All posts
ComplianceJune 18, 2026

EU AI Act compliance for AI agents: what you need before August 2

The EU AI Act's Article 50(1) transparency obligation, which requires that people be told when they are interacting with an AI system, applies from 2 August 2026. For teams shipping AI agents into the EU, it is the first concrete, dated obligation that touches agents directly, and violations of the transparency rules carry penalties of up to €15M or 3% of worldwide annual turnover.

One caveat on timing: the Digital Omnibus on AI, provisionally agreed by the Parliament and Council in May 2026 and still pending formal adoption, deferred the broader high-risk obligations to 2 December 2027 and the Article 50(2) marking of AI-generated content to 2 December 2026. It left the Article 50(1) interaction-disclosure date of 2 August 2026 in place, so the deadline this post is about still stands.

Draft Commission guidance indicates AI agents fall within Article 50(1): agentic systems must disclose their AI nature in every plausible human-interaction context.

What Article 50 actually requires

  • 50(1): Systems that interact with people must disclose they are AI, unless it's obvious.
  • 50(2): Generative output must be marked as artificially generated (machine-readable).
  • 50(3): Emotion-recognition and biometric categorization need notice.
  • 50(4): Deepfakes and synthetic media must be labelled.

For an agent that emails customers, files tickets, or chats, 50(1) and 50(2) are the immediate concerns: disclosure and provenance.

Where a firewall helps

Compliance is partly policy and partly evidence. Strathon contributes to both. On the policy side, you can enforce disclosure and content rules at the point of action. On the evidence side, every agent action flows through a signed, append-only audit log, and Strathon can export evidence mapped to the relevant Articles.

  • Signed audit trail of every tool call and model invocation.
  • Evidence export aligned to Articles 9–15 and 19.
  • NIST AI RMF risk scoring per agent.
  • Policies to enforce disclosure and block undisclosed generative output.

Start now, not in July

Audit trails are only useful if they cover the period regulators ask about. Putting a firewall in front of your agents today means you'll have months of signed evidence by the time the deadline arrives. See the EU AI Act docs for the feature-to-Article mapping.

Get StartedDiscuss on Discord