The United Kingdom's legislative agenda, as presented in the King's Speech on May 13, 2026, signals a significant push towards modernizing digital and cyber regulations, with a notable absence of a standalone Artificial Intelligence (AI) bill. This move indicates a continued preference for regulating AI through existing sector-specific frameworks rather than a singular, overarching piece of legislation. The government's approach, which has been maintained by the current Labour administration, emphasizes that most AI systems should be regulated at the point of use, with existing expert regulators best positioned to oversee them.
Key Legislative Pillars for Digital Governance
The proposed legislative package includes several key bills designed to address the evolving digital landscape. A Cyber Security and Resilience Bill aims to expand the UK's cyber framework, bringing more managed IT providers and data centres under stricter oversight and introducing more rigorous incident reporting expectations. This aligns with the government's stated intention to bolster national security in the digital sphere and brings the UK closer to updated EU standards, such as NIS 2, with a particular focus on supply chain security.
Furthermore, a Regulating for Growth Bill is intended to frame the UK's approach to AI oversight. While not a dedicated AI bill, it signifies the government's intent to establish a framework for AI governance. Business groups have indicated that the success of this legislation will depend on its ability to support AI adoption alongside regulation. The government has previously committed to ensuring the safe development and use of AI, including introducing binding regulations for companies developing the most powerful AI models and banning the creation of sexually explicit deepfakes.
Another significant component is the Financial Services Bill, which will incorporate reforms to the Senior Managers and Certification Regime. This aims to reduce administrative burdens while maintaining individual accountability within the financial sector, a move that could impact how AI is deployed in financial services. The government also plans to advance a national digital ID scheme, intended to modernize public services and streamline identity verification processes, likely to integrate with existing digital verification frameworks.
The AI Governance Landscape: A Sector-by-Sector Approach
The absence of a specific AI bill has drawn attention, particularly given previous commitments by the Labour government to introduce such legislation. Instead, the UK's strategy, as outlined in a March 2023 white paper and continued by the current government, leans towards a 'pro-innovation' approach that regulates AI within its application context. This means that AI used in financial services, for instance, will be subject to the regulations overseen by the Financial Conduct Authority (FCA) and the Bank of England, who have begun treating advanced AI deployment as a systemic risk issue.
TechUK has also been involved in discussions around digital ethics, with events focusing on operationalizing AI ethics and addressing blockers to its implementation. The government, through initiatives like the AI Hardware Plan and participation in international networks of AI Security Institutes, is also focusing on setting global standards for AI deployment and safety testing. The UK chairs this international network, which includes countries like Australia, Canada, the EU, France, Japan, Kenya, South Korea, Singapore, and the US, aiming to rigorously measure and evaluate AI models.
Challenges and Future Considerations
While the legislative agenda aims to foster innovation and security, concerns remain about the pace of regulation keeping up with technological advancements. Experts have highlighted that online harms and AI risks are evolving rapidly, with AI chatbots currently falling outside many of the safety duties expected of social media platforms. There is a call for strengthening risk assessment and mitigation duties for AI chatbot developers, embedding 'safe-by-design' principles, and ensuring transparency and independent oversight of high-risk AI systems.
Regulators like the Information Commissioner's Office (ICO) and Ofcom have already begun clarifying age assurance obligations under the Online Safety Act, extending scrutiny to AI chatbots used by children. The government's approach to AI governance is thus a complex tapestry of existing regulations, new sector-specific bills, and international cooperation, all while navigating the rapid advancements in AI technology. The coming parliamentary session will be crucial in determining how effectively this diffuse regulatory ecosystem balances innovation with public safety and ethical considerations.