Companies House Identity Verification Legal Requirement

Companies House has issued guidance stating that identity verification for directors and persons with significant control will become a legal requirement from November 18, 2025. This marks the start of a 12-month transition period for companies to comply.

Companies House Fees and Powers Update

Companies House will implement new fee structures effective February 1, 2026, with digital filing fees for incorporation, confirmation statements, and voluntary strike-offs increasing. These changes, alongside new powers granted by the Economic Crime and Corporate Transparency Act, aim to enhance the UK's corporate registers and combat economic crime.

Insolvency Service Shuts Down UK Business Registration Services

The UK Insolvency Service has shut down three companies that facilitated the registration of over 11,000 UK businesses for overseas clients, primarily from China. These companies operated without proper registration and failed to conduct anti-money laundering checks, creating a false impression of UK presence for their clients.

S-Bank Fined EUR 1.8 Million for GDPR Violations

The European Data Protection Board reports that the Finnish Supervisory Authority has fined S-Bank EUR 1.8 million for GDPR violations related to a data security vulnerability. The bank failed to implement adequate safeguards, leading to a personal data breach affecting a significant proportion of its customers.

EDPB Strengthens Global Data Protection Cooperation

The European Data Protection Board (EDPB) held a meeting with Data Protection Authorities from countries and organizations with an EU adequacy decision to strengthen global data protection cooperation. This follows up on a previous meeting in October 2024 and focuses on sharing information and experiences in international data protection enforcement.

EDPB/EDPS Support AI Act Streamlining with Stronger Safeguards

The European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) have issued a joint opinion on the EU Commission's proposal to streamline the AI Act. While supporting administrative simplification, they urge stronger safeguards to protect fundamental rights and advise against removing the registration obligation for high-risk AI systems.

EDPB Conference on Cross-Regulatory Cooperation

The European Data Protection Board (EDPB) is hosting a conference on March 17, 2026, in Brussels to discuss cross-regulatory cooperation from a data protection perspective. Registration is open until February 26, 2026.

EDPB/EDPS Joint Opinion on Digital Omnibus Regulation Proposal

The EDPB and EDPS have issued a joint opinion on the Digital Omnibus Regulation proposal, supporting simplification efforts while raising concerns about proposed changes to the GDPR's definition of personal data. They also welcome increased data breach notification thresholds and deadlines.

ICO Decision Notice: Cabinet Office FOI Request Breach

The UK's Information Commissioner's Office (ICO) has issued a decision notice regarding a Freedom of Information (FOI) request made to the Cabinet Office. The ICO upheld a complaint that the Cabinet Office breached FOI rules by failing to respond to a request within the statutory 20-working day period.

ICO Decision Notice: UWE must disclose construction expenditure

The UK's Information Commissioner's Office (ICO) issued a decision notice against the University of the West of England (UWE). UWE is required to disclose construction expenditure information within 30 days, as the ICO found their refusal to be unlawful under the Environmental Information Regulations (EIR).