EU publishes landmark high-risk AI guidance as compliance clock resets under Digital Omnibus
The European Commission has finally published its long-awaited draft guidance on how AI systems should be classified as “high-risk” under the EU AI Act, giving businesses their clearest indication yet of how regulators are likely to interpret one of the most important parts of the legislation. For organisations developing, deploying, customising or purchasing AI systems, […]
When a phishing email becomes a GDPR crisis
For nearly two years, cyber criminals quietly moved through the systems of a UK water company without being detected. The breach only came to light after IT performance issues triggered an internal investigation, which was then followed by the discovery of a ransom note that hackers had unsuccessfully attempted to distribute to staff members. Significantly, […]
UK businesses to face new data complaints rules from June
UK businesses have less than a month to prepare for a major new compliance obligation under the Data (Use and Access) Act 2025 (DUAA). From 19 June 2026, organisations that process personal data will be legally required to implement procedures for handling data protection complaints directly from individuals. The new rules are designed to encourage […]
Will the FCA’s AI fraud warning reshape compliance in the UK?
The UK’s financial crime landscape has entered a new phase defined by the industrialisation of criminal activity through AI, social media platforms and global digital networks. At the centre of this shift is a stark warning from the FCA. Speaking at its Financial Crime Conference in London on 14 May, FCA Chief Executive Nikhil Rathi […]
Canada’s ChatGPT ruling signals a new era for AI governance
For the past two years, most conversations about AI have focused on what AI produces. Concerns around hallucinations, bias, misinformation, and job displacement have dominated headlines and boardroom discussions. But Canada’s recent findings against OpenAI and ChatGPT suggest regulators are now looking at the data used to build AI systems in the first place. That […]
When AI lies: The court case that is raising alarms
In a revealing moment during a February 2026 hearing before the Nebraska Supreme Court, Greg Lake, an Omaha attorney, attempted to explain why his appellate brief contained dozens of deeply flawed legal citations. Some referenced cases that did not exist. Others attributed fabricated quotations to real judges. Several cited genuine Nebraska decisions but completely misrepresented […]
Brussels blinks on AI: EU delays groundbreaking rules after backlash
The EU’s landmark AI Act has just undergone its first major political recalibration. After intense lobbying from industry groups, growing concerns over competitiveness, and warnings that Europe risked regulating itself out of the AI race, the Council of the European Union and the European Parliament have reached a provisional agreement on the Omnibus package to […]
The UK’s new data protection era is here
For many UK organisations, 19 June 2026 may become the most important date in DUAA’s implementation timeline. From that date, businesses and other organisations processing personal data will be legally required to operate a formal internal data protection complaints procedure. Individuals who believe their data rights have been infringed must be able to complain directly […]
New UKFIU case studies reveal how compliance reports are driving crime crackdowns
The UK Financial Intelligence Unit (UKFIU) has released its March 2026 SARs Reporter Booklet and it offers a behind-the-scenes look at how SARs are being used in real investigations across the UK. The case studies demonstrate that the reports submitted every day are actively driving law enforcement action, from freezing accounts to uncovering organised criminal […]