The EU Digital Omnibus package is still in trilogue. Whether certain high-risk AI Act obligations shift by up to sixteen to twenty four months remains an open question, not a settled fact, as of this article's publication date. For AI liability underwriters pricing European enterprise risk today, that uncertainty is not a reason to wait. It is the underwriting problem itself, and the way it is being handled tells enterprises seeking coverage exactly what to prioritise in the meantime.
Key takeaways
- Does the Digital Omnibus delay affect my AI insurance pricing now? Not directly. The delay is unresolved in trilogue, so underwriters continue pricing against the regulation as it stands rather than a possible future timeline.
- Is the EU AI Act high-risk deadline officially delayed? No. The European Parliament backed a possible delay of up to sixteen to twenty four months in March 2026, but that is a negotiating position, not adopted law.
- Does the Product Liability Directive deadline move too? No. Directive (EU) 2024/2853 applies from 9 December 2026 on a fixed schedule that the Digital Omnibus discussion does not touch.
- Should enterprises keep completing FRIA and Article 9-17 documentation while this is unresolved? Yes. Underwriters treat that documentation as risk-reducing evidence because it demonstrates governance quality, independent of any specific statutory deadline.
- What changes if the delay passes versus if it does not? Mainly the timing of the residual compliance-gap exposure insurers price for specific obligations. Enterprises with complete documentation are positioned the same way under either outcome.
Why underwriters cannot wait for the delay question to resolve
Insurance is a business of pricing risk today for a policy period that starts today. AI liability underwriters writing cover for European enterprises in July 2026 are not in a position to pause submissions until the Digital Omnibus trilogue concludes, because renewals, new business, and capacity allocation decisions do not stop for a regulatory negotiation with no fixed close date. The European Parliament's March 2026 negotiating position supports a possible delay of certain high-risk obligations under Regulation (EU) 2024/1689 by up to sixteen to twenty four months, conditional on the Commission delivering harmonized standards the market is still waiting on. That is a meaningful signal about direction. It is not an adopted amendment, and trilogue outcomes on EU digital files have moved, narrowed, or stalled before.
This puts underwriters in a familiar position: pricing a risk whose regulatory perimeter is moving while the policy itself needs to be bound now. The practical response across the market has not been to wait. It has been to treat the delay scenario as one input among several, alongside the penalty regime already active since August 2025, which carries fines of up to thirty five million euro or seven percent of global annual turnover for the most serious infringements, and alongside the EIOPA opinion published in August 2025 that set out how AI governance and risk management should align with Solvency II, the Insurance Distribution Directive, DORA, and GDPR for insurers themselves. None of that supervisory architecture is contingent on the Digital Omnibus outcome, and none of it pauses while the trilogue continues.
What is actually uncertain, and what is fixed regardless
The distinction underwriters need to hold clearly, and the one enterprises most often blur, is between obligations whose timing is genuinely in play and obligations that are fixed no matter how the Digital Omnibus negotiation ends. The high-risk AI Act obligations under discussion in the Omnibus are in the first category. Their applicability date could move if the delay is adopted in the form the Parliament has backed.
Directive (EU) 2024/2853, the revised Product Liability Directive, sits in the second category. It applies from 9 December 2026 on its own legislative timeline, and nothing in the current Digital Omnibus discussion touches that date. This directive extends strict liability exposure to defective AI-enabled products and services, shifts the burden of proof toward claimants in ways more favourable to them than the prior regime, and applies regardless of whether the enterprise in question falls inside or outside whatever high-risk perimeter the AI Act ultimately settles on. An enterprise, or an underwriter, that reads news of a possible AI Act delay and concludes the compliance clock has generally slowed down is making an error that matters at claims time. The product liability exposure lands in December 2026 either way, and our companion analysis of product liability directive readiness sets out what that means for coverage design specifically.
How underwriters are treating FRIA and Article 9-17 documentation in the meantime
The reason this uncertain window is manageable for underwriters, rather than paralysing, is that the documentation an enterprise produces to satisfy the EU AI Act's governance obligations was never valuable only because a legal deadline made it mandatory. A completed Fundamental Rights Impact Assessment under Article 27, a functioning Article 9 risk management system, current Article 10 data governance records, Article 14 human oversight assignments, and the broader Article 9 through Article 17 documentation set are all, from an underwriting perspective, evidence that a deployer understands its own AI system, has identified who could be harmed by it, and has built controls around that risk. Good governance practice of that kind does not stop being informative to an underwriter because a statutory deadline moved by a year and a half.
This is the same logic already established for how compliance paperwork becomes underwriting evidence more broadly, discussed in our analysis of whether AI insurance pays out without a completed FRIA. What the Digital Omnibus delay changes, if adopted, is when certain obligations become a strict legal requirement with regulator-facing enforcement behind it. It does not change whether the underlying documentation is useful to an underwriter deciding how to price a policy today. Enterprises that keep building this evidence base are rewarded by underwriters on the merits of the documentation itself, not on the basis of a compliance deadline that has or has not arrived.
This pattern is visible in how insurers active in this market are underwriting AI liability now. Munich Re's aiSure parametric cover, extended to up to fifteen million euro, US dollar, or Canadian dollar equivalent through its February 2026 partnership with Mosaic, prices against measured AI performance rather than a compliance checkbox. Armilla, writing as a Lloyd's of London coverholder with capacity up to twenty five million US dollars per company following its January 2026 raise, and the AI Underwriter Collective's AIUC-1 standard, used for the first policy written for ElevenLabs in February 2026, both build their underwriting submissions around governance and evidence categories that map closely to the AI Act's own documentation requirements. None of these products are waiting for the Digital Omnibus outcome to decide what counts as good evidence.
What actually changes if the delay is adopted versus if it is not
From a claims and pricing perspective, the two scenarios diverge in degree rather than in kind. If the delay is adopted broadly in line with the Parliament's March 2026 position, the statutory clock for certain high-risk obligations moves later by as much as sixteen to twenty four months. For underwriters, this most directly affects how much weight to give a compliance gap that exists today but would not yet be a breach of a binding deadline under the revised timeline. A missing piece of Article 9 or Article 27 documentation looks different to an underwriter if the enterprise still has a year and a half of runway to complete it than if the deadline has already passed. Pricing for that specific gap could soften somewhat, though policy wording built around demonstrated governance, rather than around the mere existence of a statutory deadline, remains largely unaffected either way.
If the delay is not adopted, or is adopted in a narrower form than currently proposed, enterprises that treated the Omnibus discussion as a reason to slow their own documentation work arrive at the original deadlines with less runway than they assumed they had. Underwriters are likely to treat that residual gap more conservatively at renewal, both because the compliance exposure is now live rather than pending, and because an enterprise that visibly paused governance work while awaiting a regulatory outcome it did not control has demonstrated something about its risk culture that is itself relevant to pricing. Enterprises that kept building documentation regardless of the Omnibus outcome are unaffected by which way the trilogue resolves, because their evidence was never contingent on it.
This is also the pattern EIOPA's August 2025 opinion anticipated at the insurer level. By asking European insurers to align AI governance and risk management with existing Solvency II, IDD, DORA, and GDPR frameworks rather than waiting for AI-specific supervisory rules to be finalised, EIOPA effectively told the market that governance obligations do not pause for regulatory sequencing elsewhere. The same logic now applies symmetrically to the enterprises those insurers are underwriting. Our companion review of the EIOPA February 2026 survey on insurer AI readiness sets out how that alignment is progressing across the market.
Practical guidance for enterprises seeking coverage in this window
The operating instruction for an enterprise seeking AI liability coverage in the second half of 2026 is straightforward even though the regulatory backdrop is not. Document to the higher compliance bar regardless of which way the Digital Omnibus resolves. A completed FRIA where Article 27 applies, a current Article 9 risk management system, Article 10 data governance records, and Article 14 human oversight documentation are underwriting assets whether the applicable deadline is August 2026 or December 2027. Treating the delay negotiation as a reason to deprioritise this work assumes a specific trilogue outcome that is not yet decided, and it forgoes underwriting credit that is available now regardless of the outcome.
Enterprises should also separate, in their own compliance planning, the obligations that are genuinely contingent on the Digital Omnibus outcome from the Product Liability Directive obligations that are not. A December 2026 readiness plan for Directive (EU) 2024/2853 should proceed on its fixed timeline without reference to how the AI Act delay question resolves. Finally, enterprises engaging with underwriters during this window should expect submissions to be evaluated on the evidence provided, not on a prediction about trilogue timing, since that is how the underwriting market itself is currently pricing the uncertainty.
Readers tracking how the Digital Omnibus negotiation itself is progressing, including the specific obligations under discussion and the harmonized standards the Commission still needs to deliver, can follow the ongoing analysis at agentliability.eu's Digital Omnibus explainer. The Agent Insured waitlist is open for European enterprises preparing for AI liability coverage and gives access to the Agentic Liability Monitor briefing, which tracks how underwriting standards are developing as both the AI Act enforcement period and the Digital Omnibus trilogue progress.
Frequently asked questions
Does the Digital Omnibus delay affect my AI insurance pricing now?
Not directly. As of July 2026 the delay is unresolved in trilogue, so underwriters continue pricing European AI liability policies against the regulation as it currently stands, treating a possible delay as a factor to monitor rather than a fact to price against.
Has the EU AI Act's high-risk compliance deadline actually been delayed?
No. The European Parliament adopted a negotiating position in March 2026 supporting a possible delay of up to sixteen to twenty four months for certain high-risk obligations, conditional on the Commission providing harmonized standards. That is a negotiating position within an ongoing trilogue, not adopted law.
Does the Product Liability Directive deadline move if the AI Act obligations are delayed?
No. Directive (EU) 2024/2853 applies from 9 December 2026 on its own fixed schedule, unaffected by the Digital Omnibus discussion, which means that liability shift lands regardless of how the AI Act delay question resolves.
Should enterprises keep building FRIA and Article 9-17 documentation while the delay is unresolved?
Yes. Underwriters treat this documentation as risk-reducing evidence of governance quality, and that evidentiary value does not depend on whether a specific statutory deadline has arrived or been pushed back.
What changes for claims and pricing if the delay is adopted versus if it is not?
Mainly the weight given to a currently incomplete compliance gap for the specific obligations under discussion. Enterprises with complete FRIA and Article 9-17 documentation are positioned the same way under either outcome, because their evidence was never contingent on the deadline.
References
- European Parliament, negotiating position on the Digital Omnibus package concerning Regulation (EU) 2024/1689, adopted March 2026.
- Regulation (EU) 2024/1689 on Artificial Intelligence, OJ L 1689, 12 July 2024, penalty regime in force since 2 August 2025.
- Directive (EU) 2024/2853 on liability for defective products, applicable from 9 December 2026.
- EIOPA, Opinion on Artificial Intelligence Governance and Risk Management for Insurers, August 2025.
- Munich Re and Mosaic, aiSure parametric AI performance cover partnership, announced February 2026.
- Armilla, Lloyd's of London coverholder capacity announcement following January 2026 capital raise.
- AI Underwriter Collective, AIUC-1 standard, first policy written for ElevenLabs, February 2026.