Back to AI News

The EU AI Act Delay Is Not a Reprieve. It Is a Signal.

The EU AI Act high-risk deadline just got pushed back by 16 months. The EU Council agreed under Omnibus VII to delay requirements from August 2026 to December 2027 for standalone systems - and August 2028 for embedded ones. The consensus reaction? Relief. Breathing room. More time to get ready. I think that reaction tells you more about the problem than the delay itself.

The wrong kind of comfort

The relief makes sense on the surface. Harmonised standards from CEN-CENELEC were unlikely before late 2026 anyway, and 48 EU trade associations had warned of "double or triple layers of regulation." So the delay looks pragmatic. But here's what I think people aren't seeing - the organisations celebrating loudest are the ones who were never going to be ready. Not because the timeline was too tight, but because their entire approach was wrong.

They were waiting for a rulebook so they could tick the boxes. That is not governance. That is admin. And admin done under pressure, at the last minute, without strategic intent, produces exactly the kind of hollow compliance that regulators then have to tighten further. It is a cycle that serves nobody.

The strategic opportunity

The organisations that will benefit most from this delay are the ones who were already building governance foundations - not because a deadline told them to, but because they understood that responsible AI use is a leadership challenge, not a legal one.

Trustmarque's AI Governance Index found that 93% of UK organisations now use AI, but only 7% have fully embedded governance frameworks. That gap is staggering. And DSIT's 2026 research shows 30% of staff in AI-adopting businesses are already using these tools daily. The technology is running ahead of the structures meant to govern it.

What that means is this: the delay does not reduce the urgency. It changes what "urgency" should mean. Instead of rushing to meet a compliance checklist, leaders now have the headspace to ask better questions. What are our principles for AI use? Where are the risks in how our people actually use these tools? What does good governance look like for us - not just for the regulation?

How should UK businesses prepare for AI regulation?

The smartest preparation is not compliance - it is governance. UK businesses are not directly subject to the EU AI Act, but any organisation selling into EU markets or using EU-regulated systems will feel its effects. The delay gives UK leaders time to build AI governance that reflects their own values and risk appetite, rather than copying a European checklist under pressure. Start with how your people actually use AI today, not with the regulation's categories.

What this changes for you

If you have been waiting for the final rules before acting, this delay is not your friend. It is another 16 months of AI adoption happening without guardrails. The AI Leaders Fellowship exists precisely for this moment - building the strategic foundations that make compliance a byproduct, not a panic.

Three things worth doing now. First, audit how AI is actually being used across your organisation - not the approved tools, the real ones. Second, establish principles for AI use that come from your leadership team, not your legal department. Third, start treating AI governance as a board-level and CEO-level conversation, not an IT project.

The bigger picture

I could be wrong about this. Maybe the delay really is just a pragmatic timeline adjustment and the checkbox approach will work fine when the standards finally land. But if the last two years of AI adoption have taught us anything, it is that the technology moves faster than the regulation. The organisations that thrive will be the ones who built their own compass rather than waiting for someone else's map.

That is not a compliance insight. It is a leadership one. And leadership, in this context, means creating the headspace to think strategically about AI governance rather than reacting to the next deadline.