The sci-fi world where AI talks to AI is no longer a future concept. It is an operational reality happening on telephony lines right now. I recently joined David Casem, CEO and Co-founder of Telnyx, to discuss why Voice AI in Europe has hit a wall. Not because the technology is lacking. Because the infrastructure and compliance frameworks are not yet ready for production scale. Between the looming compliance cliff of the EU AI Act and the fragile state of data sovereignty, many enterprises are playing a dangerous game of guessing the caller. At Resemble AI, we have decided to stop guessing.
The August 2026 cliff: Operationalizing Article 50
Compliance is becoming a survival metric in Europe, not a legal suggestion. Article 50 of the EU AI Act mandates that synthetic audio must be marked in a machine-readable format. Starting in August 2026, the penalty for getting this wrong can reach €35 million or 7% of global annual turnover.
One of the first questions from the webinar cut right to it:
"If we are using Telnyx Voice Agents with a number, do we need to change anything to be compliant with the EU AI Act?"
The short answer: yes. Starting August 2026, every enterprise deploying voice AI in Europe is required to watermark or identify their AI output in a machine-readable way. The compliance burden falls on the deployer, not the AI provider. You cannot leave that to chance at the application layer.
The EU AI Act will not be a one-time compliance event either. It is an ongoing engineering process, and the regulatory surface will keep expanding. The UK is already moving in the same direction. Ofcom's trajectory has shifted from "monitor and consult" to active intervention, with the Online Safety Act introducing penalties of up to £18 million, or 10% of qualifying worldwide revenue, for deepfake-related violations. Enterprises that treat compliance as a checkbox audit will find themselves exposed on both sides of the Channel.
Learn more: EU AI Act: What Generative AI companies need to know in 2026
The Franken-stack problem
For too long, European enterprises have been forced to stitch together mismatched infrastructure: European telephony paired with US-hosted LLMs. This creates massive exposure to the CLOUD Act and FISA 702. If your data leaves the continent to be processed by a model in a US data center, your sovereignty is gone.
A pointed question from a German enterprise attendee made this concrete:
"For public sector and enterprise voice AI, the LLM choice is often the compliance blocker, not telephony, STT, or TTS. CLOUD Act and FISA 702 exposure rules out US-hosted LLMs for a lot of deals. Any plans for adding Mistral to the Telnyx inference portfolio?"
David addressed this directly. Telnyx is shipping B300 GPUs to European data centers and has integrated localized frontier models including Kimi, with Mistral under consideration for the inference portfolio. The goal is a European-native stack where voice agents run inference without data ever crossing an ocean. That is what real sovereignty looks like. Not a compliance checkbox. A full vertical.
A practical note on adoption: many European enterprises are starting with AI running alongside a human agent before moving to full automation. That is a sensible first step. It also means detection needs to be present from day one, not retrofitted later.
Why watermarking must survive the PSTN
A common assumption is that Voice AI is too clean or that it lacks the spatial cues of a human caller. As models move toward Detect-3B Omni levels of fidelity, those gaps are closing fast. That raised the most important technical question of the session:
"Does watermarking actually survive through PSTN telephony channels? And from a regulatory standpoint, does it need to?"
Most watermarks are fragile. G.711 codecs and aggressive transcoding strip them. Our answer to this is Resemble Watermarker.
Unlike traditional watermarking that hides data in high-frequency noise, Resemble Watermarker uses a neural approach. The signature is embedded directly into the neural weights of the audio. The watermark is not on top of the audio. It is the audio. We optimize specifically for the 8 kHz bandwidth constraint so that signatures persist through lossy compression like G.723.1 and multiple carrier hops. Psychoacoustic masking ensures the signature is detectable by Resemble Detect but completely inaudible to the human ear.
What we have tested PerTh against:
- G.711 and G.723.1 telephony codecs
- Replay attacks and re-encoding transformations
- Multiple sequential carrier hops
The watermark holds. Full test results across 18 real-world attack conditions are available to view in our benchmarks.
The new threat surface: Agent-to-agent
The first visitor to your customer service line today is likely a bot. We discussed the shift from static voice clones to real-time deepfake fraud during the webinar, including cases where attackers use randomized degradation across eighteen different operations to thwart simple detectors.
Someone asked whether deepfake fraud is actually happening at scale, or whether it is still theoretical:
"Is deepfake fraud an actual problem? Who is adopting it?"
It is happening. The challenge is that most enterprises do not know how to measure it yet, because detection is not widely deployed. At MWC in Barcelona, we ran a live experiment over three days. We played participants pairs of audio clips, one real and one synthetic, and asked them to identify which was which. Out of 140 participants, no one scored a perfect 10 out of 10. The highest score was 8. Most people could not reliably distinguish real from fake. One clip used five seconds of publicly available audio from a well-known political figure to generate a German-language synthetic voice via an open-source model on Hugging Face, no login required.
That is the threat surface. Small models. Consumer-grade GPUs. Open-source pipelines. No barrier to entry.
Resemble Detect identifies synthetic signals within the first four seconds of audio. Catching an agent-to-agent interaction early also has a direct cost benefit: once your system knows it is responding to a bot rather than a human, your LLM can respond more concisely, and you stop burning tokens on conversational handling that only a human needs. In high-volume environments, that saving compounds fast.
One attendee asked whether our detection model uses probabilistic programming, specifically Bayesian inference or factor graphs:
"Are you using probabilistic programming to estimate whether a voice is AI or real?"
Yes. The model is probabilistic in how it was trained, built on a large curated dataset of synthetic audio spanning over 160 generative AI models and 51 languages, published as the MLAAD paper. For any given input, it produces a consistent, deterministic output. In practice, it holds up well at production scale, which is what the SLA question ultimately comes down to.
Building for the long game
Identity is the new frontline of the internet. At Resemble, we are not just building voices. We are building the verification layer for the synthetic era. We treat media watermarking as infrastructure, not a security add-on. Compliance is not a one-time audit. It is an ongoing engineering process.
Partnering with Telnyx on a vertically integrated stack makes it practical for European enterprises to move from experimentation to production-ready AI, future-proofed against both attackers and regulators. The modalities of how we consume information are changing. We are making sure the trust layer changes with them.
Ready to secure your voice infrastructure?