All Insights
Showing 1 - 12 of 595
Financial Services
Six a day? FCA sets out reconciliation rules to address safeguarding risks for UK payment and e-money firms
Steps include both internal and external safeguarding tests and a second 'day after receipt' check
IT and data
UK Cyber Security and Resilience Bill: pragmatic overhaul or regulatory overload?
The key changes and action points for businesses, and how the bill compares with the EU NIS2
GDPR for HR
GDPR for HR | December 2025
Data subject access requests: the impact of AI, the Data (Use and Access) Act, and ICO enforcement
Digital Regulation
Digital Omnibus reshapes EU cookie rules but leaves banner fatigue largely intact
The Digital Omnibus Proposal promises a cleaner, GDPR-based framework for cookies and consent, yet its narrow exemptions and technical fixes
IT and data
The implementation of the NIS-2 Directive in Germany – What are the deviations from the NIS-2 Directive?
Germany’s NIS-2 Act is in force now narrowing scope and adding a ‘critical’ tier compared to the NIS-2 Directive. With
Life Sciences and Healthcare
Autumn Budget 2025: what does recent government policy mean for UK life sciences and healthcare?
Targeted R&D support and faster regulatory pathways will be boosted by landmark UK-US pharmaceuticals deal
IT and data
European Data Protection Board guidelines map how the DSA meets the GDPR
The interaction of the regulatory regimes has broad implications for companies operating online across Europe
Regulatory Outlook
Cyber security | UK Regulatory Outlook November 2025
Cyber Security and Resilience Bill introduced to Parliament | EU Commission publishes digital omnibus regulation proposal | Cyber Extortion and
Regulatory Outlook
Artificial intelligence | UK Regulatory Outlook November 2025
UK: Landmark UK AI and IP case: Getty Images v Stability AI | Select Committee opens inquiry on AI and
Regulatory Outlook
Data law | UK Regulatory Outlook November 2025
UK: ICO consultation on enforcement procedural guidance | ICO fines Capita £14m for data breach | Cyber Security and Resilience
Energy
Communication on carbon neutrality ambitions Challenges and risk - the case of TotalEnergies: (Paris Court, 23 October 2025, N° RG 22/02955)
Key takeaways: Distinction between commercial communication and institutional communication, but no impermeability: Claims made in a commercial context are those
GDPR for HR
UK and EU GDPR for HR | Autumn 2025
Data subject access requests and disclosure pitfalls, workplace AI engagement, and sharing pseudonymised data
