Forty-nine days. That is the window between today and 2 August 2026, the day Article 50 of the EU AI Act becomes enforceable across all 27 EU member states. For enterprise voice AI deployers — banks running collections, healthcare providers running appointment scheduling, retailers running outbound sales, public sector bodies running customer service lines — the date is not a regulatory abstraction. It is an operating deadline against which Article 50(1) compliance evidence must exist, be reproducible, and survive a competent-authority inspection.
This post is not a re-explanation of what Article 50 requires. We covered that ground in the May 1 disclosure-compliance guide and walked the European Commission's draft guidelines in detail on May 21. What follows is the execution timeline: a week-by-week checklist of the operational artefacts a voice AI deployer needs in place by enforcement day, the disclosure script architecture that survives audit, and the four questions every enterprise should ask its voice AI vendor before 1 August.
This guide is shipped by the team behind Dilr Voice — enterprise voice AI live in 40+ countries with Article 50(1) disclosure architecture built in. For broader operating-model work, see our DATS operating-model engagement.
First, the date question that has been muddled
The single biggest source of misalignment in voice AI compliance conversations this June is whether 2 August 2026 is the real date. It is. There has been confusion — including, candidly, in our own May 19 omnibus post — because the 7 May Council political agreement on the Digital Omnibus extended certain transparency obligations. Specifically: Article 50(2), which concerns machine-readable marking of synthetic audio and video outputs, has a transitional grace period until 2 December 2026 for generative AI systems already on the market before August.
That December date does not move the deadline for enterprise voice agents. Voice agents that interact with callers — the agent answers, the human responds, the agent acts — fall under Article 50(1). That obligation has a hard enforcement date of 2 August 2026. The European Commission's draft transparency guidelines published on 8 May 2026 reaffirmed this and stated explicitly that "AI agents fall within Article 50(1)" and must be designed to disclose their AI nature in every interaction where the system cannot reliably predict whether the counterparty is human. For practical purposes, every enterprise voice AI deployment in EU markets needs Article 50(1) evidence on 2 August.
- Article 50(1) applies to AI systems that interact directly with natural persons. Enforced 2 August 2026. Covers every voice agent answering or making calls. Disclosure must be clear, distinguishable, and given at or before the start of the interaction.
- Article 50(2) applies to AI-generated synthetic content (deepfakes, cloned voices, generated audio). Enforced 2 August 2026 for new systems; transitional grace until 2 December 2026 for systems already on the market.
- If you are deploying a voice agent — even one that uses a cloned brand voice — the 50(1) disclosure obligation is the gate that matters for production deployments. 50(2) marking is a separate workstream.
For the procurement and legal teams reading: this is the clarification you can paste into the compliance memo. Anyone telling you the deadline has moved to December is conflating two different sub-paragraphs of the same article.
The 49-day execution plan
What follows is the week-by-week sequencing we use with DATS clients running Article 50 readiness, adapted for in-house compliance leads. Each week has a single deliverable. The order is deliberate: vendor contracts get reviewed first because the answers shape every downstream artefact.
Week 1 (14–20 June): Vendor obligation review
Article 50 applies to both providers and deployers, but the obligations are split. Your voice AI vendor — whether that is a platform like Dilr Voice, an orchestrator like Vapi, or a custom build — is the provider of the system. You, as the enterprise running it against your customer base, are the deployer. The vendor's obligation is to design the system so disclosure is possible. The deployer's obligation is to configure and operate it so disclosure happens, consistently, in every interaction, with evidence.
This week, send your voice AI vendor a four-question diligence pack:
- Does your platform support disclosure injection at session start, before any tool calls, before any LLM-driven dialogue? Provide the exact configuration mechanism.
- Is the disclosure event logged with a timestamp, the caller identifier, the script version, and the deployment ID — and is the log immutable for at least 24 months?
- If a caller responds inaudibly or interrupts the disclosure, what is the platform's behaviour? Does it re-deliver the disclosure, escalate, or proceed silently?
- What is your written representation that the platform meets the Commission's draft Article 50(1) guidance, and what is your indemnity position if it does not?
A vendor that cannot answer all four in writing inside 5 business days is not Article 50-ready. The conversation you have next is whether to extend the procurement cycle, accept the residual risk in your operating model, or migrate. We covered the migration-cost economics in the voice AI vendor consolidation analysis — for context on what to include in the MSA, our 11-clause enterprise MSA checklist is the starting template.
Week 2 (21–27 June): Disclosure script lock
The default opener is the artefact most voice AI deployments will need to ship first. The Commission's draft guidelines are explicit about what "clear and distinguishable" means: the disclosure must come before substantive content, must use plain language, must not be hedged ("a virtual assistant", "a smart agent"), and must not require the caller to opt in. The most defensible language in our practice is the unambiguous "This is an AI assistant calling on behalf of [organisation]" as the opening line — followed by the call's purpose.
What the script must not do: bury the disclosure after a greeting that sounds human-conversational, use ambiguous language ("digital assistant", "automated helper"), or treat the disclosure as something the caller can dismiss without an explicit response. The Commission's draft guidelines flag all three as common deployer failures.
Week 3 (28 June – 4 July): Audit log architecture
The disclosure event is not just spoken — it is evidenced. By 2 August your platform must be writing, for every call, a structured log entry that proves the disclosure was delivered. This is the schema we deploy:
| Field | Required | Notes |
|---|---|---|
call_id | Yes | Unique session identifier, immutable |
start_ts | Yes | ISO 8601 with timezone |
caller_msisdn | Yes | Or hashed equivalent if data-minimisation policy requires |
disclosure_script_id | Yes | Version-controlled script identifier, links to the template repo |
disclosure_delivered_at_ms | Yes | Milliseconds from call answer; should be ≤ 2000 |
disclosure_audio_url | Yes | Pointer to the recorded disclosure audio, retained per data-retention policy |
caller_response_intent | Yes | One of: proceed, decline, transfer_requested, inaudible, interrupted |
escalation_path_id | Conditional | Required if caller_response_intent ≠ proceed |
vendor_deployment_id | Yes | Identifies which platform build delivered the disclosure |
dpia_ref | Yes | Pointer to the DPIA covering this deployment |
Retention: minimum 24 months, immutable, with cryptographic integrity (hash-chained or append-only ledger). Member-state data protection authorities will be the competent authorities under Article 70 — the same authorities currently enforcing GDPR — so the retention floor effectively aligns with GDPR data retention practice for voice AI. If your voice AI vendor cannot produce a CSV export of these fields per call, you do not have an Article 50 audit trail; you have a marketing claim about one.
Week 4 (5–11 July): Evidence pack assembly
The evidence pack is the document a compliance lead hands to a competent authority on the morning of an inspection. It exists in a single shared folder, owned by a named accountable executive, and contains:
- The DPIA covering the voice AI deployment, signed and dated.
- The current disclosure script library, with version history.
- The vendor's written representation that the platform meets Article 50(1) (the four-question diligence pack from Week 1, returned signed).
- A sample of 20 anonymised call recordings, evidencing disclosure delivery across the three primary call types.
- The audit log schema, sample records, and the retention policy attached.
- The escalation procedure for callers who decline AI interaction.
- The incident log: every disclosure-related anomaly in the previous 12 months, root cause, remediation.
- The vendor's sub-processor list, with EU-relevance flagged.
Most enterprises will discover, in the act of assembling this pack, that one or more items do not exist. That is the point of doing it in Week 4 rather than the last week of July. Assemble it now; the gaps become the workplan.
Week 5 (12–18 July): Shadow rollout
Configure the disclosure injection in your voice AI platform across a single low-volume call queue first, shadowed against the production queue. Listen to the first 100 calls. The failure modes you are looking for:
- The disclosure is delivered but the caller interrupts before the end, and the agent proceeds without re-disclosure.
- The platform's text-to-speech mis-pronounces the organisation name in the disclosure, making it sound less like a corporate identity and more like a robocall.
- The disclosure script version logged in the audit trail does not match the script the system actually delivered (a deployment-config drift).
- Callers who say "no" or "I'd prefer a person" are routed back to the AI agent's standard flow rather than to a human queue.
Each of these is recoverable. None is recoverable in a complaint inspection. Week 5 is also when you fix the warm transfer behaviour: a caller who declines AI must be moved to a human queue with full context, which the warm-transfer architecture pattern sets out.
Week 6 (19–25 July): Full rollout and dual-running
Push the configuration to all production queues. Run dual-logging for one week — both the platform's native call logs and the Article 50 audit log — so you can reconcile counts. Reconciliation rule: every call recorded by the telephony layer must have one and only one corresponding disclosure event in the audit log. Discrepancies are tickets.
This is also the week to run the cross-functional briefing. The four people in your organisation who need to know what to do when a regulator calls:
- The Data Protection Officer, who is the regulatory primary contact in most EU jurisdictions and owns DPIA-related questions.
- The Head of Customer Operations, who can produce the operational artefacts (script versions, audit log samples, recent incidents).
- The Procurement Lead, who holds the vendor warranties and the indemnity position.
- The Chief Information Security Officer, who owns the audit log integrity story.
A 60-minute joint briefing that walks the evidence pack and rehearses three regulator scenarios is the single highest-leverage hour you will spend before enforcement.
Week 7 (26 July – 1 August): Pre-enforcement freeze
In the last seven days, change nothing material in the voice AI deployment. Lock the script versions. Lock the platform configuration. Lock the audit log retention policy. If a vendor pushes a platform update, defer it unless it is a critical security fix. The point of the freeze is that, on the morning of 2 August, every artefact in the evidence pack matches what is actually running in production. Drift discovered post-enforcement is materially worse than drift discovered before.
What enforcement actually looks like
Under Article 70 of the AI Act, each member state designates competent authorities — in most cases, the existing data protection authority, sometimes the consumer protection authority, occasionally a new dedicated AI body. The enforcement pattern in the first six months will mirror the early years of GDPR: complaint-driven investigations, focused on highly visible deployments (outbound calling programmes, large consumer-facing voice agents), with the first formal decisions almost certainly published as deterrent communications.
Penalties under Article 99 sit at up to €15 million or 3% of global annual turnover (whichever is higher) for transparency-obligation breaches. For a £50m-turnover enterprise that is a £1.5m exposure on a single deployment failing disclosure. For a multinational the exposure scales linearly with turnover. The enforcement risk is not the average case; it is the highly visible early case that authorities will choose to make precedent.
The procurement implication is that vendor indemnity for Article 50 non-compliance — not a vague "we will support compliance" warranty, but a quantified indemnity that names Article 50(1) and the disclosure obligation specifically — is now a procurement gate, not a nice-to-have. Our enterprise MSA clause checklist sets out what this language looks like.
Want to see this in practice? Try Dilr Voice with Article 50(1) disclosure architecture out of the box, book an AI placement diagnostic, or read our [voice AI auditability deep-dive](/blog/ai-voice-auditability-explainability-enterprise) for the audit-log architecture in detail.
The four vendor questions, in detail
We mentioned these in Week 1. The reason they matter — and why they belong at the centre of every procurement conversation between now and 1 August — is that they are the only signal that separates a vendor that has built Article 50 into the architecture from one that is positioning Article 50 as a customer responsibility.
Question 1 — Disclosure injection mechanism. Ask the vendor to show you, in their configuration UI or their API, the exact mechanism by which the disclosure script is delivered before any LLM-driven dialogue. The two acceptable architectures are: (a) a pre-LLM static audio file or text-to-speech rendering bound to the deployment; or (b) a system-prompt-level constraint that the LLM cannot bypass, paired with a server-side audit hook that confirms the disclosure was the first content delivered. If the vendor says "you write it into your prompt and the LLM will say it first", that is not architectural compliance — it is hope.
Question 2 — Audit log integrity. The disclosure event must be logged immutably. Acceptable architectures include append-only storage with cryptographic chaining, third-party audit services, or platform-level write-once-read-many storage. If the vendor's logs can be edited by an admin, your audit trail is not evidentiary.
Question 3 — Inaudible and interrupted disclosure handling. This is the failure mode most enterprises overlook. If a caller picks up and says "hello, hello?" over the disclosure, what happens? The acceptable platform behaviour is to either re-deliver the disclosure once the line is clear, or to escalate the call to a human queue. The unacceptable behaviour — and the one most platforms default to — is to proceed silently into the LLM dialogue. The regulatory framing is that an undelivered disclosure is a non-disclosure.
Question 4 — Written warranty and indemnity. Most voice AI vendor MSAs as of June 2026 do not contain an Article 50-specific representation. The DPA covers GDPR, the security exhibit covers SOC 2, but the AI Act is missing. Push for a written warranty that the platform supports Article 50(1) compliance, paired with an indemnity for vendor-caused disclosure failures. Vendors fresh off recent fundraises (which, as we covered in the voice AI buyer leverage analysis, is most of them) are unusually willing to concede on this language right now.
Two pitfalls that most teams hit
Pitfall one — treating Article 50 as a script problem. It is not. The script is the artefact, but the obligation is architectural. A voice AI deployment that delivers the right opening line 99% of the time and silently skips it 1% of the time is non-compliant on every one of those 1% of calls. The discipline is not "write a good script" but "engineer a system where disclosure is impossible to skip and is evidenced in every call".
Pitfall two — conflating Article 50(1) with GDPR transparency. Many compliance leads have read Article 50 as a thin extension of GDPR Article 14 transparency. It is not. GDPR transparency is about data processing notice; Article 50(1) is about interaction transparency — making the caller aware they are talking to AI, separately from the data processing notice. Both must be delivered. Neither substitutes for the other. The DPIA still exists; the privacy notice still exists; Article 50(1) is a new, additional obligation layered on top.
What to do this afternoon
If you read nothing else, do these four things before close of business today:
- Email your voice AI vendor the four diligence questions from Week 1. Set a five-business-day response window.
- Open a Week 4 evidence-pack folder in your organisation's shared drive and assign an owner.
- Schedule the Week 6 cross-functional briefing with the DPO, Head of Customer Operations, Procurement Lead, and CISO.
- Block the Week 7 freeze in your platform change-management calendar so a vendor push in late July does not invalidate your evidence pack.
The work is sequential. Starting today gives you slack. Starting in mid-July does not.
Forty-nine days. We've shipped this checklist before.
30-min scoping call · No deck · Confidential. We'll walk your current Article 50 evidence pack, name the gaps, and tell you whether a DATS engagement is the fastest path to readiness.
Written by the Dilr.ai engineering team — practitioners who ship enterprise AI in production. Follow us on LinkedIn for shipping notes, or subscribe via the RSS feed.