Major laws we’re tracking:
- Financial Services Bill: Expected to be announced in the King’s Speech and will reform SMCR for financial services.
- The Money Laundering and Terrorist Financing (Amendment) Regulations 2026 will come into force May / June, changing AML obligations.
- Employment Rights Act: From April, sexual harassment disclosures become protected under whistleblowing laws, and from October 2026, ‘all reasonable steps’ must be in place.
- Cyber Security and Resilience Bill: Will mandate cyber security and training for more companies.
- Equality (Race and Disability) Bill: Expected to be announced in the King’s Speech to mandate ethnicity and disability pay gap reporting for large (250+) employers.
UK regulatory update
The King’s Speech on 13 May will outline the government’s new legislative agenda, but some new laws have already been announced. The Equality (Race and Disability) Bill is expected to mandate ethnicity and disability pay gap reporting for larger (250+) firms.
A recently announced Financial Services Bill will bring in Phase 2 of reforms to the SMCR regime for financial services. Some Phase 1 reforms are coming in throughout 2026 that affect all FCA-regulated firms.
The Crime and Policing Bill received Royal Assent and is now the Crime and Policing Act 2026. It radically expands senior manager liability and increases corporate exposure to a wider range of criminal offences.
As part of the Employment Rights Act, new holiday record keeping requirements have come into force and recent tribunals have seen hundreds of thousands of pounds in fines for failing to keep accurate annual leave records.
New fire safety rules have also come into force that require housing providers to identify vulnerable residents, plan safe evacuations, and evidence compliance. The Residential Personal Emergency Evacuation Plans (RPEEPs) apply to high rises in England.
New sanctions end use controls have also been introduced by the Office of Trade Sanctions Implementation. This allows the government to intervene where goods may be diverted to a sanctioned end user. Meanwhile Apple received a sanctions penalty for making payments to Russia.
The UK’s lack of an AI law will likely remain for the foreseeable future, which in many ways makes it easier for firms to experiment with AI, particularly under the Data (Use and Access) Act.
Crypto firms in London were raided by the FCA for operating illegal peer-to-peer crypto trading hubs. Meanwhile the FCA is making it clear that AML deficiencies in the sector will not be tolerated for much longer.
A Scottish bribery conviction against an RBS banker was notable given the Sheriff’s highlighting of anti-bribery policies. Scottish firms should remember they are at greater risk of a failure to prevent prosecution as Deferred Prosecution Agreements are not available in Scotland.
A new report shows transparency in British Overseas Territories remains patchy, despite the UK government committing to public registers of beneficial ownership in the Overseas Territories and Crown Dependencies.
Neurodiversity in the workplace is under scrutiny as a VinciWorks survey revealed 35% of managers lack confidence on reasonable adjustments. VinciWorks also answered dozens of questions on neurodiversity at work following our blockbuster webinar.
The HE/FE sector should be aware of the implementation of the complaints scheme under the Higher Education (Freedom of Speech) Act 2023. Institutions could face fines of £500,000 for failing to protect the free speech of staff and external speakers.
EU regulatory update
A court in France has found a multinational cement company Lafarge guilty of financing terrorist groups in Syria. The CEO and several executives were imprisoned for paying off Jihadi groups in a reminder the area remains extremely high risk.
The EU could be moving to reign in ChatGPT under the Digital Services Act. The EU may classify OpenAI’s chatbot as a Very Large Online Search Engine, putting it under the regulatory thumb like Google and Meta.
Right on the EU’s border, Bosnia and Herzegovina may be facing FATF grey listing for money laundering deficiencies. This would add another layer of risk for transactions in and around the Balkans and trigger Enhanced Due Diligence in the politically fragmented country.
US regulatory update
A major change in AML regulation in the US could be on the cards. FinCEN have proposed radical new rules to reform AML compliance and implement a risk based approach for financial services and banks in the United States.
The Trump Administration continues its crackdown on unlawful DEI. Now IBM have reached a $17m settlement with the DOJ over False Claims Act violations. As a federal contractor, IBM asserted it was compliant with federal anti-discrimination law despite discriminating on the basis of sex and race in its hiring and DEI practices.
The legal market
Our successful AML core group of leading law firms saw a robust discussion in ongoing AML compliance challenges. Interestingly, smaller firms are adopting more KYC and screening technology, while firm culture was cited as one of the hardest challenges to crack in compliance.
A decision from the SDT upheld the SRA’s penalty against Scott‑Moncrieff & Associates (ScoMo) in an ongoing legal battle centred on the misuse of client accounts.
A word of warning for the legal market who may be seeking to cash in on the FCA’s motor finance redress scheme. The FCA have made it crystal clear those affected can make claims for free. Particularly given the proposed move to the FCA as a single AML regulator, aggressive approaches on PCP finance claims might be a long-term risk for law firms.
Around the world
China is cracking down on supply chain due diligence by foreign companies. New Chinese regulations could allow the Communist regime to prosecute western companies for following their legally mandated due diligence, or complying with rules around human rights.
India’s new Digital Personal Data Protection Act has brought in broad new rules for protecting data. Importantly, for UK or international firms working with Indian providers or sub-contractors, the new law may also impose additional compliance obligations.
The very first money laundering conviction in Madagascar has seen the illegal trade in exotic (and cute) furry animals prosecuted as a financial crime. The case has exposed the nefarious networks of wildlife trafficking.
Did you know?
Staff who are betting on Polymarket could be putting their firms at a serious compliance risk. Any use of insider information on a prediction market bet could trigger fines or prosecutions.
New guides
How to build a compliant AI programme
India’s Digital Personal Data Protection Act
Neurodiversity at work: A straightforward guide
Tranche 2 accounting: AML/CTF reforms in Australia
Tranche 2 gambling: AML/CTF reforms in Australia
Tranche 2 mining: AML/CTF reforms in Australia
Tranche 2 proliferation financing
Tranche 2 real estate: AML/CTF reforms in Australia
Where can I find more?
Follow our daily blog. Check out our new guides. Subscribe to the podcast.
