Year 2 risk assessment submissions under the UK Online Safety Act (OSA) are due this summer.
Following its review of Year 1 submissions, Ofcom now has a clearer view of how platforms are conducting risk assessments and where approaches lack consistency in structure, documentation, and explanation. If you’re preparing a Year 2 submission, the issue isn’t whether work is happening. It’s how clearly that work is structured, documented, and explained.
If you missed the first session in our three-part Regulatory Readiness webinar series for online services, you can now catch the replay to hear the regulator’s perspective. Hosted by Resolver’s Head of Trust & Safety, George Vlasto, the session offered regulatory insights from Ofcom Senior Associate, Nicole Nolan, Illuminate Tech co-founder (and former Ofcom regulator) George Billinge, and Resolver’s Regulatory Strategy expert, Natalia Greene.
Watch the replay to understand what general counsel, legal and compliance teams need to know about:
- What Ofcom observed across Year 1 submissions and how expectations are evolving for Year 2
- Where approaches differ in structure, documentation, and explanation — and what that means in practice
- What a clear, structured risk assessment looks like, including how to communicate risks, controls, and mitigations
- How OSA requirements align with broader regulatory frameworks, including DSA and other jurisdictions
You’ll leave with a clearer view of what Ofcom expects in Year 2, where your current approach may need strengthening, and how to structure and explain your risk assessment.
Watch the on-demand session above to hear directly from Ofcom on what Year 2 submissions need to demonstrate.
