If your marketing team uses AI to generate images, video, or audio for EU audiences, you have until 2 August 2026 to label every piece of it. The EU AI Act's Article 50 transparency rules become fully enforceable that day. Non-compliance costs up to €15 million or 3% of global annual turnover — whichever is higher.
This isn't a future problem. It's a workflow problem you need to solve now.
Article 50 applies to any AI-generated content, not just deepfakes
This means the compliance burden extends far beyond obvious deepfakes or political misinformation. For a B2B SaaS company, the practical scope is startlingly broad. Consider your sales deck: if you used an AI tool to generate a customer testimonial script, a synthetic voiceover for a product walkthrough, or even a Midjourney-created illustration for a case study PDF, each of those assets now requires a persistent, machine-readable watermark and a clear disclosure. The regulation does not distinguish between "high-risk" and "low-risk" synthetic content in this context—it applies wherever a reasonable person could mistake the output for human creation.
The "machine-readable and persistent" requirement is particularly demanding for text-based content. Unlike images, where a visible watermark can be embedded, text disclosures must be structured so that automated scraping tools or downstream platforms can detect the AI origin. This likely means embedding metadata in the file itself (e.g., C2PA provenance standards) or using invisible digital signatures that survive copy-paste operations. A simple footer reading "Generated by AI" will not satisfy the machine-readability test if that text can be stripped during reformatting.
Furthermore, the exemption for "obvious from context" is narrower than many assume. If your product demo video uses a synthetic voice that sounds natural, the context does not make the AI generation obvious—you must disclose it. Similarly, an AI-generated headshot on a "Meet the Team" page is not obviously synthetic to a visitor; it requires a watermark and a statement. The only safe harbor is content so stylized or absurd that no reasonable person would mistake it for authentic human output, which rarely applies to professional B2B marketing materials.
Three things to audit in your content pipeline right now
Start with what you've published in the last 12 months. Most teams don't know how much AI-generated content they're actually shipping.
- Visual assets. Blog images, social media graphics, case study screenshots, website hero sections. If a designer used an AI tool to generate or heavily modify an image, it counts.
- Audio and video. Podcast intros, explainer videos, webinar recordings with AI-generated voiceovers. Synthetic audio is explicitly covered.
- Text at scale. AI-written blog posts, email sequences, and landing page copy. The watermarking requirement for text is lighter — a metadata tag rather than a visible label — but the disclosure requirement still applies.
One founder I spoke to last week discovered their marketing agency had been using AI-generated product screenshots for six months without telling anyone. That's six months of non-compliant content they now need to either watermark or take down. The deeper issue here is that Article 50's enforcement doesn't distinguish between content you knowingly generated and content that was generated on your behalf by a contractor, freelancer, or platform tool. If your CRM auto-generates email summaries with an AI model, or your video editor uses a generative fill feature to remove a background object, those outputs fall under the same disclosure obligation. The regulation also applies retroactively in a practical sense: any content still publicly accessible on 2 August 2026 must be compliant, regardless of when it was created. This means your audit should include a review of your vendor contracts and tool settings. Ask each provider whether their output includes machine-readable metadata tags by default, and whether you can add visible labels to assets they produce. For text-based content, the lighter metadata requirement is deceptive — it still requires that the information be "detectable" by automated systems, which means your CMS or email platform must support embedding and preserving those tags through export and distribution. If your pipeline strips metadata during a resize or format conversion, you are effectively non-compliant. The most overlooked category is hybrid content: a human-written email that includes an AI-generated subject line, or a blog post where the outline was AI-generated but the prose was human. The regulation covers any "generated or manipulated" content, so partial AI involvement still triggers the obligation. Your audit should flag every touchpoint where a model contributed, even if the final output was edited by a person.
The tools you use today will determine your compliance burden
Most AI content tools don't embed compliant watermarks yet. Midjourney adds a subtle grid pattern that is not machine-readable. ElevenLabs doesn't watermark audio at all. Runway adds a logo that is trivially removable.
By August 2026, the major platforms will likely offer compliant watermarking as a feature. But relying on that is risky. If a tool updates its watermarking spec in July 2026 and you don't re-export every asset, you're exposed. The deeper issue is that Article 50 doesn't just require a watermark — it requires that the watermark be robust, machine-readable, and persistent across modifications. A logo that can be cropped out or a grid that disappears after resizing fails all three criteria. The European Commission's draft implementing rules, expected in early 2026, will likely clarify that simple visual markers are insufficient; the watermark must survive compression, format conversion, and even screenshot capture. This means your current toolchain may need a complete overhaul, not just a settings toggle.
The safer approach is to build a review step into your content workflow. Before any AI-generated asset goes live, someone checks that the watermark and disclosure are present. This is the same discipline as checking alt text or meta descriptions — a simple checklist item that prevents a €15 million problem. But the review step alone is not enough. You also need a provenance log: a record of which model generated the asset, when, and with what version of the watermarking system. Without that log, a regulator can argue that you failed to demonstrate "best efforts" to comply, even if the watermark was present at publication. The teams that treat compliance as a metadata problem — not just a visual one — will have a defensible audit trail.
We've seen this pattern before. The UAE's 90-day compliance pipeline for safety rules caught teams who assumed they could fix things after the deadline. The teams that survived had already embedded compliance checks into their daily workflow. For the EU AI Act, the equivalent is integrating watermark verification into your CI/CD pipeline or content management system — automated checks that reject any asset lacking a valid, persistent watermark before it reaches your website or email campaign. The tools you choose today determine whether that integration is a minor configuration change or a six-month engineering project.
What the fines actually look like in practice
The €15 million or 3% of global turnover penalty applies to the highest tier of violations. For a startup doing €5 million in revenue, that's €150,000. For a mid-market SaaS company at €50 million, it's €1.5 million.
But the real cost isn't the fine. It's the investigation. If a competitor or consumer group files a complaint, regulators can demand access to your content production logs, tool licenses, and approval workflows. That distraction costs weeks of engineering and legal time.
And the EU is serious about enforcement. The AI Office in Brussels has already staffed up. They're hiring technical investigators who understand how generative models work. This isn't a paper tiger.
What many operators overlook is that the fine structure is tiered, not binary. The 3% ceiling applies only to violations of Article 50's core transparency obligations—failing to label synthetic content or omitting watermark metadata. But secondary infractions, such as incomplete documentation of your watermarking methodology or insufficient record-keeping of model outputs, fall under a lower tier capped at €7.5 million or 1% of global turnover. For a €5 million startup, that still means a €75,000 penalty for what a regulator might deem "inadequate procedural compliance."
The investigation itself follows a predictable pattern. Regulators will request three things: your internal policy for identifying AI-generated content, the technical implementation logs showing how watermarks are applied, and any audit trails of content published without labels. If your team used a third-party API for generation but never verified whether that API's watermarking met EU standards, that gap becomes a liability. The burden of proof falls on the deployer—you—not the tool provider.
Enforcement also scales with company size. A solo operator with a single chatbot faces a warning and a corrective order. But a B2B SaaS platform distributing AI-generated sales emails to thousands of EU prospects triggers the full investigative machinery. The AI Office has already signaled it will prioritize "systemic risk" cases—any deployment that reaches a significant portion of EU users. For a sales outreach platform, that threshold is lower than you think.
Start with your highest-risk content categories
Not all AI-generated content carries the same risk. Prioritise based on visibility and audience.
First, anything on your public website that an EU visitor could see. That includes blog posts, case studies, product pages, and team photos. If you sell to European companies, your entire site is in scope. The regulatory logic here is straightforward: public-facing content has the widest potential reach and the highest likelihood of influencing consumer decisions. Article 50 does not distinguish between B2B and B2C contexts, so a case study that uses AI-generated client testimonials or synthetic data visualisations must carry a clear label. For product pages, any AI-generated imagery—such as mockups, lifestyle photos, or interface screenshots—falls under the watermarking requirement. Team photos generated or edited by AI are also covered, which means your standard headshot retouching tool may now trigger a disclosure obligation.
Second, outbound email content. If you use AI to draft email copy or generate images for your sequences, those messages need disclosure. The good news is that email is easier to fix — you can add a disclosure line to your templates and update your deal qualification process to include a compliance check. However, the nuance lies in how you implement the label. A simple "AI-generated" tag at the bottom of an email may not satisfy the requirement if it is easily overlooked or buried in a signature block. The regulation expects the disclosure to be "clearly distinguishable" and "prominent," which for email likely means a visible line near the top of the message body or immediately adjacent to the AI-generated element. For sequences that include AI-generated images—such as personalised product mockups or infographics—each image must carry its own watermark, not just a blanket disclosure in the email footer.
Third, social media. AI-generated posts, images, and videos on LinkedIn, Twitter, and Instagram are covered. If your SDRs use AI to generate LinkedIn profile photos or banner images, those need watermarks too. This category is particularly tricky because social platforms have their own content policies that may conflict with or supplement the EU requirements. For example, LinkedIn's terms already prohibit misleading synthetic media, but the EU Act adds a mandatory labelling layer that applies regardless of platform policy. Your compliance process should account for the fact that watermarks on social media must survive platform compression and resizing—a small, low-contrast mark that works on a desktop view may become illegible on mobile. Additionally, if your team uses AI to generate entire post copy, the disclosure must be part of the post text itself, not just in the image metadata or alt text, since those are not immediately visible to all users.
What we'd do next
Audit your content pipeline this quarter. Map every tool that touches your content production and check whether it generates AI content. Add a compliance review step before any AI-generated asset goes live. And if you're building outbound sequences for EU prospects, make sure your email templates include a clear AI disclosure.
But don't stop at a single audit. The real risk lies in the tools you think are purely human-assisted but quietly inject generative AI into drafts, subject lines, or image assets. Many CRM plugins and email enrichment services now offer AI-suggested copy without a prominent label. You need to trace each output back to its source model and verify whether that model's provider has committed to watermarking under Article 50. If they haven't, you assume the compliance burden. Also consider that the watermarking requirement applies retroactively to any content still in circulation after August 2026 — so archived sequences, landing pages, and even old social posts may need re-labeling. A practical next step is to create a living register of every AI touchpoint, updated quarterly, with a clear owner for each. Pair that with a pre-launch checklist that flags any asset destined for EU audiences. Finally, if you rely on third-party agencies or freelancers for content, amend your contracts to require their compliance with Article 50's disclosure rules. This shifts liability upstream and gives you a paper trail. The regulation doesn't prescribe a specific watermark format, but it does require that disclosures be "clear and distinguishable" — so avoid fine print or hover-over tooltips. Plain text at the top or bottom of an email, or a visible badge on an image, is safer.
If you want to see how MiraReach handles compliance in its own content workflows, we've published our internal audit template. It's free. No email required.
— Mira