Activity Tracker
The DPA Activity Tracker provides our latest information on developments in legislatures, judiciaries and the executive branches of G20, EU member states and Switzerland.
11 events advancing 10 policy or regulatory changes:
Graph
Table
Data Protection Commission investigation into Remita Payment Services and Sterling Bank over alleged data breach
Nigeria Data Protection Commission opened an investigation into Remita Payment Services, Sterling Bank, and other entities over alleged data breach
On 1 April 2026, the Data Protection Commission (NDPC) opened an investigation into an alleged data breach involving Remita Payment Services, Sterling Bank, and other entities. The investigation covers the types of personal data involved, the nature…
Consumer Financial Protection Bureau Personal Financial Data Rights Rule
Implemented obligations for depository institutions with at least USD 250 billion in total assets outlined in Rule on Personal Financial Data Rights
On 1 April 2026, the final rule on personal financial data rights came into force for depository institutions with at least USD 250 billion in total assets and non-depository institutions with at least USD 10 billion in revenue. The rule mandates fi…
Guidance on material third party arrangements (FG26/4)
Financial Conduct Authority adopted guidance on material third party arrangements (FG26/4)
On 18 March 2026, the Financial Conduct Authority (FCA) adopted the guidance on material third-party arrangements (FG26/4). It applies to designated investment firms, authorised electronic money institutions or authorised payment institutions, and o…
Authorisation requirements in Virtual Asset Service Providers Regulations, 2026
National Treasury opened consultation on Virtual Asset Service Providers Regulations including authorisation requirements
On 17 March 2026, the Cabinet Secretary for the National Treasury opened a consultation on the draft Virtual Asset Service Providers Regulations until 10 April 2026. The Regulations implement Section 49 of the Virtual Asset Service Providers Act, 20…
Central Bank of Brazil Resolution No. 521 to include activities or operations of virtual asset service providers in the foreign exchange market and to provide for situations subject to regulation of Brazilian capital abroad and foreign capital in the country
Non-deferred provisions of Resolution No. 521 which bring virtual asset service providers within the foreign exchange framework entered into force
On 2 February 2026, several provisions of Central Bank of Brazil (BCB) Resolution No. 521 entered into force. These provisions implement the framework for bringing virtual asset service provision within the foreign exchange market, covering internat…
Central Bank of Brazil Resolution No. 520 regulating the formation and operation of companies providing virtual asset services
Central Bank of Brazil Resolution No. 520 regulating the formation and operation of companies providing virtual asset services enters into force with grace period
On 2 February 2026, Central Bank of Brazil (BCB) Resolution No. 520 regulating the formation and operation of companies providing virtual asset services enters into force. The Resolution sets out the obligations of authorised virtual-asset service p…
Authorisation criteria for payment institutions in regulation on authorisation, penalties and fraud-prevention measures in Pix payment scheme
Deadline for Pix participants that joined between 1 January 2023 and 30 June 2024 to request authorisation under Pix payment scheme regulation expires
On 31 December 2025, pursuant to Central Bank of Brazil (BCB) Resolution No. 506 adopted on 26 September 2025, payment institutions not authorised to operate by the BCB that joined the Pix payment scheme between 1 January 2023 and 30 June 2024 must …
Approval requirements for issuance of payment stablecoins by subsidiaries of insured depository institutions supervised by Federal Deposit Insurance Corporation
Federal Deposit Insurance Corporation opened consultation on approval requirements for issuance of payment stablecoins by subsidiaries of insured depository institutions
On 19 December 2025, the Federal Deposit Insurance Corporation (FDIC) opened a consultation on the approval requirements for the issuance of payment stablecoins by subsidiaries of insured depository institutions until 18 May 2026. The proposed rule …
Data protection measures in Directive on consumer credits
Entry into force with grace period of Consumer Credit Directive including data protection measures
On 19 November 2023, the Consumer Credit Directive, including data protection measures, entered into force, 20 days after its publication in the Official Journal of the European Union. The Directive outlines the data that covered entities, including…
Consumer protection regulation in Directive on consumer credits
Entry into force with grace period of Credit Directive including consumer protection regulations
On 19 November 2023, the Consumer Credit Directive, including consumer protection measures, entered into force, 20 days after its publication in the Official Journal of the European Union. The Directive aims to ensure that consumers can make an info…