Regulatory Environment

APAC is experiencing rapid regulatory change across a wide range of sectors and areas of law. Firms are seeing an uptick in regulatory work against a backdrop of rapid change and increased enforcement activity.

Data protection is a major area of development. In the last few years, new regulations have been introduced across most key markets, driven by factors including rapid technological change and the growth of artificial intelligence.

Merger control regimes are another area of regulatory tightening. In New Zealand, there is speculation that the country’s framework may follow Australia’s lead, where the Australian Competition and Consumer Commission (ACCC) is gaining strength and a tougher merger control regime begins in 2026. These developments reflect a broader shift toward more assertive regulatory oversight, calling for increased engagement from both in-house teams and external counsel.

ESG is also rising up the agenda, with increasing scrutiny from consumers over perceived greenwashing. Companies projecting environmental standards and values are coming under some public pressure to live up to them.

Watch: An In-House Counsel View of a Regulatory Environment

Kenji Tagaya, Executive Officer, Head of Legal & Secretariat Division, JERA

South Korea
There is plentiful evidence of high levels of data compliance work taking place across South Korea in the past year. Plans for increased regulation are in full swing following high-profile data breaches affecting financial and telecommunications networks including the country’s largest mobile carrier, SK Telecom.

India
Provisions of the landmark Digital Personal Data Protection Act began to take effect in November 2025. This comes against a wider backdrop of increasing focus on data security and a number of data breaches. Data privacy compliance is a field of legal practice in growing demand, particularly relating to employment matters, data localisation, cross-border data transfers and consent mechanisms.

Malaysia
Malaysia has not escaped the growth in cyber-incidents across the region. Here too, they have pushed data protection concerns to the forefront of the public and government agenda. The Personal Data Protection Act 2010 was amended in 2024 to introduce new stricter rules. Clients spoke to us of their need for legal support to update internal policies, conduct risk assessments and manage breach response protocols.

Singapore
The island nation has seen a rapid increase in family offices and other asset management companies over last five years. Singapore has traditionally been investor-friendly and light-touch in a bid to maintain its status as an international financial hub. However, corporate governance has tightened in last few years, particularly after a series of significant financial scandals involving commodity trading and cryptocurrency.

Watch: An In-House Counsel View of a Regulatory Environment

Rishi Gautam, Global GC,
Tata Consumables