verification
  • Technical documentation package (Annex IV-aligned for high-risk)
  • Human oversight intervention records
  • Logging/export samples and retention policy

Next step: artifacts

Compliance work gets funded when the output is forwardable. Use the starter templates to convert obligations into controls and evidence.

Download templates Annex IV template pack
Govern - Assure - Prove

Need a defensible evidence path?

KLA Digital turns obligations into controls, controls into assurance, and assurance into exportable evidence.

Run the checker Request a pilot