On 26 November 2025, the Serious Fraud Office (SFO) published updated Guidance on Evaluating a Corporate Compliance Programme. The new guidance replaces the previous guidance introduced in January 2020 and sets out six scenarios in which the SFO may assess an organisation’s compliance programme. Following the introduction of the “failure…
On 19 November 2025, Colombia reinforced its legal framework to combat smuggling and the facilitation of smuggling, emphasizing risks, prevention, and corporate accountability.
The measures target unauthorized import/export practices and concealment of goods, with penalties escalating for goods exceeding statutory thresholds. Companies face heightened criminal liability for executives and representatives, even if goods are later regularized, alongside intensified enforcement by DIAN and the Prosecutor’s Office.
The framework underscores obligations for traceability, documentation, and internal compliance controls, while promoting employee training and reporting mechanisms. These actions aim to safeguard tax collection, fair competition, and economic integrity, signalling a strategic push toward stricter customs compliance and corporate governance.
On 22 November 2025, Brazil’s National Council for Advertising Self-Regulation (CONAR) introduced new rules to combat greenwashing in advertising. The changes cover biodiversity, climate change, and waste disposal, reinforcing the sector’s commitment to environmental protection.
Two new articles encourage responsible socio-environmental communication and set guidelines for sustainability claims and technical terminology.
Advertisers must provide detailed data on emissions, carbon offsets, and product life cycles, along with specific deadlines and action plans for environmental goals. These changes aim to ensure transparency and prevent misleading sustainability claims.
On 17 October 2025, Taiwan’s Legislative Yuan passed amendments to the Personal Data Protection Act (PDPA), establishing the Personal Data Protection Commission (PDPC) as the new supervisory authority for personal data matters.
These changes respond to a 2022 Constitutional Court ruling and aim to strengthen independent oversight while enhancing data protection standards across both public and private sectors.
Key updates include mandatory appointment of Data Protection Officers (DPOs) for government agencies, new breach notification and reporting obligations for non-government entities, expanded inspection powers for the PDPC, and a six-year transition period for certain supervisory functions.
The PDPC will also issue baseline security regulations and serve as the appeals body for administrative decisions. The effective date will be set by the Executive Yuan, with implementation expected in 2026.
On August 29, 2025, the US Court of Appeals for the Federal Circuit (CAFC) issued a 7-4 en banc opinion in VOS Selections, Inc. v. Trump, holding that the International Emergency Economic Powers Act (IEEPA) does not authorize the President to impose broad, indefinite tariffs. The case was initially brought in the Court of International Trade (CIT) by private businesses and the US state attorneys general. The President invoked IEEPA on various grounds, including concerns about drug enforcement, border security, and trade deficits. In a May decision granting summary judgment to the VOS Selections plaintiffs, the CIT found that IEEPA does not authorize the President to impose the tariffs at issue, which the US Government appealed.
On 15 August 2025, Singapore’s Health Sciences Authority (HSA) issued an update listing overseas health products found to contain potent, prohibited ingredients. These may cause harmful side effects. The HSA advises consumers to avoid such products and buy only from trusted sources. Sellers in Singapore face severe penalties for supplying adulterated products. The HSA continues monitoring global enforcement to protect local consumers and urges suppliers to assess any overseas regulatory impacts.
Fraud poses significant legal, financial, and reputational risks for organizations. The FBI’s 2025 Internet Crime Report highlights over $16 billion in losses due to internet-related crimes, including phishing, extortion, and personal data breaches. ISO 37003, published in May 2025, provides guidelines for managing fraud risks through prevention, detection, response, and evaluation. Effective fraud control systems help organizations comply with legal standards and mitigate liability. ISO 37003 can integrate with other ISO standards to create a comprehensive Governance, Risk, and Compliance framework, aiding organizations in safeguarding against both internal and external fraud.
In response to heightened scrutiny over country of origin declarations amid ongoing global tariff tensions, Singapore Customs issued Circular No. 06/2025 on 9 June 2025 to provide important clarification on the applicable preferential and non-preferential rules of origin when declaring the “country of origin” for importation into, exportation out of, and transshipments through Singapore.
On 12 June 2025, the representatives of the EU Member States in the Committee of Permanent Representatives (Coreper) approved the Council’s negotiating mandate to revise Regulation (EU) 2019/452 (EU FDI Screening Regulation) on the screening of foreign direct investment (FDI). This clears the way for the so-called trialogue negotiations with the European Parliament and the European Commission. The aim of the reform is to strengthen the EU’s ability to respond to security-related risks of foreign investments and forms part of the EU Commission’s agenda of an ‘open strategic autonomy’ – while at the same time maintaining an open and investment-friendly environment.
On 23 May 2025, the Hong Kong government gazetted the Companies (Amendment) (No.2) Ordinance, enacting a comprehensive re-domiciliation regime that allows non-Hong Kong incorporated companies to re-domicile to Hong Kong while preserving corporate identity and business continuity. Applications for re-domiciliation may now be made to the Companies Registry.