The Omnibus deal of 7 May 2026 postponed many high-risk obligations of the AI Act. Annex III slides to 2 December 2027, Annex I to 2 August 2028. What it did not postpone is Article 50, paragraph 2. Starting 2 August 2026, providers of generative AI systems must mark their outputs as AI-generated in a machine-readable format. Anyone still hoping “the EU will postpone this one as well” is planning for a scenario that will not materialise. This piece frames the obligation for European mid-market companies, presents three implementation paths and provides a pragmatic 30/60/90-day plan.
What the Omnibus postponed, and what it did not
The following table reflects the state after 7 May, based on the trilogue agreement. It is the foundation for any mid-market AI-compliance roadmap this year.
| Obligation | Original | Updated | Status |
|---|---|---|---|
| Art. 50(2) watermarking | 2 August 2026 | 2 August 2026 | unchanged |
| Annex III (high-risk, standard) | 2 August 2026 | 2 December 2027 | postponed |
| Annex I (high-risk, product-related) | 2 August 2027 | 2 August 2028 | postponed |
| GPAI Code of Practice | August 2025 | August 2025 | already in force |
| Art. 5 prohibitions | 2 February 2025 | 2 February 2025 | already in force |
For mid-market companies this means: anyone using GenAI for marketing content, chatbots or image production has a concrete obligation starting 2 August 2026. Systems already on the market on that date benefit from a transition period until 2 December 2026. Anyone launching after that date does not.
What Art. 50(2) actually requires
Providers of GenAI systems must ensure that their system outputs are “marked as artificially generated or manipulated and detectable in a machine-readable format”. This applies equally to text, image, audio and video. “Machine-readable” does not mean “visible to humans”. An embedded C2PA manifest in an image is compliant; a visible watermark graphic on its own is not. A “generated by AI” note at the end of a text is helpful but not legally sufficient. The duty bearer is the provider, i.e. whoever makes the system available. Anyone using ChatGPT, Claude or Mistral as an end customer is not a provider. Anyone running their own RAG system, a marketing image pipeline with Stable Diffusion or a customer-facing chatbot is a provider.
Who is actually affected in the mid-market
Three profiles are clearly in scope:
Marketing automation with GenAI images. Anyone generating and publishing images or video snippets with Stable Diffusion, Midjourney via API, DALL-E or a self-hosted model must mark these outputs machine-readably. This also holds when images are post-processed by human designers.
Customer-facing chatbot output. A customer service bot that delivers LLM responses falls under the obligation. Even when the answers come from a RAG system with a proprietary index. Machine readability here can take the form of a signed provenance header in the API response or an embedded metadata field in the delivered HTML.
RAG pipelines with synthetic enrichment. Once a system delivers generative components alongside retrieval, and outputs reach external recipients, the obligation applies. Pure retrieval without generation is not covered, but it is rarely the whole stack in production.
Two profiles are exempt:
Internal AI tools without external publication. An internal dev assistant, an internal knowledge-base chatbot or a RAG for accounting produces outputs that do not leave the company. Art. 50(2) does not apply. Watermarking still pays off for audit reasons, more on that below.
Classic NLP without generative models. Named entity recognition, classification or sentiment analysis are not GenAI systems in the sense of the AI Act and are not in scope.
Three implementation paths
Watermarking is not a uniform procedure. Different modalities call for different best practices.
Path 1: C2PA manifests for image, audio and video. The Coalition for Content Provenance and Authenticity (C2PA) has established an open standard for embedded provenance manifests. Adobe, Microsoft, OpenAI and Google support it. Stable open-source SDKs exist for image pipelines (c2pa-rs in Rust, c2pa-python, c2pa-js). A manifest contains the generating model, the timestamp, the producer’s cryptographic signature and optionally the inference ID. Implementation effort for a typical marketing image pipeline: under two weeks.
Path 2: Signed provenance header for text. For text outputs the C2PA standard is not yet broadly adopted. A pragmatic variant: a JSON header in the API response with model version, inference ID, prompt template ID and timestamp, cryptographically signed with the provider’s private key. Embedded marker in the HTML as a data attribute or meta tag. For internal audit trails this approach is sensible anyway and solves two problems with one infrastructure.
Path 3: Detection pipeline for robustness. Watermarks do not survive every kind of processing. Re-encoding, re-posting on social networks, screenshot workflows partially destroy provenance manifests. A companion detection pipeline checks incoming content against the provider’s own model signature and is useful for any provider whose outputs travel through re-posting-prone channels. Google’s SynthID is an interesting example of robust image watermarking that remains detectable after re-encoding.
An honest architecture combines all three paths. C2PA for production, provenance headers for API outputs, detection for verification.
The 30/60/90-day plan
Days 1 to 30: inventory. Which in-house systems produce AI output that leaves the company? This is the prerequisite for every compliance measure. Anyone who does not know cannot mark anything. We recommend the telemetry-based approach via DNS logs, SSO data and endpoint discovery. Outcome after 30 days: a list of in-scope systems with owners and estimated output volume.
Days 31 to 60: pilot. Pick one system from the inventory, typically the marketing image pipeline, because it is technically well-bounded and does not trigger a customer-side latency discussion. Implement C2PA manifests end to end, document the key management process and set up internal monitoring. Outcome after 60 days: a productively watermarking system with a documented operating model.
Days 61 to 90: roll-out. Transfer the pilot setup to the remaining in-scope systems, hand over to platform or product teams and anchor watermarking in the build pipelines. A final audit report to executive management closes the 90 days. Anyone starting on 2 May 2026 is done by 31 July 2026. Anyone starting on 1 June still has nearly two months until 2 August, which is enough for a pilot but pushes the roll-out into the transition window.
Three common pitfalls
“We will wait for the vendor.” For SaaS LLMs like ChatGPT or Claude, the provider supplies the watermarking building blocks. For self-hosted models (Ollama, Llama Stack, vLLM setups, fine-tuned Stable Diffusion instances) you have to sign yourself. Anyone running a self-hosted architecture is waiting in vain.
“C2PA is too complex.” Not in practice. The open-source SDKs reduce integration into an existing image pipeline to a manageable sprint. The real complexity sits in key management, which is needed for any other cryptographic use case anyway.
“We do not need detection.” Until someone uploads re-posted content claiming to come from you. Then you need a verification pipeline, ideally yesterday. The few days of effort beat any legal aftermath.
Connection to GDPR and NIS-2
Signed provenance headers are audit-trail-ready. They show which model produced which output at what time with which prompt template. That is exactly the kind of traceability required under GDPR Art. 5(1)(f) (integrity and confidentiality) and under NIS-2 Art. 21 (risk management measures). Anyone implementing watermarking cleanly solves three compliance topics with one infrastructure. We covered the NIS-2 context separately in our piece on NIS-2 compliance, which can serve as an anchor when planning watermarking.
Three questions before any GenAI project after 2 August
Does the output leave the company? If yes, Art. 50(2) applies. Is the provider an external service that already marks compliantly? If yes, check conformity; otherwise supplement on your side. Does an internal inventory exist of the systems producing GenAI output? If not, the first sprint of the 30/60/90 plan is the inventory sprint.
Conclusion
The watermarking obligation is technically solvable for mid-market companies and does not require a six-month consulting engagement. Three clear implementation paths, a 30/60/90-day plan, a contained set of responsible people. Anyone starting today completes pilot and roll-out before the transition window ends. Anyone waiting until 2 August has a compliance problem with no room to manoeuvre.
EverBright IT supports mid-market companies on watermarking readiness, from inventory through C2PA pilot to roll-out. Learn more about our AI advisory or book a 30-minute watermarking-readiness call directly.
Frequently Asked Questions
Who is a provider under Art. 50(2)?
A provider is anyone who makes a GenAI system available. Using ChatGPT or Claude as an end customer does not make you a provider. Operating your own system with a proprietary model or your own wrapper around external models does. A marketing image pipeline with Stable Diffusion, a chatbot with a proprietary RAG, a content tool with a fine-tuned model are provider setups.
What happens if I do not watermark outputs?
Art. 99 AI Act foresees fines of up to 15 million euros or 3 percent of global annual turnover for violations of Art. 50, whichever is higher. National implementation for SMEs in Germany is still being prepared, but the EU floor applies. More important than the fine in many cases is the trust question with customers and supervisory authorities.
Is a visible “AI-generated” label enough?
No. Art. 50(2) explicitly requires a machine-readable label. A visible label is a useful complement but does not replace the technical marker. C2PA manifests, signed headers or embedded watermark signals are the accepted methods.
What if the output has been edited by humans?
The obligation applies as soon as the output was “artificially generated or manipulated”, regardless of the editing level. An AI-generated marketing image retouched by a designer remains AI-generated. The manifest should document both steps: generation and editing.
What is the typical implementation effort?
For a marketing image pipeline we estimate two to four person-weeks, including C2PA SDK integration, key management setup and monitoring. For an API-based chatbot with a signed provenance header, three to six person-weeks are realistic, depending on integration depth. Roll-out to additional systems then scales at roughly half the effort per system.
