The EU AI Act becomes fully applicable on August 2, 2026.

That's nine weeks from today. For US companies serving European customers, that's the runway to compliance. Most aren't going to make it.

Quick refresher. The AI Act is the world's first comprehensive AI law. It classifies AI systems by risk tier. Unacceptable risk (social scoring, predictive policing on individuals) is banned outright. High risk (employment, education, credit, healthcare AI) faces strict obligations: data governance, human oversight, transparency, audit logs. General purpose AI models (GPT, Gemini, Claude, Llama and equivalents in Europe) have their own bucket with documentation and risk-assessment duties.

What changed recently. On May 7, the European Parliament, Council, and Commission reached agreement on the AI omnibus simplification package. The deadline for establishing AI regulatory sandboxes got pushed to August 2027. The grace period for transparency labeling of AI-generated content got cut from six months to three. New deadline for that: December 2, 2026.

For US companies, the immediate question isn't whether the EU has authority over them. It does, the same way GDPR did. If you process EU users' data through AI, the Act applies. Even if your servers, HQ, and engineers are all in California.

Penalties scale fast. Up to 15 million euros or 3 percent of global annual turnover for breaches of high-risk obligations, whichever is higher. For a company like Microsoft or Google, 3 percent of revenue is north of 9 billion dollars. Enforcement won't move fast at first, but data-collection and audit rights start day one.

The structural read here. We're entering a regulatory environment where AI compliance is a recurring cost, not a one-time setup. Companies that built audit logging and provenance tracking from the start are months ahead. Companies that treated it as an afterthought are now negotiating with consultants about emergency rollouts.

For the market this matters two ways. First, big tech absorbs the cost easily, smaller players get squeezed. That's structural moat-building disguised as regulation. Second, EU exposure becomes a balance sheet line item. Watch for AI compliance disclosures starting in next quarter's 10-Qs.

The August deadline isn't moving. The agreement on simplification was the political compromise to keep it on track, not a delay. Nine weeks. Get ready.