Telecoms | UK Regulatory Outlook March 2026

Ofcom publishes the voluntary Telecoms Consumer Charter 

Following a recent exchange of correspondence with Ofcom and meetings with a number of communications providers, the Department for Science, Innovation and Technology (DSIT) has published the Telecoms Consumer Charter. The charter is a voluntary code of conduct that includes a number of commitments intended to provide additional transparency and protection for consumers.  

In addition to restating existing obligations under Ofcom rules, the charter also requires providers to make the following additional commitments:  

• Where a contract includes a mid-contract price increase, the core subscription price that customers sign up to is the price they will pay, with any exception strictly limited to unforeseeable and externally driven events that materially affect the cost of providing services.
• For any customers still on legacy inflation-linked terms, April 2026 will be the final increase expressed in those terms, after which all such contracts will move to the pounds-and-pence system.
• Issuing end-of-contract and best tariff notifications in plain English, and keeping switching processes, including One Touch Switching and Text-to-Switch, quick, simple, and seamless.
• Making social tariffs easy to find for eligible customers and supporting those facing financial difficulty through access to cheaper packages without charge or penalty, or manageable payment plans. 

These additional measures go beyond the existing regulatory framework and require the providers concerned to adapt without the usual adjustment period provided by regulatory change. In particular, providers have only recently updated contracts and processes for the requirement for pounds and pence price increases implemented last year, and their ability to adjust pricing has been further curtailed, even in situations where a right of exit is provided to the customer. 

Providers who are not currently signatories to the charter will now need to weigh up the risks of potential negative public perception for those who do not volunteer against the additional obligations that would be placed on their business.  

Time will tell if the creation of this charter signals a change in approach from the government to a more interventionist and hands-on role in the management of the telecoms sector. 

Ofcom publishes second Telecoms Security Act annual report  

Ofcom has published its second telecommunications security report, covering the period from 1 October 2024 to 30 September 2025. It sets out communications providers' levels of compliance with the Telecoms Security Act, the actions Ofcom has taken, and its intended regulatory approach for the year ahead. 

Telecoms providers are now approaching the halfway point for the implementation timeline for the measures set out in the government’s Telecommunications Code of Practice and Ofcom's monitoring has identified three significant compliance gaps:  

• Supply chain security - almost a quarter of Code measures relate to supply chain security, and evidence shows that just under 50% of Tier 1 and 10% of Tier 2 providers may not be properly applying these measures where a supplier is itself a regulated telecoms provider.
• Security testing for new equipment - over 50% of Tier 1 and 25% of Tier 2 providers find meaningful security testing of new equipment prior to contract award uneconomic or impractical, with testing in most cases only occurring after a contract has been awarded.
• Identity and access management - around 50% of Tier 1 and 10% of Tier 2 providers are likely to miss the expected implementation dates for identity and access management Code measures, in some cases because providers are implementing longer-term "strategic" security solutions which will only be fully delivered later in their improvement programmes. 

This report provides a valuable insight into the areas of the Telecoms Security Act that are likely to face the most intense Ofcom scrutiny over the next 12 months. Providers should therefore ensure that compliance with these elements of the Code has been reviewed and plans put in place for any necessary remedial actions.  

Regarding supply chain obligations in particular, providers should take note that the fact that a supplier may itself be subject to the Telecoms Security Act does not negate obligations to carry out due diligence and to include the required security commitments in their supply agreements. 

Government mobile review – net neutrality rules  

The UK's net neutrality rules have long operated on the baseline principle that internet service providers (ISPs) must treat all internet traffic equally, preventing them from favouring certain services, providers or users.  

In October 2023, Ofcom revised its guidelines to provide greater operational flexibility, acknowledging rising traffic volumes driven by large-scale content providers, the emergence of new gatekeeper platforms, and the growth of advanced services such as augmented and virtual reality. 

Now, as part of its broader Mobile Market Review, the government is consulting on whether further targeted changes to the net neutrality rules are needed to better support investment and innovation. The proposals under consideration include: 

• Allowing ISPs to offer differentiated connectivity packages to specific commercial partners (such as car manufacturers requiring low-latency connections for connected vehicles).
• Enabling more focused traffic management controls targeted at specific companies during congestion events.
• Permitting additional scope for zero-rating access to certain websites.  

These proposals represent significant net neutrality reform. If they are implemented, they will present providers with a rare opportunity to implement a range of innovative new products and commercial models.  

Providers have until 21 April 2026 to provide their views on the proposed changes.