Less than two years after the EU’s AI rulebook was adopted, policymakers are already fine-tuning it for smoother implementation. On 7 May 2026, negotiators from the European Parliament and the Council reached a provisional deal under the EU’s “Omnibus VII” legislative package to streamline parts of the Artificial Intelligence Act. The impetus was practical: some key standards and guidance to operationalise the law are still unfinished, and the original compliance timelines – with high-risk AI rules kicking in from 2026 – were widely seen as unworkable.

The Omnibus agreement extends those deadlines, giving companies crucial breathing room. Core obligations for high-risk AI systems will now apply from December 2027 for stand-alone AI and August 2028 for high-risk AI embedded in regulated products. Lawmakers also introduced targeted updates, including a new ban on certain harmful AI uses (notably “nudifier” deepfake tools and AI-generated child sexual abuse material, effective from December 2026). Critically, the Act’s overall risk-based structure remains intact – there’s no overhaul of its core obligations. That suggests the EU is embracing an iterative approach, adjusting its AI framework as needed. For companies and regulators alike, this flexibility means more time to prepare now, but also the likelihood of further tweaks as real-world implementation challenges arise.

The amendments are expected to proceed through formal adoption in the coming months, most likely ahead of the next (current) key implementation milestone under the AI Act in August 2026.

On 8 May 2026, the European Commission published draft guidelines on the transparency obligations for certain AI systems under Article 50 of the AI Act, opening a targeted consultation that ran until 3 June 2026. The text issued by the AI Office interprets transparency duties that reach far beyond high-risk systems to any provider or deployer whose AI interacts with people or generates content. Although non-binding, the guidelines will function as the practical benchmark for national regulators.

The guidelines map obligations across the value chain. Providers of generative systems must mark outputs in a machine-readable, detectable format. Deployers, from advertisers to newsrooms, face the visible duties of labelling deepfakes and AI-generated public interest text, unless genuine human editorial review applies. The text confirms that open-source systems are not exempt and that mere distribution stays outside the regime.

The obligations apply from 2 August 2026, with the marking obligation under Article 50(2) subject to a transitional period until 2 December 2026 for legacy, pursuant to the co-legislators' Omnibus agreement of 7 May 2026.  With potential fines of up to EUR 15 million or 3% of global annual turnover, Article 50 is now a near-term compliance priority, not a labelling afterthought.

On 1 May 2026, the US Cybersecurity and Infrastructure Security Agency, together with the US National Security Agency, the Australian Signals Directorate’s Australian Cyber Security Centre and partner agencies from Canada, New Zealand and the United Kingdom, published joint guidance on the “Careful Adoption of Agentic AI Services”. The document is not a statute or binding regulation but may become something equally important in practice: an early operational security baseline for organisations that are beginning to deploy AI agents not merely as chatbots, but as semi-autonomous digital actors with access to tools, data, memory, APIs, software environments and, in some cases, operational systems. The guidance reflects a simple but important shift in the regulatory conversation. Once AI systems can plan, delegate, call tools, trigger workflows and take action without continuous human approval, AI governance is no longer only about model transparency, bias or explainability. It becomes a question of cybersecurity architecture.

The guidance therefore reads less like abstract AI ethics and more like a practical control manual for a new category of digital risk. It focuses on the risks that arise when agents are over-privileged, poorly segmented, insufficiently monitored, connected to untrusted third-party tools or allowed to operate without clear human control points. The recommended mitigations are correspondingly concrete: less privilege, strong identity management for agents, trusted registries, controlled tool access, secure-by-default settings, human-in-the-loop approval for higher-risk actions, phased deployment, red teaming, logging, auditing and continuous monitoring. For lawyers and compliance teams, the significance is clear. Agentic AI turns questions of authority, delegation, accountability and auditability into system design issues. The legal question will increasingly not only be whether an organisation was allowed to use AI, but whether it gave its AI agents too much power, too little supervision and too few technical constraints.

On 8 May 2026, the Cyberspace Administration of China, together with the National Development and Reform Commission and the Ministry of Industry and Information Technology, jointly issued the Implementation Opinions on the Standardized Application and Innovative Development of Intelligent Agents (the “Implementation Opinions”), marking the formal inclusion of “intelligent agents” into a systematic regulatory framework in China. Building on the existing regulatory regime for generative AI, the policy further responds to the emerging risks and governance challenges associated with autonomous decision making and cross-scenario execution by intelligent agents.

The Implementation Opinions establish an overarching regulatory approach that balances development and security. While encouraging technological innovation and industrial growth, the policy places “safety and controllability” at its core, requiring that these principles be embedded throughout the entire lifecycle of intelligent agents, including their research and development, deployment, and application.

From a risk and compliance perspective, the Implementation Opinions introduce a number of requirements with substantive implications. In particular, the delineation of “decision-making authority boundaries” represents a key regulatory development. The policy distinguishes among three categories of decision-making models: decisions made solely by users, decisions made by agents with user authorization, and autonomous decisions made by agents. It makes clear that users must have the right to be informed of, and retain ultimate control over, autonomous decisions. At the same time, the Implementation Opinions significantly strengthen requirements relating to data protection and system security. They emphasise the use of technical measures to ensure personal information protection, access control, attack detection, and behavioural governance, while addressing risks such as data poisoning, privacy breaches, algorithm manipulation, and system failures. With respect to application, the Implementation Opinions promote the deployment of intelligent agents across a range of key industries, including healthcare, financial services, intelligent manufacturing, government services, and public safety.

On 20 May 2026, Singapore's Infocomm Media Development Authority (IMDA), together with GovTech and the Cyber Security Agency (CSA), published an updated version of their Model AI Governance Framework (MGF) for Agentic AI. Based on the additional input of over 60 organisations, the MGF provides organisations with an improved overview of the risks specific to agentic AI as well as best practices to manage them for managing those risks.

The MGF is structured around four governance dimensions:

1. Organisations should assess and bound the risks upfront, by evaluating agent-specific risk factors – such as the scope and reversibility of the agent's actions, or its level of autonomy – and then defining appropriate limits on agent access to tools, systems and data.
2. Organisations should make humans meaningfully accountable, by allocating responsibilities across the agent value chain and ensuring effective human oversight, especially for high-stakes or irreversible decisions.
3. Organisations should implement technical controls across the agent lifecycle, including controls to prevent AI agents from using specific tools, pre-deployment testing, and continuous monitoring.
4. Organisations should enable end-user responsibility, including by informing users of agent capabilities and the contact points to escalate to if the agent malfunctions, and by educating users on the proper oversight of agents.

The MGF presents an interesting comparison with China's Implementation Opinions on the Standardized Application and Innovative Development of Intelligent Agents. Both instruments recognise that agentic AI presents qualitatively new governance challenges, given their capacity for autonomous action-taking. Both instruments are also non-binding: Singapore’s MGF is designed to “provide guidance to organisations on how to deploy agents responsible”, while China’s Implementation Opinions do not have the force of law, but seek to set the standards for the protocols and infrastructure that AI agents will inhabit. One key difference is that China’s strategy proposes sector-specific approaches: the Implementation Opinions propose strong regulation for the use of agentic AI in high-risk sectors, while proposing industry self-regulation for lower-risk sectors. In contrast, Singapore’s MGF is sector-agnostic, drawing lessons and proposing principles across industries.