General Legal Update for January 2026

Purpose:
This newsletter summarises key legal developments published between 1st and 31^st January 2026. It focuses on changes in Quality, Environment, Health & Safety, and Information Security legislation that could impact your organisation.

Download the full update

For queries about your legal register or compliance obligations, contact legalregister.support@avisoconsultancy.co.uk.

Upcoming legislation

The following legal texts have been published but come into force after 1 January 2026 (or include future phased commencement dates).

• Economic Crime and Corporate Transparency Act 2023 (Commencement No. 7) Regulations 2026
  
  • Effective: 26 January 2026 (selected provisions)
  • Introduces further identityverification duties for directors, PSCs and authorised corporate service providers. Expands Companies House powers to query, refuse or remove filings and commences new civil and criminal penalties for false, misleading or incomplete information. Organisations must update internal controls, filing procedures and verification processes.

• Rehabilitation of Offenders Act 1974 (Exceptions) (Amendment) (England and Wales) Order 2026
  
  • Effective: 21 January 2026
  • Updates the exceptions regime allowing certain spent convictions to be requested and considered for safeguarding, financialservices, judicial, regulatory and licensing roles. Employers and regulators must update vetting processes, DBS criteria and eligibility lists.
• Employment Rights Act 2025
  
  • Effective: From 6 January 2026 (with phased elements)
  • Introduces major reforms across pay transparency, flexible working, predictablehours contracts, redundancy protections and enforcement. Employers must update HR policies, contract templates, paytransparency reporting and employeerelations procedures.
• Employment Rights Act 2025 (Minimum Service Levels) (Consequential Revocation) Regulations 2026
  
  • Effective: 18 January 2026
  • Revokes the previous MSL regime for industrial action, ending worknotice rules and related enforcement mechanisms. Employers and unions must transition to the revised industrialaction framework established under the Employment Rights Act 2025.
• Energy Performance of Buildings (Scotland) Regulations 2025
  
  • Effective: 1 January 2026
  • Strengthens EPC requirements, introduces new minimum efficiency standards, increases assessment frequency and enhances enforcement powers. Landlords, building owners and public bodies must plan for updated EPC thresholds and more frequent inspections.
• Land Reform (Scotland) Act 2025
  
  • Effective: 5 January 2026 (with later phased elements)
  • Creates new transparency and disclosure duties for largescale landholdings, strengthens publicinterest tests for land transfers and expands tenantfarming rights. Landowners must ensure compliance with new registration, engagement and landmanagement obligations.
• Infrastructure Planning (Business or Commercial Projects) (Amendment) Regulations 2026
  
  • Effective: 8 January 2026
  • Adds data centres to project types eligible for the NSIP regime. Largescale datacentre developers may now seek direction into the Development Consent Order process.
• Chemicals (Health and Safety) and Genetically Modified Organisms (Contained Use) (Amendment) (EU Exit) Regulations (Northern Ireland) 2026
  
  • Effective: 15 January 2026
  • Updates NI chemicalsafety and GMOcontaineduse legislation to align with EU requirements under the Windsor Framework. Manufacturers, importers and laboratories must review classification, SDS, notification and containment documentation.
• Building Safety Levy (England) Regulations 2025
  
  • Effective: 1 January 2026
  • Introduces a mandatory levy on eligible new residential developments to help fund remediation of historic buildingsafety defects. Developers must update financial modelling and evidence requirements for exemptions.

New legislation

These legal texts introduce new primary or secondary legislation with substantive new duties.

• Procurement Act 2023 (Commencement No. 4) Regulations 2025
  
  • Effective: 15 December 2025 (major provisions from 1 January 2026; s.70 from 1 April 2026)
  • Activates the next stage of the new UK procurement regime, including mandatory transparency notices, contractmanagement duties, KPI reporting, updated supplierremedy processes and compulsory use of the central digital platform. Authorities must update templates, workflows and staff training.
• Government Cyber Action Plan
  
  • Published: 6 January 2026
  • A Governmentwide cybersecurity programme establishing new minimum standards, a central Government Cyber Unit, coordinated incidentresponse requirements and enhanced supplychain controls. Publicsector bodies and suppliers must prepare for mandatory baseline expectations.
• Government Cyber Security Policy Handbook
  
  • Published: January 2026
  • Sets out binding expectations for cybersecurity controls across government, including securebydesign development, incident response, supplychain assurance, governance requirements and technical baselines.

Significant amendments

These legal texts amend existing legislation and regulatory frameworks.

• Procurement Act 2023 (Threshold Amounts) (Amendment) Regulations 2025
  
  • Effective: 1 January 2026
  • Updates procurement financial thresholds, valuation rules and transparency expectations. Contracting authorities must adjust templates, threshold checks and procurement planning.
• Climate Change Agreements (Administration and Eligible Facilities) (Amendment) Regulations 2025
  
  • Effective: 1 January 2026
  • Revises eligibility, introduces new target periods, strengthens reporting and increases buyout fees. Participants, sector associations and compliance teams must update systems and performance plans.
• Vehicle Emissions Trading Schemes (Amendment) (No. 2) Order 2025
  
  • Effective: 1 January 2026
  • Updates VETS rules including credit banking/borrowing limits, reporting requirements, verification powers and ZEVcredit methodologies. Manufacturers must update compliance models and evidence records.
• Producer Responsibility Obligations (Packaging and Packaging Waste) (Amendment) Regulations 2025
  
  • Effective: 1 January 2026
  • Refines UK EPR packaging rules, including thresholds, modulated fees, dataquality requirements and strengthened enforcement. Producers, compliance schemes and supply chains must update reporting systems and packaging design considerations.
• Regulation (EU) 2025/2650 – duediligence and supplychain requirements
  
  • Effective: 1 January 2026 (EU)
  • Strengthens EUlevel duediligence, traceability, recordkeeping and enforcement for deforestationlinked products. UK exporters placing goods on the EU market must comply.
• Data (Use and Access) Act 2025 (Commencement No. 5) Regulations 2026
  
  • Effective: 14 January 2026
  • Activates publicsector dataaccess gateways, accredited dataaccessbody rules, strengthened safeguards and new oversight powers.
• NIS Regulations 2018 – Ofgem updated guidance
  
  • Applicable from: January 2026
  • Clarifies NIS obligations for Operators of Essential Services in the energy sector. Updates expectations for TOMs, incident reporting, governance and supplychain risk management.
• Building Safety Regulator (Establishment of New Body and Transfer of Functions etc.) Regulations 2026
  
  • Effective: 22 January 2026
  • Establishes the new Building Safety Regulator and transfers buildingcontrol and higherriskbuilding functions, with new powers for oversight and enforcement.

Next Steps

• Review internal policies and compliance registers in light of these changes.
• Monitor for further guidance, especially on phased implementations and secondary legislation.
• For support, contact AvISO’s legal register team.