Update on AI Regulation: What companies need to know now

With the so‑called “Digital AI Omnibus”, the EU Commission aims to simplify central provisions of the AI Act. Planned changes include:

• More flexible deadlines for high‑risk AI systems
• Relief for SMEs and mid‑sized companies (e.g., regarding documentation and quality management)
• Facilitated use of sensitive data to detect discrimination in AI systems

These changes are designed to give companies more time and flexibility—without compromising the Act’s protective goals. At the same time, new opportunities are emerging, such as voluntary “real‑world testing” agreements that allow AI systems to be tested under real‑life conditions.

What is still being debated?

While industry associations largely welcome the planned relief, other organizations warn about lowering safety standards and fragmenting central AI regulations into sector‑specific laws. Data protection authorities are also calling for improvements, particularly regarding the use of sensitive data. The political debate is ongoing—with the aim of creating clarity by summer 2026 at the latest.

What does this mean for you?

Regardless of the planned adjustments, now is the right time for companies that develop or deploy AI to prepare strategically:

• Assess whether your AI applications fall under the AI Act’s high‑risk categories
• Plan early how you will meet transparency, documentation, and safety requirements
• Use the transition period to strengthen your AI governance—for example, through risk assessments, data protection concepts, and technical safeguards

We don’t see AI as a compliance hurdle but as an opportunity. As your partner for IT security, we help you design AI solutions that are not only legally compliant, but also secure, trustworthy, and economically successful. Get in touch with us—together we’ll get your AI ready for the future!