ComplianceLayer monitors the EU legislative pipeline — Commission Work Programmes, EUR-Lex proposals, Parliament legislative train — and translates what's coming into plain language, before it hits the press. No legal advice. No noise. Just what your business needs to know, early.
12 regulations. Enforcement dates. Penalty tiers. Who it affects. The first action your team should take — all in one scannable document, verified against EUR-Lex and the Commission Work Programme.
Enter your email to get instant access. No spam — just the tracker, then our weekly briefing if you want it.
Get the full tracker — free. Instant PDF access.
No spam. Unsubscribe any time. GDPR-compliant — EU servers only.
We'll send the Q1 2026 EU Compliance Deadline Tracker to your inbox shortly. Check your spam folder if it doesn't arrive within a few minutes.
↓ Download PDF directlyEvery entry sourced from EUR-Lex, the Commission Work Programme, or the European Parliament legislative train.
Three things that separate us from every other compliance newsletter and legal blog.
Every piece of intelligence is traced directly to EUR-Lex, the Commission Work Programme, or the European Parliament's legislative train. No secondhand summaries. No trade press rewrites. If we can't cite the primary source, we don't publish it.
We cover proposals weeks or months before they appear in trade press, monitoring Commission Work Programmes, EUR-Lex filings, and Parliament schedules as they are published — not after they are picked up by legal media.
Written for compliance teams, in-house legal, and business owners — not lawyers billing by the hour. Every explainer answers: what is this, who does it affect, when does it matter, and what should we be doing about it now.
The three most significant EU regulatory developments of the current briefing cycle.
Article 51 thresholds for GPAI models with systemic risk now apply. Companies training or fine-tuning large models need to assess whether they cross the 10²⁵ FLOP threshold.
Internal Commission documents and the Digital Decade progress report suggest CADA will include mandatory conformity assessments for high-autonomy AI systems and cloud-native sovereign data obligations.
Council and Parliament negotiators have reached provisional agreement on data access permissions. Banks have an 18-month implementation window from final adoption — time that will pass quickly.
Every tool below is a free self-assessment landing page built and maintained by ComplianceLayer. Primary sources cited on every page.
Classify your AI systems by risk tier, identify prohibited uses, and map your obligations under the EU AI Act.
Nederlandstalige risicobeoordeling voor de EU AI Act — risicoklassen, verboden toepassingen en verplichtingen.
Compliance audit for agentic AI systems — autonomy levels, human oversight requirements, and liability mapping.
Governance and oversight assessment for autonomous AI agents — human control requirements under the EU AI Act.
Detect undisclosed or shadow AI deployments within your organisation and assess transparency obligations.
Check whether your financial institution is in scope of FIDA and what open finance data access obligations apply.
European Health Data Space readiness check — data obligations for healthcare providers and health tech platforms.
Readiness assessment for the Cloud & AI Development Act — cloud usage, AI workloads, and sovereignty requirements.
Assess your product obligations under ESPR and the Digital Product Passport framework — phased 2027 requirements.
Assess your supply chain exposure under the EU Deforestation Regulation — due diligence obligations and affected commodities.
Identify dark patterns on your digital products that will be prohibited under the incoming Digital Fairness Act.
Check your consumer-facing digital service against the Digital Fairness Act's proposed obligations and scope.
Published every week. Every item sourced from EUR-Lex, Commission press releases, or Parliament schedules. No forwarded trade press. No manufactured urgency.
No legal advice. No spam. Unsubscribe any time. Data handled under GDPR — EU servers only.