Canada’s privacy overhaul creates a digital super-regulator, raising global questions about data protection independence
Canada has unveiled its most ambitious privacy reform in more than two decades, introducing legislation that would recognize privacy as a fundamental right, strengthen consumer control over personal data, increase protections for children, and impose significant new obligations on organizations handling personal information. While many of the bill’s substantive privacy provisions have been welcomed by […]
SRA pushes ahead with major compliance reforms despite industry opposition
The SRA has confirmed that it will move forward with significant reforms aimed at strengthening protections around client money and improving accountability within law firms, despite strong opposition from the Law Society and representatives of smaller practices. The proposed changes, which are expected to come into force following approval from the Legal Services Board (LSB), […]
FCA shuts down payments firm over financial crime concerns
In a remarkable move, the FCA has effectively shut down a payments firm after identifying what it described as serious weaknesses in its financial crime controls, safeguarding arrangements, and governance. On 4 June, the regulator ordered Euro Exchange Securities UK Limited (EES) to stop carrying out any regulated electronic money or payment services. At the […]
New UK data protection complaints law takes effect in two weeks
A significant change to UK data protection law is now just weeks away. From 19 June 2026, every organisation that processes personal data will be legally required to have a formal process for handling data protection complaints under the Data (Use and Access) Act 2025 (DUAA). While much of the discussion around DUAA has focused […]
Police told to hit pause on AI-generated court statements amid fears of legal contamination
The rapid adoption of AI across the justice system has hit a speed bump after several UK police forces were instructed to stop using AI tools to prepare court statements and undertake other criminal justice tasks. The intervention, led by Alex Murray, head of the newly established Police.AI centre, reflects growing concerns that inaccurate or […]
How to make your GDPR programme regulator-ready
This is the third in a three-part series on GDPR now. It is based on a webinar that we aired on May 27, 2026. A recording of the webinar can be found here. In the first blog in this series, we looked at how GDPR has matured from a one-off compliance project into a live […]
GDPR, AI and the end of siloed compliance
This is the second in a three-part series on GDPR now. It is based on a webinar that we aired on May 27, 2026. A recording of the webinar can be found here. In the first blog in this three-part series, we looked at why GDPR can no longer be treated as a static compliance […]
SRA’s £600,000 AML crackdown exposes a deeper problem: compliance neglect in the legal sector
Over the past six months, the SRA has fined 59 law firms a combined £600,000 for failing to comply with some of the most basic AML obligations required under the Money Laundering Regulations 2017. The enforcement action reveals a pattern of compliance neglect across the legal sector, with many firms failing to implement even the […]
GDPR eight years on: why compliance can no longer sit in a policy folder
This is the first in a three-part series on GDPR now. It is based on a webinar that we aired on May 27, 2026. A recording of the webinar can be found here. When GDPR came into force in 2018, many organisations treated it as a major compliance project. Privacy notices were rewritten, data maps […]