Business Ethics News: AI Act Deadlines Slip and ESG Reporting Is Trimmed

Two big European decisions this fortnight reshape the compliance calendar: lawmakers pushed back the toughest AI Act deadlines, and bank regulators cut the volume of ESG data firms must disclose while widening who has to report it.

European Parliament approves a delay to key AI Act deadlines

On 16 June the European Parliament gave final approval to amendments, part of the "Digital Omnibus" package, postponing major AI Act obligations. Rules for standalone high-risk AI systems move from 2 August 2026 to 2 December 2027, high-risk AI embedded in regulated products moves to 2 August 2028, and transparency and watermarking duties move to 2 December 2026. A new prohibition on AI generating child sexual abuse and non-consensual intimate imagery takes effect 2 December 2026. Source: Morgan Lewis.

EBA cuts ESG disclosure datapoints, extends rules to smaller banks

On 22 June the European Banking Authority published finalised draft technical standards updating its Pillar 3 ESG-risk disclosures. The rules cut datapoints for large institutions by 37%, from 2,614 to 1,648, but for the first time extend ESG disclosure proportionately to all banks, with small and non-complex institutions reporting around 84% fewer datapoints from a reference date of 31 December 2027. The update also drops the Green Asset Ratio and EU Taxonomy-alignment disclosures. Source: European Banking Authority.

What it means for ethics and compliance teams

More time is not less work. A delayed AI Act deadline is room to build governance properly, not a reason to pause; firms selling into the EU should still map which systems are high-risk now. On ESG, fewer datapoints lower the reporting burden for large banks but pull smaller institutions into scope for the first time, so the task shifts from volume to getting the right data flowing. Our EU AI Act compliance checklist sets out the practical steps.