The Regulator has revised its guidance on cyber security to help trustees and scheme managers meet their duties to assess risk, ensure controls are in place, and respond to incidents. 

For the first time, the Regulator is requesting that trustees and scheme providers report (on a voluntary basis) significant cyber incidents as soon as reasonably practicable so the Regulator can build a better picture of the cyber risk facing the industry and its members. 



Contacts

Lesley Browning
Lesley Browning
Partner
Email
lesley.browning@nortonrosefulbright.com
T: +44 20 7444 2448 / +44 77 1030 3311
Shane O'Reilly
Shane O'Reilly
Partner
Email
shane.o'reilly@nortonrosefulbright.com
T: +44 (20) 74443895

Industry:

Practice area:

Recent publications

Publication

Regulation Around the World: Open Finance

In this issue of Regulation Around the World we look at how regulators are developing their proposals for Open Finance.

Global | July 07, 2025

Financial services and regulation
London skyscrapers

Publication

Essential Corporate News – Week ending 4 July 2025

On 3 July 2025 the UK Takeover Panel (Panel) published PCP 2025/1: Dual class share structures, IPOs and share buybacks (Consultation) setting out a proposed framework for the application of the UK Takeover Code (Code) to companies with dual class share structures (DCSS companies).

United Kingdom | July 04, 2025

Corporate, M&A and securities
Employment-labour-financial-institution-building-generic-office-AdobeStock_242697109

Publication

Do your tech and outsourcing contracts address cyber incidents?

Most incidents handled by our Norton Rose Fulbright cyber team originate from the customer’s service provider. In many cases it is the service provider’s systems, infrastructure and environment which proves to be the most vulnerable to cyber breaches and security issues.

Global | July 01, 2025

Technology
Site search

Subscribe and stay up to date with the latest legal news, information and events . . .

Register now