The EU AI Act's August 2, 2026 transparency deadline is close enough that most enterprise compliance teams have a plan, and with high-risk obligations now set for December 2027 under the Digital Omnibus, the full scope is coming into view
What many enterprises lack right now is a list — a complete, current account of every AI agent running in their environment, what it does, what it can access, and who owns it. That list is not a nice-to-have. Under the Act, it's the prerequisite for everything else.
The problem is structural. AI agents are deployed faster than any prior category of enterprise software, across platforms that were never designed to report back to a central inventory, by teams that don't think of themselves as shipping AI systems. That means that by the time compliance asks the question, the answer is already complicated.
This post walks through why the inventory gap exists, what the EU AI Act actually requires, and what a defensible starting point looks like.

Ask your IT team how many SaaS applications are active in your environment or how many laptops are under management. They can likely tell you. There are systems for all of it: CMDBs, MDMs, procurement workflows, software asset management tools built over decades to track exactly these things.
Ask how many AI agents are operating right now, on what platforms, with access to what data, authorized by whom, and there’s less likely to be a definitive response. In fact, according to a recent Dataiku/Harris Poll survey, a staggering three-quarters of CIOs admit they do not have full real-time visibility into AI agents running in production systems.
AI agents are different from every prior category of enterprise software. They're deployed by individual teams, sometimes individual people, without going through IT procurement. They run autonomously, persist between sessions, hold credentials to internal systems, and operate across platforms. A single business unit might have agents running in Salesforce, Microsoft Copilot Studio, AWS Bedrock, and a homegrown LangChain wrapper, yet none of them visible to the team responsible for compliance.
Under the Digital Omnibus agreement reached in May 2026, the high-risk obligations in Articles 9 through 17 for providers, and Article 26 for deployers, now apply from December 2, 2027 for standalone Annex III systems (and August 2, 2028 for high-risk systems embedded in regulated products).
High-risk isn't the only tier that applies. Most agents also fall under the Act's limited-risk transparency obligations: where an agent is used, end users need to know they're interacting with an AI system or receiving AI-generated output. That obligation applies far more broadly than the high-risk provisions. Meaning even agents that never touch a high-risk domain still carry a disclosure duty you can only meet for agents you’ve inventoried.
The compliance obligations are operationally demanding, and they all share a common prerequisite.
You cannot classify what you haven't inventoried.
More specifically:
Article 9 requires a continuous, documented risk management process covering the full AI system lifecycle from design through post-market monitoring.
Article 13 requires that high-risk AI systems be transparent enough for deployers to understand and properly use their outputs, accompanied by clear instructions covering the provider's identity, the system's capabilities, limitations, accuracy, risks, human oversight measures, and maintenance needs.
Article 17 requires a quality management system covering design, testing, data governance, and incident reporting procedures across the entire lifecycle of every high-risk AI system in use.
Non-compliance carries real stakes, including fines of up to €15 million or 3% of global annual turnover for violations of the high-risk provisions. Annex III includes AI systems used in HR and recruitment, credit and creditworthiness decisions, and as safety components in the management of critical infrastructure. Whether a given agent falls into one of these categories is often debated across organizations, but if your agents touch these domains (and many do), they may fall within scope.
Even with the extra time and breathing room, the work the Act requires remains the same. Only the date enforcement begins to shift. The enterprises in the strongest position will use the window to build the visibility that compliance depends on, rather than treating it as a pause.
The compliance requirements in Articles 9, 13, and 17 map to specific operational questions that your inventory needs to answer for every agent in scope:
Owner. Who is accountable for this agent's behavior? Not the team that deployed it, the named individual who can answer questions about it at 9 AM on a bad day.
Purpose. What is this agent designed to do? What business process does it touch? Is that scope still accurate, or has usage drifted since deployment?
Data access scope. What systems can this agent read from or write to? What credentials does it hold? Under what conditions?
Tool permissions. What actions can this agent take autonomously? What requires human confirmation? Is there a fallback if the agent fails or behaves unexpectedly?
Risk tier. Based on the EU AI Act's framework, what risk category does this agent fall into? Has that classification been reviewed since the agent's scope expanded?
End-user disclosure. Are the people interacting with this agent, or receiving its outputs, told they're dealing with AI? Article 50's transparency obligation applies to most agents regardless of risk tier, and it's only verifiable per-agent if your inventory tracks it.
Most enterprises can answer some of these for some of their AI agents. The problem is coverage. The agents that are hardest to find, i.e. the ones deployed quickly, running quietly, owned by teams that have since reorganized, are frequently the ones with the most access.
There's a version of this problem that was manageable a year ago. Agent deployments were concentrated in a handful of sanctioned initiatives with clear ownership. Compliance teams could reasonably argue they had visibility into the material risk.
That's no longer the credible position for two reasons.
First, the pace of deployment has accelerated sharply. Every major enterprise platform has shipped native agent capabilities in the past eighteen months: Salesforce AgentForce, Microsoft Copilot Studio, AWS Bedrock AgentCore, Google Vertex, Snowflake Cortex alongside the chat and code interfaces shipped directly by third-party model providers. Agents are no longer a specialized AI team's project. They're a feature of the software your business users are already running, which means new agents are entering your environment without any centralized intake process.
Second, the Act's requirements don't adjust for organizational complexity. An agent deployed by a regional business unit without IT oversight is still subject to Article 9 risk management requirements if it operates in a high-risk domain. Meaning, sprawl is not a sufficient defense.
The enterprises in the strongest position started with visibility, then built the controls.
A practitioner-grade first step: connect to the platforms where agents are deployed, scan for what's running, and build a structured registry that captures owner, purpose, data access scope, and risk tier. Even imperfectly, a 70% complete inventory with known gaps is a defensible starting point. A zero-percent inventory is not.
Dataiku, the Platform for AI Success, has spent years helping enterprises bring structure and oversight to AI in production, from models in deployment to LLM-powered workflows. That discipline extends directly to the agent layer. The Dataiku Solution for EU AI Act Readiness provides pre-built governance workflows for triaging AI systems by risk level, securing lifecycle documentation, and operationalizing the specific controls Articles 9–17 require, also including customizable approval workflows, robust audit timelines, and registries that make it possible to answer the questions regulators will ask.
The agent layer is the next frontier of that work, and the August 2 deadline makes it the most urgent.
On July 23, we're running a webinar that goes deeper on exactly why agent sprawl is structurally different from anything CMDBs were built to handle, what a practitioner-grade agent inventory actually looks like, and what the EU AI Act requires from teams that haven't inventoried their agents yet: from the transparency obligations landing in August 2026 to the high-risk requirements that follow in 2027.
If you're responsible for AI governance, compliance, or enterprise infrastructure, this is the session to attend!
Join the webinar "AI agent sprawl: Why you've lost track of your agents and how to regain visibility," on July 23
Register now