Staying compliant when your data crosses borders: Lessons from Croatia’s €4.5M GDPR fine
On November 14, 2025, Croatia’s data protection authority (AZOP) issued a striking reminder to organisations across Europe that if you transfer personal data outside the EEA, you must keep your safeguards valid, up to date and transparent. A major telecommunications operator received a €4.5GDPR fine after continuing to send customer data to Serbia without […]
How a billion-dollar laundering network exposed the limits of AML and the high stakes of sanctions compliance
What comes to mind when you think about sanctions evasion? Shadowy bankers? Offshore accounts? Covert state actors? Likely not a Friday-night drug deal in a British city. But according to the National Crime Agency (NCA), there’s a direct link there and it’s dangerous. In fact, the NCA believes that those small street-level transactions are […]
A landmark first conviction under the Bribery Act and a warning UK businesses cannot ignore
The sentencing of former Reform UK Wales leader and MEP Nathan Gill to ten and a half years in prison marks one of the most significant anti-corruption moments in modern British history. It is not simply another political scandal but the first conviction of a UK politician under the Bribery Act 2010, a law long […]
Does dark web disclosure equal harm? Why a US court ruling should alarm UK and EU organisations
A recent decision from the US Court of Appeals for the Fourth Circuit has quietly but decisively shifted the global risk calculus around data breaches. In Holmes v. Elephant Insurance Co., the court held that the appearance of stolen personal data on the dark web is, by itself, enough to constitute a concrete harm for […]
AI delayed, GDPR dismantled and big tech wins big. Will “Digital Omnibus” rewrite Europe’s digital future?
In a political shockwave reverberating across Europe, the European Commission has simultaneously unveiled: A last-minute “AI Omnibus” proposal delaying the AI Act’s core high-risk obligations A sweeping GDPR reform package that privacy advocates warn could gut Europe’s digital rights What should have been a routine regulatory update has erupted into what noyb calls “the […]
When Crypto’s promise becomes a shadow economy
Cryptocurrency was once hailed as a radical, positive force for financial freedom, a way to bypass traditional banks, democratize access and innovate the future of money. But a sweeping new investigation by the International Consortium of Investigative Journalists (ICIJ) reveals a darker truth: Many major crypto platforms are deeply entangled with illicit finance, letting money […]
Gibraltar at a crossroads: What two landmark inquiries reveal about a jurisdiction under strain
For a tiny jurisdiction perched at the mouth of the Mediterranean, Gibraltar has spent the past few years at the centre of a storm. What began as a police investigation into alleged sabotage of a national security system has spiralled into one of the most consequential governance reckonings the territory has ever faced. Two major […]
SFDR 2.0 is coming. What does it mean for UK businesses?
On November 6, the financial markets took note of a leaked draft proposal from the Sustainable Finance Disclosure Regulation (SFDR) , dubbed SFDR 2.0, signalling what looks to be a sweeping overhaul of the EU’s sustainable-finance disclosure regime. For UK businesses, especially those with EU‐facing funds or sustainability-linked products, this is highly relevant. While the […]
Source of Funds and Wealth: The SRA’s latest thematic review and what it means for law firms
The Solicitors Regulation Authority (SRA) has released a new Thematic Review of Source of Funds and Wealth Compliance and its findings are both revealing and urgent. Despite over seven years of the Money Laundering Regulations 2017 being in force, the SRA remains concerned by persistently high levels of non-compliance across the legal sector. Why […]
Europe’s data revolution: What do the GDPR digital omnibus and AI Act reforms mean for UK businesses?
The EU is quietly entering a new era of digital regulation, one that could reshape how data protection and AI governance work across Europe. Three interconnected developments are driving this shift: A leaked draft of the “GDPR Digital Omnibus”, which may introduce a new lawful basis for AI model training. The Digital Omnibus proposal […]