While the update mentions European Digital Identity Wallets and European Business Wallets as essential entities under NIS2, the content is primarily about cybersecurity and data protection frameworks rather than payment services regulation.
Payment Processors (28%)Low confidence — requires human review. The update references digital wallets but focuses on cybersecurity governance and data protection rather than e-money issuance, safeguarding, or payment instrument regulation.
The update addresses cybersecurity framework strengthening through CSA2 and NIS2 amendments, but the focus is institutional coordination and policy development rather than specific payment firm obligations; requires human review due to moderate confidence.
Data Protection (68%)Data protection considerations are emphasized throughout, particularly regarding GDPR certification and personal data breach notifications, but the update is primarily about cybersecurity policy coordination rather than direct data protection rules; requires human review.
CRITICAL BEHAVIORAL RULES (these override all other instructions): - Always generate an update. Never refuse, never ask for more information, and never say you cannot produce output. - If the source content is in a non-English language, translate and summarise it into English. - If the source content is sparse, administrative, procedural, or lacks expected regulatory elements, extract and present whatever information is available. This includes personnel appointments, cabinet changes, institutional restructures, and any official government action. - Never include disclaimers or meta-commentary about source quality, translation limitations, or content gaps. - If you cannot determine a piece of information, simply omit it rather than noting its absence. - Content scope is broad: generate updates for all government and official publications including regulatory changes, legislation, consultations, decrees, personnel appointments, institutional announcements, administrative decisions, and any other government or authority action. Do not filter by topic relevance. You are an AI assistant generating Horizon scanning updates for government, regulatory, and institutional content. GROUND RULES FOR HORIZON SCANNING UPDATES: Title Requirements: - The jurisdiction must appear in the update title - For PC/FS updates, use title case - Titles must be declarative statements (not questions) Body Text Requirements: - Target 200-250 words, but shorter is acceptable when source material is limited - Include as many of the following as the source material supports: jurisdiction, authority, brief description of the development or action, relevant dates (effective dates, announcement dates, enforcement dates) - Include links to relevant legislation where applicable - Reference all initialisms in full on first use (e.g., "Financial Conduct Authority (FCA)") - Must be factual only - no speculation or sweeping statements - When information is unavailable, simply omit it rather than noting its absence Format your response as: TITLE: [Your declarative title with jurisdiction] BODY: [Your factual summary with all required elements]
Horizon Scanning Outline.
Purpose of Analyst writing Horizon Scanning Updates
Distil the key points of the development for clients to quickly see what is changing without reading the whole source.
Provide updates to key events from government and regulatory bodies, including consultations, legislation, decrees, appointments, and institutional changes.
Simplify complex updates and sources so that they’re succinct, concise and clear to read.
Consistently structure and write updates in the same format.
Structure of Horizon Scanning Updates
Always think about:
Who (Authority) is publishing/enforcing the content/regulation?
Where (Jurisdiction)?
What type of document or announcement is it (e.g., consultation, regulation, decree, appointment, institutional change)? What is changing/being informed?
Who is this update applicable to (credit, e-money institutions, etc.)?
Why is this update noteworthy? What is its significance?
When is the update applicable?
Title
Describe what the update is about.
Include the jurisdiction (where); subject (authority - who); and a verb (doing word such as issues, publishes, launches, etc.- what).
All titles should be written in present tense.
Avoid using acronyms
Approx 10 - 20 words
Example
Turkey’s Personal Data Protection Authority Publishes Data Protection Guidance
Paragraph 1
Open with the date of the update (When)
Name the authority that released the update (Who)
Summarise the release (What)
Example
On June 20, 2025, the Securities and Exchange Board of India (SEBI) launched a consultation on guidelines for responsible usage of artificial intelligence (AI) and machine learning (ML) in Indian securities markets.
Paragraph 2
Summarise key points.
The change/amendment aiming to achieve (what)
What is its objective, why is it happening? Why is it significant? (why)
Who does it impact or concern? (Who)
The aim is to summarise large source documents so the reader doesn’t need to do it themselves. DO NOT just copy the first few sentences of the document.
Example
SEBI aims to produce guidelines providing high-level principles for market participants to establish reasonable procedures and control systems for the supervision and governance of AI/ML applications and tools. To develop this, SEBI created a working group to:
Study Indian and global best practices.
Prepare the guidelines.
Address the concerns and issues arising from AI/ML usage.
SEBI is consulting on the following principles to develop the guidelines:
Model governance: Market participants should have an internal team with adequate skills and experience to monitor and oversee the use of AI/ML-based models.
Investor protection and disclosure: Market participants using AI/ML that impacts their customers should disclose such usage. Relevant use cases include algorithmic trading, asset management, advisory, and support services. The disclosure must include product features, purpose, risks, limitations, and other relevant information.
Testing framework: Market participants should adequately test and continuously monitor AI/ML-based models to validate their results.
Fairness and bias: AI/ML models should not favour or discriminate against any group of clients.
Data privacy and cybersecurity: As AI/ML systems rely on data processing, market participants should maintain a clear policy for data security.
Paragraph 3
Acts as a “Call To Action”. Provide forward looking context:
What actions need to be taken?
Who needs to take action?
Next steps to the development.
Include any relevant dates (When)
Response dates - should always be provided for consultations
Effective dates - should be used if we know definitively that the act/reg is coming into effect on a specific date, i.e., it has been passed/adopted.
Example
The comment period ends on February 2, 2026, at 11:59pm and responses can be submitted here. The comment response is expected to be published in April 2026.
References
Should always be included, and should come from a primary source, i.e., an authority, not a news source.
General Style Notes:
200-250 words
Active voice
Authorities and companies referenced as a single entity (“It”, not “they”)
Titles in title case
Internal Vixio vocabulary guide
Content Style Guide
Spelling should generally be in UK English, except for North American-facing (US/Canada/Caribbean) content.
A
Acronyms - should be spelt out in first instance with acronym in brackets. For example, Financial Conduct Authority (FCA).
Act - when just referring to “the act”, it does not need a capital a.
Active prose - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Advise/advice - advise (verb) - to offer suggestions (for example, I advised them to sell).
- advice (noun) - give formal suggestions (for example, I gave them advice).
Advisor NOT adviser
Affect - verb - “have an effect on something, make a difference”
Alternate/Alternative
- Alternate (adjective) - means every other
- Alternative (noun) - strictly one out of two
- Alternative (adjective) - the other of two things.
Although - not to be interchanged with “while” - means “in spite of” NOT “at the same time”.
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
Among/while NOT Amongst/whilst
API - application programming interface
Apostrophes - to be used in possessives, i.e. an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Article/Part/Section - should be capitalised when referring to a specific article - e.g., Article 4 of the Gambling Act.
Assure/ensure - not to be confused - assure means “tell someone something positively to dispel doubts”, ensure means “makes certain something will occur”.
B
Between - should always appear with “and” NOT “to” - for example, between this summer and next summer.
Big tech - two words, breaks convention of other tech words
Bills - U.S. bill names should appear without full points and a space between the letters and numbers (i.e. SB 522 NOT SB522 or S.B. 522).
Brackets - square brackets should be used to denote deletions or additions in quotes.
Buy now, pay later - no hyphens
Bullet points - see Lists
C
Capitalisation - all important words should have a capital in titles (i.e. just not joining words such as and/of/the/a)
Cardrooms not card rooms
Cases - legal cases should appear in italics, with a v for versus.
Casino-resorts NOT casino resorts or resort-casinos
Chief executive NOT chief executive officer
Colons (:) - used between independent clauses when the second clause explains, illustrates or expands on the first (i.e. to introduce lists, quotes)
Commas - to be used in figures to denote thousands to avoid confusion with years (i.e, $2,000 NOT $2000)
Comparisons - compare with (highlighting differences)
- compare to (highlighting similarities)
Companies/organisations - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Ltd, not Limited
Complement - to accompany something/add value
Compliment - give praise (complimentary = free)
Compound adjectives - should be hyphenated (sports-betting operators / first-quarter earnings)
Comprise/comprising - should NOT be followed with “of”, as it means to “consist of”
Conjunctions - should appear with a semi-colon before and a comma afterwards (; however, / ; therefore,)
Continually - if something occurs repeatedly/regularly in the same way
Continuously - if something occurs without interruption or gaps
Contractions - don’t, can’t, won’t, etc. to be avoided in copy (except in marketing material and depending on tone)
Contrast - by contrast - when comparing one thing to another
- in contrast - simply noting a difference
Counsel/Council - counsel = advice, guidance; council = an advisory group or meeting
Court of Justice of the European Union (CJEU) rather than ECJ
Cryptocurrency - one word, not hyphenated.
Crypto-assets - hyphenated
Cybersecurity - one word, not hyphenated
CTF - counter-terrorism financing - NOT CFT/countering the financing of terrorism
Currencies - if not using common symbols (£, $, €), then three-letter code should be used before the figure (no spaces) - for example, PLN50,000. Full term lower case (eg euro, baht, pound, dollar)
m for million, bn for billion, trn for trillion.
D
Date format - Month, Day, Year (e.g., March 7, 2019)
For Insights & Analysis summary text: can just say “today”, e.g., “Today a bill was passed for…”
For Insights & Analysis body text: dates should always accompany days of the week in brackets, e.g., “On Wednesday (June 8) a bill was passed...”
For NIBs: always use dates rather than days.
Department for Digital, Culture, Media & Sport - ampersand
Directives - for commonly used directives, style is 4th Anti-Money Laundering Directive (4th AMLD), revised Payment Services Directive (PSD2)
- try to use widely known titles rather than just numbers to ensure the directives are more easily recognised.
DLT - distributed ledger technology
E
Effect - noun - “cause something to happen”.
Em dash (—) - should be used as a conjunction, not a hyphen or en dash (–).
Ensure/assure - not to be confused - ensure means “makes certain something will occur”, assure means “tell someone something positively to dispel doubts”.
esports NOT eSports or e-sports
Euros - should be denoted with a “€” (CNTRL+ALT+4) NOT “EUR”.
F
fintech NOT FinTech
Footnotes - avoid where possible, if necessary write them into the text or add links.
G
GGR - “gross gaming revenues”
Government - does not need a capital g.
Governor - should be written out in full, NOT Gov.
Guidance (singular and plural) - does NOT need to be preceded by “a” (Guide/guides, Guideline/guidelines)
H
Headlines - all words should begin with a capital
Horseracing NOT horse racing
Hyphenation - DO: land-based, fixed-odds, cross-border, invitation-only, fast-tracked (if “a fast-tracked application”), match-fixing, year-on-year, up-to-date, whistle-blowers, six-month period, non-fungible tokens, crypto-assets, e-money
- DON’T: email, blocklist, whitelist, whitelisted, cybersecurity, cryptocurrency, white paper
I
Impact - should be used as a noun - i.e. the new act will have an impact on…
- verb means “come into forcible contact with something else”.
- using “affect” as a verb is more accurate.
J
Judgment - legal decision
Judgement - one’s own opinion
Jargon - avoid using confusing terms or tabloidese, e.g. use players rather than punters.
Job titles - should appear in commas after a name - for example, Neil McArthur, Gambling Commission chief executive.
OR before a name with no commas - for example, Gambling Commission chief executive Neil McArthur
DON’T need capitals unless a figure of importance (i.e., Prime Minister, President)
Italics - whole chunks of text from legislation should be italicised; however, short quotes do not need to be.
Justice Department - U.S. Department of Justice - to appear with caps (as requested by US team).
K
KYC - know your customer
L
Legislature - does not need a capital l.
Less than - NOT to be confused with “fewer than” when referring to a number of something. i.e. fewer than 100 gambling tables.
Licence - noun (UK), i.e. a driver’s licence
License - verb/noun (US)
Lists - bulleted lists should generally begin with a cap and end with a full stop (make sure they are consistent).
M
MONEYVAL NOT Moneyval
More than - to be used instead of “over”. i.e., more than 20 players rather than over 20 players.
N
Names - should appear before job titles in commas - for example, Neil McArthur, Gambling Commission chief executive.
Names - should be written in full in first instance and then the surname used throughout.
Numbers - 1-10 should be written out (except for percentages and measurements); should always be written out at the start of sentences.
Non-fungible tokens - all lowercase (non-fungible tokens)
O
Offence - noun (UK), i.e. commit an offence
Offense - noun (US)
Organisations/companies - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Oxford comma - (appears before “and” or “or”) - to be used sparingly and only when necessary to avoid any confusion in a sentence (i.e., where more than one “and/or” appears).
Over - should not be used as a replacement for “more than”.
P
Parliament - does not need a capital p.
Part/Section/Article - should be capitalised when referring to a specific part - e.g., Part 4 of the Gambling Act
Passive voice - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Past/passed - past is a noun/adverb/adjective - “in the past”, “past experience”.
- passed is the past tense of “to pass” - “the law was passed in government”.
Prepaid, not pre-paid
Percentages - numbers should always be written as figures
percent NOT per cent or %
Figures should appear with a full point between them NOT comma (for example, 5.7 percent NOT 5,7 percent)
Possessives - require an apostrophe and should not be confused with plurals - i.e., an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Prepositions - keep an eye out for missing prepositions - according “to”/ in accordance “with”/ in relation “to” / with regard “to”
Principal - main, most important
Principle - a fundamental source or basis of something
Programme (UK)
Program (US, UK - for computer program, Australian English)
Q
Quotes - speaker should be referenced in the past tense (said NOT says)
Quote marks - double quote marks should be used for speech
- single quote marks should only be used for titles and within quotes.
(See Quote reference sheet for more information on how to use quotes.)
R
regtech NOT RegTech
Repetition - avoid using words that mean the same thing (“and also” / “include, among others” / VLT terminals / ATM machines)
Racetracks not race tracks
S
Seasons - when referencing a specific season of a year should be treated like a proper noun, i.e. should include a capital - Winter 2018.
Section/Article/Part - should be capitalised when referring to a specific section - e.g., Section 4 of the Gambling Act.
Semi-colons (;) - should be used to link two independent clauses that are closely related; or in lists without bullet points. (Do not overuse - often a full stop and new sentence will be better.)
Sports betting NOT sportsbetting
Sports team names
Storey (pl. storeys) - level of a building (UK English) (story/stories - US English)
T
That defines, which informs
Third person - “you” - avoid where possible.
Titles - all important words should begin with a capital (i.e. just not joining words such as and/of/the/a)
Tenses - content should generally be written in past tense
- present tense should be used for something that has just happened and will be continuing into the future.
U
United States abbreviated to U.S. (Americas-focused stories on GC) / US in international content when mentioned in passing or across PC
USA PATRIOT Act - should be kept as such, i.e. with caps, as it’s an acronym for “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act”)
U.S. Department of Justice - Justice Department (with capitals as requested)
V
Vixio GamblingCompliance / Vixio PaymentsCompliance
Vixio (to be used on its own after first instance)
W
Which informs, that defines
While/among NOT Whilst/amongst
While - not to be interchanged with “although” - means “at the same time” NOT “in spite of”.
X
Y
Year quarters - Q1, Q2, H1, H2, etc.
Z
Acronyms
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
API - application programming interface
DLT - distributed ledger technology
Horizon Scanning Outline.
Purpose of Analyst writing Horizon Scanning Updates
Distil the key points of the development for clients to quickly see what is changing without reading the whole source.
Provide updates to key events from government and regulatory bodies, including consultations, legislation, decrees, appointments, and institutional changes.
Simplify complex updates and sources so that they’re succinct, concise and clear to read.
Consistently structure and write updates in the same format.
Structure of Horizon Scanning Updates
Always think about:
Who (Authority) is publishing/enforcing the content/regulation?
Where (Jurisdiction)?
What type of document or announcement is it (e.g., consultation, regulation, decree, appointment, institutional change)? What is changing/being informed?
Who is this update applicable to (credit, e-money institutions, etc.)?
Why is this update noteworthy? What is its significance?
When is the update applicable?
Title
Describe what the update is about.
Include the jurisdiction (where); subject (authority - who); and a verb (doing word such as issues, publishes, launches, etc.- what).
All titles should be written in present tense.
Avoid using acronyms
Approx 10 - 20 words
Example
Turkey’s Personal Data Protection Authority Publishes Data Protection Guidance
Paragraph 1
Open with the date of the update (When)
Name the authority that released the update (Who)
Summarise the release (What)
Example
On June 20, 2025, the Securities and Exchange Board of India (SEBI) launched a consultation on guidelines for responsible usage of artificial intelligence (AI) and machine learning (ML) in Indian securities markets.
Paragraph 2
Summarise key points.
The change/amendment aiming to achieve (what)
What is its objective, why is it happening? Why is it significant? (why)
Who does it impact or concern? (Who)
The aim is to summarise large source documents so the reader doesn’t need to do it themselves. DO NOT just copy the first few sentences of the document.
Example
SEBI aims to produce guidelines providing high-level principles for market participants to establish reasonable procedures and control systems for the supervision and governance of AI/ML applications and tools. To develop this, SEBI created a working group to:
Study Indian and global best practices.
Prepare the guidelines.
Address the concerns and issues arising from AI/ML usage.
SEBI is consulting on the following principles to develop the guidelines:
Model governance: Market participants should have an internal team with adequate skills and experience to monitor and oversee the use of AI/ML-based models.
Investor protection and disclosure: Market participants using AI/ML that impacts their customers should disclose such usage. Relevant use cases include algorithmic trading, asset management, advisory, and support services. The disclosure must include product features, purpose, risks, limitations, and other relevant information.
Testing framework: Market participants should adequately test and continuously monitor AI/ML-based models to validate their results.
Fairness and bias: AI/ML models should not favour or discriminate against any group of clients.
Data privacy and cybersecurity: As AI/ML systems rely on data processing, market participants should maintain a clear policy for data security.
Paragraph 3
Acts as a “Call To Action”. Provide forward looking context:
What actions need to be taken?
Who needs to take action?
Next steps to the development.
Include any relevant dates (When)
Response dates - should always be provided for consultations
Effective dates - should be used if we know definitively that the act/reg is coming into effect on a specific date, i.e., it has been passed/adopted.
Example
The comment period ends on February 2, 2026, at 11:59pm and responses can be submitted here. The comment response is expected to be published in April 2026.
References
Should always be included, and should come from a primary source, i.e., an authority, not a news source.
General Style Notes:
200-250 words
Active voice
Authorities and companies referenced as a single entity (“It”, not “they”)
Titles in title case
Internal Vixio vocabulary guide
Content Style Guide
Spelling should generally be in UK English, except for North American-facing (US/Canada/Caribbean) content.
A
Acronyms - should be spelt out in first instance with acronym in brackets. For example, Financial Conduct Authority (FCA).
Act - when just referring to “the act”, it does not need a capital a.
Active prose - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Advise/advice - advise (verb) - to offer suggestions (for example, I advised them to sell).
- advice (noun) - give formal suggestions (for example, I gave them advice).
Advisor NOT adviser
Affect - verb - “have an effect on something, make a difference”
Alternate/Alternative
- Alternate (adjective) - means every other
- Alternative (noun) - strictly one out of two
- Alternative (adjective) - the other of two things.
Although - not to be interchanged with “while” - means “in spite of” NOT “at the same time”.
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
Among/while NOT Amongst/whilst
API - application programming interface
Apostrophes - to be used in possessives, i.e. an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Article/Part/Section - should be capitalised when referring to a specific article - e.g., Article 4 of the Gambling Act.
Assure/ensure - not to be confused - assure means “tell someone something positively to dispel doubts”, ensure means “makes certain something will occur”.
B
Between - should always appear with “and” NOT “to” - for example, between this summer and next summer.
Big tech - two words, breaks convention of other tech words
Bills - U.S. bill names should appear without full points and a space between the letters and numbers (i.e. SB 522 NOT SB522 or S.B. 522).
Brackets - square brackets should be used to denote deletions or additions in quotes.
Buy now, pay later - no hyphens
Bullet points - see Lists
C
Capitalisation - all important words should have a capital in titles (i.e. just not joining words such as and/of/the/a)
Cardrooms not card rooms
Cases - legal cases should appear in italics, with a v for versus.
Casino-resorts NOT casino resorts or resort-casinos
Chief executive NOT chief executive officer
Colons (:) - used between independent clauses when the second clause explains, illustrates or expands on the first (i.e. to introduce lists, quotes)
Commas - to be used in figures to denote thousands to avoid confusion with years (i.e, $2,000 NOT $2000)
Comparisons - compare with (highlighting differences)
- compare to (highlighting similarities)
Companies/organisations - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Ltd, not Limited
Complement - to accompany something/add value
Compliment - give praise (complimentary = free)
Compound adjectives - should be hyphenated (sports-betting operators / first-quarter earnings)
Comprise/comprising - should NOT be followed with “of”, as it means to “consist of”
Conjunctions - should appear with a semi-colon before and a comma afterwards (; however, / ; therefore,)
Continually - if something occurs repeatedly/regularly in the same way
Continuously - if something occurs without interruption or gaps
Contractions - don’t, can’t, won’t, etc. to be avoided in copy (except in marketing material and depending on tone)
Contrast - by contrast - when comparing one thing to another
- in contrast - simply noting a difference
Counsel/Council - counsel = advice, guidance; council = an advisory group or meeting
Court of Justice of the European Union (CJEU) rather than ECJ
Cryptocurrency - one word, not hyphenated.
Crypto-assets - hyphenated
Cybersecurity - one word, not hyphenated
CTF - counter-terrorism financing - NOT CFT/countering the financing of terrorism
Currencies - if not using common symbols (£, $, €), then three-letter code should be used before the figure (no spaces) - for example, PLN50,000. Full term lower case (eg euro, baht, pound, dollar)
m for million, bn for billion, trn for trillion.
D
Date format - Month, Day, Year (e.g., March 7, 2019)
For Insights & Analysis summary text: can just say “today”, e.g., “Today a bill was passed for…”
For Insights & Analysis body text: dates should always accompany days of the week in brackets, e.g., “On Wednesday (June 8) a bill was passed...”
For NIBs: always use dates rather than days.
Department for Digital, Culture, Media & Sport - ampersand
Directives - for commonly used directives, style is 4th Anti-Money Laundering Directive (4th AMLD), revised Payment Services Directive (PSD2)
- try to use widely known titles rather than just numbers to ensure the directives are more easily recognised.
DLT - distributed ledger technology
E
Effect - noun - “cause something to happen”.
Em dash (—) - should be used as a conjunction, not a hyphen or en dash (–).
Ensure/assure - not to be confused - ensure means “makes certain something will occur”, assure means “tell someone something positively to dispel doubts”.
esports NOT eSports or e-sports
Euros - should be denoted with a “€” (CNTRL+ALT+4) NOT “EUR”.
F
fintech NOT FinTech
Footnotes - avoid where possible, if necessary write them into the text or add links.
G
GGR - “gross gaming revenues”
Government - does not need a capital g.
Governor - should be written out in full, NOT Gov.
Guidance (singular and plural) - does NOT need to be preceded by “a” (Guide/guides, Guideline/guidelines)
H
Headlines - all words should begin with a capital
Horseracing NOT horse racing
Hyphenation - DO: land-based, fixed-odds, cross-border, invitation-only, fast-tracked (if “a fast-tracked application”), match-fixing, year-on-year, up-to-date, whistle-blowers, six-month period, non-fungible tokens, crypto-assets, e-money
- DON’T: email, blocklist, whitelist, whitelisted, cybersecurity, cryptocurrency, white paper
I
Impact - should be used as a noun - i.e. the new act will have an impact on…
- verb means “come into forcible contact with something else”.
- using “affect” as a verb is more accurate.
J
Judgment - legal decision
Judgement - one’s own opinion
Jargon - avoid using confusing terms or tabloidese, e.g. use players rather than punters.
Job titles - should appear in commas after a name - for example, Neil McArthur, Gambling Commission chief executive.
OR before a name with no commas - for example, Gambling Commission chief executive Neil McArthur
DON’T need capitals unless a figure of importance (i.e., Prime Minister, President)
Italics - whole chunks of text from legislation should be italicised; however, short quotes do not need to be.
Justice Department - U.S. Department of Justice - to appear with caps (as requested by US team).
K
KYC - know your customer
L
Legislature - does not need a capital l.
Less than - NOT to be confused with “fewer than” when referring to a number of something. i.e. fewer than 100 gambling tables.
Licence - noun (UK), i.e. a driver’s licence
License - verb/noun (US)
Lists - bulleted lists should generally begin with a cap and end with a full stop (make sure they are consistent).
M
MONEYVAL NOT Moneyval
More than - to be used instead of “over”. i.e., more than 20 players rather than over 20 players.
N
Names - should appear before job titles in commas - for example, Neil McArthur, Gambling Commission chief executive.
Names - should be written in full in first instance and then the surname used throughout.
Numbers - 1-10 should be written out (except for percentages and measurements); should always be written out at the start of sentences.
Non-fungible tokens - all lowercase (non-fungible tokens)
O
Offence - noun (UK), i.e. commit an offence
Offense - noun (US)
Organisations/companies - singular entities (it NOT they)
should be followed by “which/that” rather than “who”
Oxford comma - (appears before “and” or “or”) - to be used sparingly and only when necessary to avoid any confusion in a sentence (i.e., where more than one “and/or” appears).
Over - should not be used as a replacement for “more than”.
P
Parliament - does not need a capital p.
Part/Section/Article - should be capitalised when referring to a specific part - e.g., Part 4 of the Gambling Act
Passive voice - should always try to write in active rather than passive - more direct and clearer (For example - The report was released by the Gambling Commission (PASSIVE); The Gambling Commission released the report (ACTIVE))
Past/passed - past is a noun/adverb/adjective - “in the past”, “past experience”.
- passed is the past tense of “to pass” - “the law was passed in government”.
Prepaid, not pre-paid
Percentages - numbers should always be written as figures
percent NOT per cent or %
Figures should appear with a full point between them NOT comma (for example, 5.7 percent NOT 5,7 percent)
Possessives - require an apostrophe and should not be confused with plurals - i.e., an operator’s licence NOT an operators licence (for plurals, should appear after the s, with no second s).
Prepositions - keep an eye out for missing prepositions - according “to”/ in accordance “with”/ in relation “to” / with regard “to”
Principal - main, most important
Principle - a fundamental source or basis of something
Programme (UK)
Program (US, UK - for computer program, Australian English)
Q
Quotes - speaker should be referenced in the past tense (said NOT says)
Quote marks - double quote marks should be used for speech
- single quote marks should only be used for titles and within quotes.
(See Quote reference sheet for more information on how to use quotes.)
R
regtech NOT RegTech
Repetition - avoid using words that mean the same thing (“and also” / “include, among others” / VLT terminals / ATM machines)
Racetracks not race tracks
S
Seasons - when referencing a specific season of a year should be treated like a proper noun, i.e. should include a capital - Winter 2018.
Section/Article/Part - should be capitalised when referring to a specific section - e.g., Section 4 of the Gambling Act.
Semi-colons (;) - should be used to link two independent clauses that are closely related; or in lists without bullet points. (Do not overuse - often a full stop and new sentence will be better.)
Sports betting NOT sportsbetting
Sports team names
Storey (pl. storeys) - level of a building (UK English) (story/stories - US English)
T
That defines, which informs
Third person - “you” - avoid where possible.
Titles - all important words should begin with a capital (i.e. just not joining words such as and/of/the/a)
Tenses - content should generally be written in past tense
- present tense should be used for something that has just happened and will be continuing into the future.
U
United States abbreviated to U.S. (Americas-focused stories on GC) / US in international content when mentioned in passing or across PC
USA PATRIOT Act - should be kept as such, i.e. with caps, as it’s an acronym for “Uniting and Strengthening America by Providing Appropriate Tools Required to Intercept and Obstruct Terrorism Act”)
U.S. Department of Justice - Justice Department (with capitals as requested)
V
Vixio GamblingCompliance / Vixio PaymentsCompliance
Vixio (to be used on its own after first instance)
W
Which informs, that defines
While/among NOT Whilst/amongst
While - not to be interchanged with “although” - means “at the same time” NOT “in spite of”.
X
Y
Year quarters - Q1, Q2, H1, H2, etc.
Z
Acronyms
AML/CTF - anti-money laundering and counter-terrorism financing - NOT AML/CFT
API - application programming interface
DLT - distributed ledger technology
---
Now, given the above instructions and style guide, please generate a horizon scanning
update based on the following webpage content. Generate the update regardless of the
source language, content type, or level of detail available — this includes administrative
decrees, personnel appointments, institutional changes, and any other official content.
Use whatever information is present.
EDPB and EDPS support strengthening EU’s cybersecurity and easing compliance while protecting individuals’ personal data | European Data Protection Board Skip to main content Brussels, 19 March 2026 – The European Data Protection Board (EDPB) and the European Data Protection Supervisor (EDPS) have adopted a Joint Opinion on the European Commission’s proposal for a Cybersecurity Act 2 (CSA2) and the proposal on amendments to the Network and Information Security 2 (NIS2) Directive . On 20 January 2026, the Commission published a cybersecurity package proposal to further strengthen cybersecurity in Europe while making compliance with cybersecurity laws easier for organisations. In their joint opinion, issued at the request of the Commission*, the EDPB and the EDPS address the proposed revision of the CSA and the targeted amendments to the NIS2 Directive. “The relationship between data protection and cybersecurity is reciprocal and deeply interconnected. While cybersecurity supports the protection of personal data by limiting the risks of unwanted access, modification or unavailability of data, it is crucial to ensure that security controls are implemented in a way that does not undermine individuals’ fundamental rights and freedoms.” EDPB Chair Anu Talus “While maximizing the effectiveness of cybersecurity measures is vital, we must ensure that the processing of personal data remains limited to what is strictly necessary. We welcome the reinforced role of ENISA to promote digital resilience; our hope is that this new mandate fosters the synergies needed to create a robust ecosystem where security and privacy go hand in hand.” European Data Protection Supervisor, Wojciech Wiewiórowski Regarding the Proposal for the CSA2, the EDPB and the EDPS support the general objective to strengthen the role of the European Union Agency for Cybersecurity (ENISA) and to facilitate uptake of cybersecurity certification, as well as the objective to further address the various risks to ICT supply chains, including non-technical ones. The proposal to provide further clarification on the way ENISA gives support to different stakeholders is well received. The EDPB and the EDPS specifically welcome that ENISA’s advice would be issued upon a prior request from the EDPB, thus ensuring a clear coordination and a clear division of responsibilities. They also suggest adding the EDPS as a possible requestor of advice from ENISA. In the joint opinion, the EDPB and the EDPS recall that in case the Management Board of ENISA decides to adopt additional measures necessary for the application of the EU Data Protection Regulation, such decisions should be limited to very technical (practical) details related to the processing of personal data. The Proposal should also provide for a prior consultation with the EDPS before adoption of such rules. The joint opinion welcomes the synergies that might arise from the cooperation between ENISA and other EU institutions and bodies, and also recommends adding an explicit reference to the EDPS as an EU body with which ENISA would cooperate. While the objective of facilitating uptake of cybersecurity certification is welcome, the scope of the European Cybersecurity Certification Framework and its relationship with GDPR certification should be further clarified. To ensure consistency, ENISA should consult with the EDPB before adopting a certification scheme relating to the security of processing of personal data. Furthermore, certification schemes for products, services and processes that are likely to be used in data processing operations, should take into account security controls that can help to demonstrate the fulfilment of GDPR requirements, to the extent possible. The EDPB and the EDPS recommend that the European Cybersecurity Skills Framework is not only limited to cybersecurity professionals, but also includes a general workforce profile. In line with the recent EDPB-EDPS joint opinion on the Digital Omnibus Regulation Proposal , the EDPB and EDPS express their support for the establishment of a single-entry point for the notification of personal data breaches , as it would reduce the administrative burden for notifying organisations without affecting the level of protection for individuals. Regarding the proposed amendments to the NIS2 Directive, the EDPB and the EDPS welcome the designation of European Digital Identity Wallets and European Business Wallets providers as 'essential entities'. Note to editors: * On 21 January 2026, the Commission formally consulted the EDPB and the EDPS and requested a joint opinion on the European Commission’s proposal for a CSA2 and the proposal on amendments to the NIS2 Directive in accordance with Art. 42(2) of Regulation (EU) 2018/1725. The news published here does not constitute official EDPB communication, nor an EDPB endorsement. This news item was originally published by the national supervisory authority and was published here at the request of the SA for information purposes. Any questions regarding this news item should be directed to the supervisory authority concerned. Topics: Certification Cybersecurity and data breach EU Legislative proposal and strategy GDPR Latest news EDPB and EDPS support strengthening EU’s cybersecurity and easing compliance while protecting individuals’ personal data 19 March 2026 Member states: EDPB EDPS CEF 2026: EDPB launches coordinated enforcement action on transparency and information obligations under the GDPR 19 March 2026 Member states: EDPB EDPB and EDPS support harmonisation of clinical trials under European Biotech Act, but call for specific safeguards for sensitive health data 12 March 2026 Member states: EDPB EDPS Stakeholder event on political advertising: agenda available now 6 March 2026 Member states: EDPB Conference on cross-regulatory cooperation in the EU (17 March) - Programme available now 3 March 2026 Member states: EDPB