EDPB Public Consultation on Processor Binding Corporate Rules

The European Data Protection Board (EDPB) has launched a public consultation on its Recommendations 1/2026 concerning Processor Binding Corporate Rules. The consultation is open until March 2, 2026, and aims to gather feedback on the application, elements, and principles for these rules under GDPR.

Guidance on Reporting Scams Pretending to be Companies House

Companies House has published guidance on how to report scams that impersonate the agency. The guidance details how to identify and report suspicious phone calls and emails, providing examples of known scam tactics.

Companies House Transition Plan for Economic Crime Act

Companies House has published an outline transition plan for the Economic Crime and Corporate Transparency Act 2023. The plan details the indicative timeline for commencing key provisions, with updates indicating potential postponements for certain measures to prioritize identity verification and stakeholder feedback.

Companies House Identity Verification Legal Requirement

Companies House has issued guidance stating that identity verification for directors and persons with significant control will become a legal requirement from November 18, 2025. This marks the start of a 12-month transition period for companies to comply.

Companies House Fees and Powers Update

Companies House will implement new fee structures effective February 1, 2026, with digital filing fees for incorporation, confirmation statements, and voluntary strike-offs increasing. These changes, alongside new powers granted by the Economic Crime and Corporate Transparency Act, aim to enhance the UK's corporate registers and combat economic crime.

Insolvency Service Shuts Down UK Business Registration Services

The UK Insolvency Service has shut down three companies that facilitated the registration of over 11,000 UK businesses for overseas clients, primarily from China. These companies operated without proper registration and failed to conduct anti-money laundering checks, creating a false impression of UK presence for their clients.

S-Bank Fined EUR 1.8 Million for GDPR Violations

The European Data Protection Board reports that the Finnish Supervisory Authority has fined S-Bank EUR 1.8 million for GDPR violations related to a data security vulnerability. The bank failed to implement adequate safeguards, leading to a personal data breach affecting a significant proportion of its customers.

EDPB Strengthens Global Data Protection Cooperation

The European Data Protection Board (EDPB) held a meeting with Data Protection Authorities from countries and organizations with an EU adequacy decision to strengthen global data protection cooperation. This follows up on a previous meeting in October 2024 and focuses on sharing information and experiences in international data protection enforcement.

EDPB/EDPS Support AI Act Streamlining with Stronger Safeguards

The European Data Protection Board (EDPB) and European Data Protection Supervisor (EDPS) have issued a joint opinion on the EU Commission's proposal to streamline the AI Act. While supporting administrative simplification, they urge stronger safeguards to protect fundamental rights and advise against removing the registration obligation for high-risk AI systems.

EDPB Conference on Cross-Regulatory Cooperation

The European Data Protection Board (EDPB) is hosting a conference on March 17, 2026, in Brussels to discuss cross-regulatory cooperation from a data protection perspective. Registration is open until February 26, 2026.