Written by Umair Rahim From Lexology PRO on Dec 9, 2025
Lexology PRO has analysed enforcement data across 10 regulatory areas over the last year to identify enforcement patterns, trends, and the risks facing businesses.
Click on the links below to access the full articles.
Online platforms and AI developers face data privacy pressure, but others must take note
Global data protection enforcement jumped over the past year, led by Europe’s major fines against online platforms and AI companies for unlawful data use and transparency failures. US and APAC regulators also ramped up actions, while upcoming GDPR reforms and the EU AI Act are set to further increase compliance pressure.
Employers hit hard with penalties, with worker rights set to expand
Regulators targeted discrimination, unsafe working conditions, wage underpayment, and worker exploitation. They issued major penalties for gig worker misclassification and severe occupational safety failures. Expanding worker rights, rising mental health obligations, and growing AI-related risks are challenges employers must be ready for in 2026.
Traditional banks and non-banks in the crosshairs, but US enforcement softens
Regulators worldwide targeted money laundering, weak governance, and cybersecurity lapses, with crypto firms, fintechs, and private credit funds increasingly in focus. Record penalties hit both banks and non-banks, even as US enforcement eased under Trump. Geopolitics, cyber threats, and the rise of digital assets and AI drove scrutiny of sanctions breaches and operational resilience.
Environment and climate-related enforcement intensify, despite ESG divergence
Enforcement targeted illegal resource extraction, pollution, waste failures, and greenwashing. Regulators moved beyond traditional oversight to police ESG integrity and ethical sourcing. Enforcement risk remains high as mandatory climate disclosures, tougher greenwashing rules, and rising climate litigation push companies toward more substantive sustainability practices.
Sanctions risks set to grow and become more complex
Nations took measures against Russia, Iran, and other high-risk jurisdictions while increasingly penalising corporate compliance failures. The US issued its largest Iran sanctions package since 2018, and the UK issued a record Russia-related settlement. Sanctions risk is set to grow more complex as the UK overhauls enforcement, the EU pursues harmonised penalties, and geopolitical uncertainty shapes future sanctions strategy.
Regulators ramped up enforcement against crypto firms, fintechs, and other high-risk sectors, with record penalties signalling far tougher oversight. AML and sanctions enforcement increasingly overlapped in the US, while Canada and the UAE expanded crackdowns. New AML regimes in Australia, the EU, and the UAE will significantly widen obligations, even as US enforcement grows less predictable.
Brazil leads enforcement with sweeping crackdowns on corruption
Regulators targeted public-sector fraud, criminal networks, and corporate bribery. Brazil led through multi-agency crackdowns and very large penalties. US enforcement steadied despite a temporary FCPA pause. ABC enforcement is set to rise further, especially in Brazil ahead of elections, and as US authorities pursue more targeted, high-impact FCPA cases.
Telecoms regulatory oversight to be modernised with emerging compliance pressures increasing
Brazil cracked down on counterfeit equipment and consumer abuses, Europe issued major data- and competition-related fines, and the US targeted robocalls and telemarketing fraud. Penalties increasingly come with operational reforms and zero tolerance for outages and emergency-service failures. Compliance pressure will keep rising due to regulatory reforms, AI-related risks, and tougher consumer-protection rules
Insurers pay the price for numerous failures globally, but UK faces consumer super-complaint
Regulators targeted illegal operators, cybersecurity failures, weak governance, poor claims handling, and misleading statements. While US state regulators and APAC authorities increased scrutiny, UK enforcement fell to its lowest level in a decade. Global enforcement going forward will focus heavily on consumer protection, claims and complaints handling, operational resilience, climate and sustainability risks, and emerging AI-related exposures.
Gambling operators face sharper enforcement, with more reforms to come
Enforcement centred on heavy fines, licence revocations, site blocking, and criminal actions for AML/CTF breaches, weak customer due diligence, and failures in responsible-gambling duties. Operators were penalised for harming vulnerable players and using illegal or unethical advertising, while unlicensed platforms faced intensified crackdowns. Enforcement will tighten further as regulatory reform and court rulings reshape the sector.
