The August 2, 2026 compliance deadline for high-risk AI systems under the EU AI Act is 37 days away, and every board treating the proposed 16-month extension as settled law has made a governance error it cannot correct in a month.

On May 7, 2026, negotiators from the Council of the European Union, the European Parliament, and the European Commission reached a provisional agreement under the Digital Omnibus to defer Annex III high-risk AI obligations to December 2027. That provisional agreement has not been ratified. August 2, 2026 remains the legally binding deadline today. Boards of companies operating in EU markets, or US-listed companies with EU exposure, that have been deferring compliance preparation are not managing risk. They are assuming a political outcome that has not yet occurred.

The stakes are specific. Annex III covers AI used in employment decisions, credit scoring, education, and critical infrastructure. These are systems most enterprises already operate. Non-compliance penalties under the Act reach three percent of global annual turnover. More immediately: the fiduciary duty of oversight does not wait for a penalty to attach. A board that documented the proposed extension as justification for inaction now faces the harder question of what it will show a derivative plaintiff if enforcement arrives before ratification.

The question a board chair should be asking this morning is whether the company’s AI governance documentation reflects the law as it stands today or the deferral as they hope it will be. That is not a legal question. It is a governance character question. A board that owns its oversight only while a regulator gives it room to wait has never owned the standard.

The governance architecture this obligation requires was developed in the Ethics as an Advantage Executive Leadership Playbook.