
Insights
Analysis of telecoms, data, payments and technology regulation and transactions
Clear, practical commentary on legal and regulatory developments affecting telecoms operators, digital infrastructure providers, technology companies, financial institutions, fintechs and investors.
Our blogging history
We have been publishing insights since 2010, when Rob first built the website on WordPress. From the outset, the aim was the same: careful research, precise language and analysis that explains not just the legal issue, but its practical and commercial effect.
That remains our approach today. Artificial intelligence now helps with parts of the research and drafting process, and it has supported the development of this website. But technology does not replace judgement, experience or specialist expertise. Our insights are shaped by real advisory work across regulation, compliance and transactions.
Through this Insights section, Bratby Law aims to provide clear analysis that helps organisations make informed decisions in complex and fast-moving areas of law and regulation. For advice on a specific issue, regulatory strategy or a transaction, please get in touch.
Recent articles
-
OFSI sanctions enforcement in 2026: three penalties and one settlement scheme
In short: OFSI sanctions enforcement now carries real cost for the banks and payment intermediaries that process a transaction, not just the customers that instruct it. Between 19 March and 26 May 2026, OFSI fined Apple Distribution International £390,000, Deutsche Bank AG London Branch £165,000 and Sabre Global Technologies £1,000,920.59 for Russia sanctions breaches, all…
-
CMA Fast-Track Phase 2 Reference: What nexfibre/Netomnia Signals for Deal Timetables
In short: nexfibre and Substantial Group used a CMA fast-track Phase 2 reference to skip a standalone Phase 1 decision on their £2 billion fibre merger entirely. The CMA accepted the request under section 34ZD of the Enterprise Act 2002 on 1 July 2026, and section 33(1A) then made referral mandatory. The statutory deadline is…
-
CMA steering conduct requirements: the price of access to Apple and Google’s mobile platforms
In short: CMA steering conduct requirements, proposed on 30 June 2026, would stop Apple banning, and Google restricting, the way UK app developers point their own customers to cheaper off-platform payment. A separate call for evidence asks how third parties should reach the iPhone’s contactless chip. Both close in late July 2026. By Rob Bratby,…
-
The open banking competition regime after the smart data SI
In short: The open banking competition regime is changing basis. Open banking began as a CMA competition remedy under the Retail Banking Market Investigation Order 2017. The smart data statutory instrument under Part 1 of the Data (Use and Access) Act 2025 is expected in Q4 2026 and would move it onto an FCA-supervised statutory…
-
Next-generation retail payments infrastructure: the account-to-account question
In short: The next-generation retail payments infrastructure is the new core clearing and messaging layer the UK plans to build to replace the systems behind Faster Payments and Bacs. The Retail Payments Infrastructure Board’s consultation, open from 25 June to 11 September 2026, asks how it should be designed, including to support account-to-account payments at…
-
UK | Digital Regulation | EU | Transactions
DMA cloud gatekeeper designation: the EU acts as the UK holds back
In short: On 25 June 2026 the European Commission told Amazon and Microsoft that it provisionally regards AWS and Azure as gatekeepers under the Digital Markets Act. That preliminary view is the first move towards DMA cloud gatekeeper designation of a cloud service. The UK looked at the same two firms and chose a lighter…
-
DRCF generative AI: the regulators’ AI assurance playbook is your benchmark
In short: DRCF generative AI insights, published on 24 June 2026, show how the ICO, FCA, CMA and Ofcom govern their own use of generative AI: hallucination and bias controls, retrieval grounding, human review and evaluation frameworks. The same controls are the benchmark these regulators will expect of the firms they oversee when those firms…
-
Microsoft SMS investigation: the CMA turns to business software
In short: The Microsoft SMS investigation is the CMA’s inquiry into whether Microsoft has strategic market status in business software. Launched on 14 May 2026 under the Digital Markets, Competition and Consumers Act 2024, it covers Office, Windows, Windows Server, SQL Server and security software. The invitation to comment closed on 4 June 2026 and…
-
AI cyber risk is now a board responsibility: the Five Eyes statement and UK GDPR
In short: AI cyber risk is now a board responsibility, not an IT matter. The Five Eyes cyber security agencies, in a joint statement of 22 June 2026, told leaders to assess risk, fix foundational controls and prepare for incidents. For personal data, UK GDPR Article 32 and the accountability principle already make those expectations…
-
UK wholesale market tokenisation: from pilots to production
In short: UK wholesale market tokenisation is moving from pilots to production. On 18 May 2026 the FCA and the Bank of England published a joint Call for Input, building on the live Digital Securities Sandbox and the finalised fund tokenisation rules in PS26/7. Firms can already issue, trade and settle tokenised securities in a…
-
FCA areas of research interest: what the regulator wants to learn and where it might lead
In short: The FCA areas of research interest, published on 10 June 2026, set out the priority questions the regulator wants researchers to help answer across growth, wholesale markets, consumers and regulation. They are not rules or a consultation. They show where the FCA’s evidence base is thin, and where its thinking may move next….
-
Google search conduct requirements: the CMA’s SMS regime in action
In short: Google search conduct requirements are the CMA’s first behavioural rules on Google’s search business. On 17 June 2026 the CMA imposed Fair Ranking and Data Portability requirements under the Digital Markets, Competition and Consumers Act 2024 strategic market status regime. Google has six and three months respectively to comply. By Rob Bratby, Managing…
Telecoms, data protection and payments regulation lawyers
Bratby Law advises on telecoms regulation, data protection, payments regulation and transactions across the communications, financial services and technology sectors.
How we work
Bratby Law works with clients in three ways: as direct legal advisors on specific matters, as specialist co-counsel supporting other legal teams, and as fractional general counsel on a longer-term retained basis. Each model delivers partner-level input without delegation.
Why Choose Bratby Law?
Sector expertise
Bratby Law advises exclusively on telecoms regulation, data protection, and payments regulation. That concentration means deeper knowledge of the regulatory environment, faster analysis, and advice that reflects how regulators actually behave: not how the textbook says they should.
Senior delivery
Every instruction is handled by Rob Bratby personally. With 30 years’ experience spanning Oftel, senior in-house roles at network operators, and partnership at international law firms, you receive the analysis directly: not through a junior team. The firm uses AI tools to extend research capacity and accelerate document review, so senior judgment is applied to more of your matter, not less.
Current appointments
Rob Bratby currently holds fractional General Counsel appointments at TOTSCo, TelXL, Core and the UK Payments Initiative. These ongoing roles keep his advice grounded in how regulated businesses run day to day.
Ready to discuss your matter?
Prefer an RSS reader? Subscribe via RSS.
