Diritto intelligente – Issue N. 18

The AI Act is no longer a political project. It is operational law.

As of 2 August 2026, the transparency obligations under Article 50 become fully applicable, the Digital Omnibus has redistributed — not eliminated — compliance complexity, and the first enforcement actions are within sight. For most businesses, the moment has arrived when AI regulation stops being a matter of policy commentary and becomes a matter of operational execution. And the reality confronting legal teams, compliance functions, and boards across Europe is that very few organizations have translated regulatory awareness into functioning governance infrastructure.

This issue of Diritto Intelligente examines what all of this means in practice. The Digital Omnibus deferred certain high-risk deadlines — standalone Annex III systems to December 2027, product-embedded AI to August 2028 — but it did not suspend the regulatory machinery. Prohibited practices, AI literacy, general-purpose AI obligations, and transparency rules are already live or imminent. 

Simplification is not suspension: a passive approach is now harder to defend, and organizations that treat the deferral as an invitation to wait will reach the new deadlines with the same structural gaps they have today — systems not inventoried, contracts not updated, roles unclear, bias untested, and human oversight that exists only on paper. 

We explore how financial institutions must integrate AI governance with DORA, GDPR, and sectoral supervision — because the AI Act does not create a separate compliance silo but must be embedded into existing control frameworks, from risk management and outsourcing to product governance and incident reporting.

We analyse the collision between the Digital Markets Act and AI, as the Commission investigates Big Tech practice.

We hope you'll enjoy it!