EU AI Act Deadlines: Every Date Your Business Needs to Know

A Phased Rollout

The EU AI Act does not hit all at once. Instead, it follows a phased enforcement timeline stretching from 2024 to 2027. Each phase brings new obligations, and the deadlines are non-negotiable.

Here is every date your business needs on its calendar.

The Complete Timeline

August 1, 2024 — Entry into Force

The regulation officially became binding EU law after publication in the Official Journal. While no direct obligations kicked in, the clock started ticking on all grace periods.

February 2, 2025 — Prohibited Practices and AI Literacy (ALREADY IN EFFECT)

This deadline has already passed. Two critical obligations took effect:

• Prohibited AI practices (Article 5) — All banned AI uses are now illegal. Social scoring, manipulative AI, and untargeted biometric scraping are prohibited.

• AI literacy (Article 4) — Every organization deploying or using AI must ensure that staff have sufficient AI literacy. This is proportionate to the role — a developer needs deeper knowledge than a salesperson, but everyone needs the basics.

If you have not addressed AI literacy training, you are already non-compliant.

August 2, 2025 — General-Purpose AI (GPAI) Rules

Obligations for providers of general-purpose AI models (like GPT, Claude, Gemini) take effect:

• Providers must publish training data summaries
• Copyright compliance documentation required
• Systemic-risk GPAI models need adversarial testing
• National competent authorities must be designated by member states

For most SMBs: This phase primarily affects AI model providers, not users. However, if you build products on top of GPAI models, pay attention to the transparency requirements.

August 2, 2026 — Full Enforcement of High-Risk AI

This is the biggest deadline for most businesses. The majority of the EU AI Act takes effect:

• High-risk AI systems must have risk management systems (Article 9)
• Data governance and quality requirements (Article 10)
• Technical documentation for all high-risk systems (Article 11)
• Record-keeping and logging (Article 12)
• Transparency and user information obligations (Article 13)
• Human oversight mechanisms (Article 14)
• Accuracy, robustness, and cybersecurity standards (Article 15)
• Conformity assessments before market placement (Article 43)
• EU database registration for high-risk systems (Article 49)
• Limited-risk AI transparency obligations (Article 50)

This is less than six months away. If you have not started preparing, time is running short.

August 2, 2027 — Existing Regulated Products

The final phase covers AI systems already on the market that are embedded in regulated products (Annex I):

• Medical devices with AI components
• Machinery with AI safety systems
• Aviation and automotive AI systems
• Other regulated products with embedded AI

The full penalty regime applies without exception after this date.

What This Means for Your Business

The most urgent action items depend on where you are today:

If you have done nothing:

• Address AI literacy immediately (Article 4 is overdue)
• Inventory all AI tools in your organization
• Begin risk classification

If you have started:

• Focus on high-risk system documentation
• Implement human oversight processes
• Prepare for conformity assessments before August 2026

If you are well along:

• Review gap analysis for completeness
• Test your documentation against regulatory requirements
• Consider third-party audit preparation

Stay on Track

Our interactive timeline visualizes every deadline with detailed obligation breakdowns. For a personal assessment of your readiness, take our free compliance check — it takes less than 2 minutes.