EU fails to agree on softer AI Act rules

EU member states and the European Parliament failed to agree on softer AI Act rules after 12 hours of talks on April 28.

Reuters reports that negotiations will resume next month. The dispute is part of the EU Digital Omnibus package, which aims to simplify several digital rules, including the AI Act, GDPR, the e-Privacy Directive and the Data Act. The AI Act entered into force in August 2024, while key parts are being phased in from this year.

Fact: Reuters says the talks were blocked in part by demands from some countries and lawmakers that sectors already covered by sector-specific rules, such as product safety regulation, should be exempted from parts of the AI legislation. The AI Act sets stricter obligations for high-risk AI uses such as biometric identification, utilities, healthcare, creditworthiness and law enforcement.

Assessment: This is not a back-office compliance detail. For Norwegian and European executives, the 2026 AI governance plan still needs to assume strict controls, not a guaranteed regulatory easing. The Digital Omnibus may still simplify parts of the regime, but the failed overnight talks show that both timeline and substance remain politically unsettled.

CIOs should avoid two mistakes. The first is to pause governance work while waiting for softer rules. The second is to buy platforms that claim AI Act readiness without proving model-risk controls, data lineage, role ownership, audit logs and human oversight.

For boards, the immediate question is simple: which AI systems could be classified as high-risk, who owns that classification, and what evidence can the company produce if the rules apply? This matters for Norwegian businesses both through the EEA path and through supplier chains into the EU market.

Reuters quotes Dutch lawmaker Kim van Sparrentak saying Big Tech is probably “popping champagne”, while European companies that did the safety work now face regulatory chaos. That is a political quote, but it points to a real leadership issue: serious adopters need stable requirements to invest correctly.

Practical advice: continue building the AI inventory, risk classification, processor controls and procurement requirements now. Use the uncertainty as an argument for more modular architecture and contracts, not as a reason to wait.