Global Trustee and Fiduciary Services Bite-Sized Issue 12 2025

17 QUICK LINKS COSTS & CHARGES CRYPTOASSETS FINTECH FSB IOSCO OPERATIONAL RESILIENCE SAVINGS AND INVESTMENT UNION SUSTAINABLE FINANCE/ESG T+1 ASIA PACIFIC EUROPE NORTH AMERICA UNITED KINGDOM Global Trustee and Fiduciary Services Bite-Sized | Issue 12 | 2025 Innovation-friendly AI Rules The package introduces targeted amendments to the AI Act, aiming to ensure its efficient and innovation-friendly implementation: • SME and SMC Support: Simplifications previously granted to small and medium-sized enterprises (SMEs) will be extended to small mid-cap companies (SMCs), reducing technical documentation requirements and saving an estimated EUR 225 million annually. • Regulatory Sandboxes: Compliance measures will be broadened to allowmore innovators to utilise regulatory sandboxes, including an EU-level sandbox from 2028, and facilitate more real-world testing, especially in critical sectors like automotive. • AI Office Reinforcement: The AI Office’s powers will be reinforced, and oversight of AI systems built on general-purpose AI models will be centralised to reduce governance fragmentation. • Implementation Timeline: The application of high-risk AI rules is adjusted to a maximum of 16 months, contingent on the availability of necessary standards and support tools confirmed by the Commission. Simplifying Cybersecurity Reporting The omnibus introduces a single-entry point for companies to report all cybersecurity incidents, unifying obligations currently spread across multiple laws like the NIS2 Directive, GDPR, and DORA. This new interface will be developed with robust security safeguards and undergo comprehensive testing. An Innovation-friendly Privacy Framework Targeted amendments to the GDPR aim to harmonise, clarify, and simplify certain rules. These changes are designed to boost innovation and compliance while maintaining the core principles of GDPR and a high level of personal data protection. Improving Access to Data The digital package aims to improve data access, recognised as a key driver for innovation: • Data Act Consolidation: EU data rules are consolidated through the Data Act, merging four pieces of legislation to enhance legal clarity. • Cloud-switching Exemptions: Targeted exemptions to the Data Act’s cloud-switching rules for SMEs and SMCs are introduced, resulting in estimated one-off savings of EUR 1.5 billion. • NewGuidance: Model contractual terms for data access and use, along with standard contractual clauses for cloud computing contracts, will provide new guidance on Data Act compliance. • Boosting AI Datasets: Access to high-quality and fresh datasets for AI will be unlocked, strengthening the innovation potential of EU businesses. Data Union Strategy The new Data Union Strategy introduces measures to unlock more high-quality data for AI, including expanding access through data labs. It establishes a Data Act Legal Helpdesk and strengthens Europe’s data sovereignty through a strategic approach to international data policy, incorporating anti-leakage tools, measures to protect sensitive non-personal data, and guidelines for fair treatment of EU data abroad. European Business Wallet This proposal introduces a unified digital tool for European companies and public sector bodies. It will enable digitalisation of operations and interactions, facilitating digital signing, timestamping, sealing, and secure exchange of verified documents, and secure communication across EUMember States. The European Business Wallets are expected to simplify cross-border business activities, reduce administrative processes, and save up to EUR 150 billion for businesses annually, assuming broad uptake.