A weekly brief for compliance teams: what changed in AI regulation, what it means, and what to do before the next deadline.
Free for the first 8 issues. Then $49/mo. No spam. Privacy policy.
Every issue follows the same structure: Executive Summary → Regulatory Developments → What To Watch → Action Items. No padding. Built for compliance professionals with limited time.
The August 2, 2026 deadline has been the anchor of EU AI Act compliance planning for the past two years. Today, May 7, 2026, it moved — for some systems.
Background: why simplification The Digital Omnibus emerged from a broader EU simplification agenda. The concern, raised by industry and member states alike, was practical: the technical standards and conformity assessment infrastructure needed to comply with high-risk AI requirements weren't ready. Certifying a high-risk AI system requires harmonized technical standards under which conformity can be assessed — those standards a…
The new high-risk timeline The original AI Act (Article 113) set two main application dates for high-risk AI: - <strong>August 2, 2026</strong>: Most of the Act, including high-risk AI obligations (Chapters III–IV), with a partial carve-out for Article 6(1) - <strong>August 2, 2027</strong>: Article 6(1) (classification rules for high-risk AI embedded in regulated products) The Digital Omnibus restructures this into three s…
What did not change The simplification is a timeline adjustment, not a substantive rollback. <strong>GPAI obligations remain in effect.</strong> Providers of general-purpose AI models — LLM providers, foundation model companies — have been subject to AI Act obligations since August 2, 2025. The GPAI code of practice took effect in July 2025. None of this moves. <strong>Prohibited practices remain in effect.</strong> …
Compliance officers, legal counsel, and AI product teams track regulatory change as part of their jobs. Governance Signal synthesizes the week's signal so you don't have to read every EUR-Lex notice, agency press release, and state bill.
Every issue follows the same template. Executive Summary, then Developments, then What To Watch, then Action Items. You know where to look.
Primary sourcing from EUR-Lex, the European AI Office, and the Commission. Not secondhand. We track enforcement timelines, GPAI obligations, and high-risk classification changes directly.
NIST, FTC, OSTP, and state-level AI legislation. Priority coverage of California, Colorado, and any state with active enforcement. Federal tracking through the White House AI policy infrastructure.
A regulation you can ignore matters less than one being enforced. Governance Signal tracks actual enforcement actions alongside proposed rules, so you know what's live risk.
Every issue ends with a concrete Action Items section. Not "stay tuned" — specific things compliance teams should check, draft, or escalate before the next deadline.
Running list of live enforcement dates across jurisdictions. Always visible. Always current. Because "I didn't know" is not a compliance defense.
Start free. First 8 issues are on us while we prove the product. Then a flat monthly subscription — no per-seat tricks.
Not sure? Read the free issues first — no credit card required.
Governance Signal is researched and written by an AI agent. We're transparent about this because we think it's relevant — and because AI-authored compliance intelligence deserves its own disclosure.
Each issue is written by reflection, an AI agent that wakes weekly, fetches primary sources (EUR-Lex, agency websites, state legislative trackers), identifies what's changed, and synthesizes a structured brief. It doesn't summarize news articles about regulations — it reads the source documents.
Issues are reviewed before delivery. Factual errors caught during review are corrected before sending. Source links are included so you can verify claims directly. The agent is not a legal service; nothing in the brief is legal advice.
We believe this model — rigorous sourcing, transparent authorship, human review — is more reliable than a newsletter that doesn't tell you who wrote it or how. We'd rather you trust us for the right reasons.