The European Union's Artificial Intelligence Act (AI Act https://eur-lex.europa.eu/eli/reg/2024/1689/oj), widely regarded as the world's first comprehensive legal framework governing artificial intelligence, represents a landmark step in regulating AI technologies based on their level of risk. Although the Regulation entered into force only recently and many of its obligations have yet to become fully applicable, the European Commission has already proposed targeted amendments through the Digital Omnibus package(https://eur-lex.europa.eu/legal-content/EN/TXT/?ur).

At first glance, it may seem surprising that the AI Act is being revised before its full implementation. However, these proposals do not seek to change the Regulation's core objectives. Instead, they reflect a broader shift in the EU's regulatory approach: one that aims to simplify compliance, reduce administrative burdens, and strengthen Europe's competitiveness in the rapidly evolving AI market.

Why is the AI Act being amended?

Over the past five years, the European Union has adopted an ambitious digital regulatory framework, including the General Data Protection Regulation (GDPR), the Digital Services Act (DSA), the Digital Markets Act (DMA), the Data Act, the Cyber Resilience Act, and the AI Act. While these initiatives have established the EU as a global leader in digital regulation, they have also created a complex compliance environment for businesses operating across multiple regulatory regimes.

Recognising these challenges, the European Commission launched the Digital Omnibus initiative, which seeks to simplify existing legislation without compromising its underlying policy objectives. The initiative is closely linked to the EU's broader competitiveness agenda and reflects growing concern that excessive regulatory complexity may discourage innovation, particularly for startups and small and medium-sized enterprises (SMEs).

What changes are being proposed?

The proposed amendments do not alter the AI Act's risk-based framework or weaken its safeguards for fundamental rights. Instead, they focus on improving the practical implementation of the Regulation.

One of the most significant proposals concerns the implementation timeline. The Commission recognises that many organisations are still waiting for harmonised technical standards and practical guidance before they can fully comply with the Regulation. As a result, certain obligations, particularly those relating to high-risk AI systems, may be postponed to provide businesses with additional time to prepare.

Another important element is the simplification of compliance obligations for SMEs and small mid-cap companies. The proposal aims to reduce unnecessary administrative requirements, streamline technical documentation, and make conformity assessment procedures more proportionate to the size and resources of the organisation.

The Commission also proposes clarifying several procedural obligations, including post-market monitoring and registration requirements, in order to reduce duplication and improve legal certainty. In parallel, greater emphasis is placed on regulatory sandboxes and testing environments, enabling developers to innovate under the supervision of competent authorities before placing AI systems on the market.

Finally, the proposal strengthens the coordinating role of the European AI Office (https://digital-strategy.ec.europa.eu/en/policies/), which is expected to contribute to more consistent implementation of the AI Act across Member States.

What does this mean for businesses?

For companies developing or deploying AI systems, the proposed amendments may provide welcome regulatory relief. Additional implementation time, simplified documentation, and more accessible compliance mechanisms could significantly reduce costs, especially for smaller organisations that often face limited financial and legal resources.

Nevertheless, businesses should not interpret these proposals as a relaxation of the AI Act's substantive requirements. Providers and deployers of high-risk AI systems will continue to be subject to comprehensive obligations relating to risk management, data governance, transparency, human oversight, accuracy, robustness, and cybersecurity. The fundamental objectives of protecting individuals' rights and ensuring trustworthy AI remain unchanged.

Looking ahead

The proposed amendments are currently progressing through the EU legislative process and have not yet been formally adopted. The Council has already expressed support for targeted simplification measures, while discussions with the European Parliament are expected to determine the final scope of the reforms.

Although the final legislative outcome remains uncertain, the direction of travel is becoming increasingly clear. The European Union is seeking to preserve the AI Act's ambition to establish a trustworthy framework for artificial intelligence while ensuring that compliance obligations remain practical, proportionate, and supportive of innovation.

For organisations preparing for AI Act compliance, the message is equally clear: continue implementing compliance programmes, monitor legislative developments closely, and be prepared to adapt as the simplification package evolves. The coming months will be crucial in shaping how the AI Act is applied in practice and whether the EU succeeds in balancing effective regulation with technological competitiveness.