Compliance planning

Compliance planning

The challenge of complying with the UK General Data Protection Regulation (UK GDPR) should not be underestimated, nor should the consequences of failing to do so—the potential for fines of £17.5m or 4% of annual global turnover.

Does the UK GDPR apply to your business?

Assimilated Regulation (EU) 2016/679 (UK GDPR) applies to all organisations that handle personal data. As it is virtually impossible to operate a business without handling personal data, it's probably safe to assume your organisation is caught by the UK GDPR.

The GDPR also applies to organisations outside

To view the latest version of this document and thousands of others like it, sign-in with LexisNexis or register for a free trial.

TAKE A FREE TRIAL

Latest Risk & Compliance News

EU AI Act starts to apply and Commission plans guidance

The first rules under Regulation ( EU) 2024/1689, the EU Artificial Intelligence Act (EU AI Act) came into effect on 2 February. These include the AI system definition, AI literacy requirements, and a set of prohibited AI use cases that pose unacceptable risks in the EU. The Commission plans to publish guidelines on AI system definition, release a repository of AI literacy practices, and issue guidance on prohibited AI practices to assist with compliance. Additionally, the Commission has launched initiatives to support AI innovation, including an AI innovation package for startups and SMEs, and upcoming AI Factories to provide computing resources for AI development.

FATF publishes 2023-2024 annual report

The Financial Action Task Force (FATF) has released its 2023-2024 annual report, highlighting significant progress in combating financial crime. Key developments include strengthening global compliance with FATF standards, improving transparency and beneficial ownership requirements, amending standards for non-profit organisations and enhancing asset recovery measures. The FATF also focused on emerging risks, publishing reports on cyber-enabled fraud, terrorism financing through crowdfunding and virtual asset service providers. Additionally, the organisation prioritised deepening relationships with regional bodies and launched an initiative to promote gender inclusivity within the FATF and its global network.

OFSI's 'troubling' licensing regime dents sanctions win

Law360, London: The government ran a slow and 'troubling' process for approving the basic living expenses of sanctioned individuals that forced an oligarch's wife to choose between breaking the law and feeding her children, but the system was nevertheless lawful, an appeals court has said.

UK data bill grows with additions on ICO’s duties and AI web crawlers

MLex: The UK's Information Commissioner’s Office (ICO) would have a new obligation to report annually on its enforcement under an amendment to the Data (Use and Access) Bill (Bill) passed by lawmakers on 28 January 2025. A package of amendments was also passed intended to protect copyright from web crawlers used for AI training. The amendments could be removed during future parliamentary debate on Bill. The government did agree, however, to require the ICO to put out a statutory code of practice on data processing in children’s education.

View Risk & Compliance by content type :

News