Legal-Updates
Legal-Updates

Regulatory Update in Belgium: Q2 2026

Belgium';s regulatory landscape is shifting on several fronts simultaneously. Recent legislative activity touches corporate governance, employment law, tax compliance, and data protection - each area carrying direct consequences for businesses operating in or through Belgium. This guide covers the most material developments in belgium regulatory 2026, explains what has changed, and sets out the practical steps companies should take in response.

Corporate governance: updated transparency and reporting obligations

The Belgian Companies and Associations Code (Wetboek van vennootschappen en verenigingen, or WVV) has been the subject of further implementing measures that tighten disclosure requirements for private limited companies (BV/SRL) and public limited companies (NV/SA). The most significant change concerns the obligation to maintain and update the Ultimate Beneficial Owner (UBO) register administered by the Federal Public Service Finance.

Under the current framework, all Belgian entities must register their beneficial owners - defined as natural persons who ultimately own or control more than 25 percent of shares or voting rights - and update that information within one month of any change. Recent enforcement guidance has clarified that passive holding structures and nominee arrangements do not exempt an entity from this obligation. The competent authority, the Federal Public Service Finance, has signalled that it will intensify audits of UBO register accuracy, with administrative fines applicable to non-compliant entities.

A non-obvious requirement is that foreign-owned Belgian subsidiaries must register the beneficial owners of the ultimate parent, not merely the direct shareholder. Many foreign founders assume that registering the immediate corporate shareholder is sufficient. In practice, the register requires tracing ownership to the level of natural persons, and failure to do so is treated as a substantive breach rather than a technical omission.

Practical steps for companies include conducting an internal ownership mapping exercise, verifying that the UBO register entry reflects the current structure, and appointing a designated compliance officer responsible for monitoring changes. Where ownership structures are complex or involve multiple jurisdictions, professional legal review is advisable before the next filing window closes.

Employment law: new rules on remote work and pay transparency

Belgium has transposed the EU Pay Transparency Directive into national law, introducing obligations that will affect companies with more than 100 employees in the first phase and progressively extend to smaller employers. The transposing legislation amends the Act of 22 April 1999 on the status of employees and introduces a structured framework for gender pay gap reporting.

Under the new rules, covered employers must publish salary ranges in job advertisements, provide pay information to candidates on request, and submit periodic gender pay gap reports to the Federal Institute for the Equality of Women and Men. Where a gap of more than five percent is identified and cannot be justified by objective criteria, the employer must conduct a joint pay assessment in cooperation with employee representatives. Non-compliance carries administrative sanctions and, in serious cases, civil liability exposure.

On remote work, the Act of 26 March 2018 on strengthening economic growth and social cohesion has been supplemented by sector-level collective bargaining agreements (CAOs/CCTs) that now impose more detailed obligations on employers. These include the right to disconnect, mandatory provision of equipment or reimbursement of costs, and written remote work agreements that specify the employee';s habitual place of work for social security purposes.

A common mistake made by international employers is treating Belgian remote work arrangements as equivalent to those in their home jurisdiction. Belgium';s social security rules are particularly sensitive to the location where work is habitually performed, and an improperly documented arrangement can trigger unexpected social security contributions or create a permanent establishment risk. Employers should review existing remote work agreements against the current CAO requirements applicable to their sector.

In practice, founders and HR managers should consider updating employment contract templates, revising internal pay grading documentation, and scheduling a pay equity audit before the first mandatory reporting deadline. If you need assistance aligning your employment documentation with current Belgian requirements, contact info@vlolawfirm.com. We can assist with contract reviews, pay transparency assessments, and social security compliance filings.

Tax compliance: VAT and transfer pricing developments

Belgium';s tax authority, the Federal Public Service Finance (FOD Financiën / SPF Finances), has issued updated administrative guidance on two areas of particular relevance to international groups: VAT treatment of digital services and intra-group transfer pricing documentation.

On VAT, the guidance clarifies the application of the One Stop Shop (OSS) mechanism for Belgian-established businesses supplying digital services to consumers in other EU member states. The key point is that Belgian VAT registration does not automatically cover supplies made to non-Belgian EU consumers once the annual threshold is exceeded; businesses must either register for OSS or account for VAT in each member state of consumption. The guidance also addresses the VAT treatment of platform economy operators, confirming that Belgian platforms facilitating certain supplies are deemed suppliers for VAT purposes and bear the obligation to collect and remit VAT.

On transfer pricing, Belgium';s domestic rules - codified in Article 185 of the Income Tax Code (WIB92/CIR92) - require that transactions between related parties reflect arm';s length pricing. Recent guidance from the tax authority has reinforced the importance of contemporaneous documentation, meaning that transfer pricing files should be prepared at the time transactions are entered into, not retrospectively. The Country-by-Country Reporting (CbCR) obligation, applicable to groups with consolidated revenues above a specified threshold, has also been subject to updated filing instructions that require more granular disclosure of Belgian operations.

Many groups underestimate the Belgian tax authority';s capacity to challenge transfer pricing positions on audit. Belgium has a dedicated transfer pricing unit within FOD Financiën, and audit activity in this area has increased. A practical risk is that intercompany service agreements drafted under the laws of another jurisdiction may not satisfy Belgian documentation standards. Groups should review their master file and local file against the current OECD guidelines as applied in Belgium and ensure that Belgian entities have adequate substance to support the pricing of intra-group transactions.

Hidden costs in this area include the fees for preparing or updating transfer pricing documentation, the cost of advance pricing agreements (APAs) if certainty is required, and potential interest and penalties if positions are successfully challenged on audit. Proactive documentation is consistently less expensive than defending an undocumented position.

Data protection: GDPR enforcement and new sectoral guidance

The Belgian Data Protection Authority (Gegevensbeschermingsautoriteit / Autorité de protection des données, GBA/APD) has remained one of the more active supervisory authorities in the EU. Recent enforcement decisions and new sectoral guidance have practical implications for businesses across multiple industries.

The GBA/APD has issued updated guidance on the use of cookies and tracking technologies, reflecting the Court of Justice of the EU';s recent case law on consent requirements. The guidance confirms that pre-ticked boxes, bundled consent, and consent obtained as a condition of service access do not constitute valid consent under the GDPR. Businesses operating Belgian websites or apps must audit their consent management platforms and ensure that consent is freely given, specific, informed, and unambiguous. Enforcement in this area has resulted in fines calculated as a percentage of global annual turnover, making compliance a financial priority rather than a theoretical concern.

In the financial services sector, the GBA/APD has published sector-specific guidance on the processing of personal data for anti-money laundering (AML) purposes. This guidance addresses the tension between AML obligations under the Act of 18 September 2017 on the prevention of money laundering and terrorist financing and the data minimisation principle under the GDPR. The practical takeaway is that financial institutions and designated non-financial businesses and professions (DNFBPs) must document their legal basis for processing AML-related data with greater precision and implement retention schedules that reflect both the minimum retention periods required by AML law and the maximum periods permitted under GDPR.

A scenario worth considering: a Belgian fintech company that processes transaction data for fraud detection purposes may rely on legitimate interests as its legal basis. However, the GBA/APD';s guidance requires that the legitimate interests assessment be documented in writing, reviewed periodically, and made available to data subjects on request. Companies that have not updated their records of processing activities (RoPAs) to reflect current guidance face a meaningful enforcement risk.

For non-EU companies with Belgian operations or customers, the obligation to appoint an EU representative under Article 27 GDPR applies where the company is not established in the EU but processes data of Belgian residents. This is a frequently overlooked requirement that can attract supervisory attention when a complaint is filed.

Financial services and AML: updated compliance expectations

Belgium';s financial regulatory framework is supervised by two principal authorities: the National Bank of Belgium (NBB/BNB), which oversees prudential matters, and the Financial Services and Markets Authority (FSMA/AUTORITÉ DES SERVICES ET MARCHÉS FINANCIERS), which supervises conduct of business, market integrity, and consumer protection. Both authorities have issued updated supervisory expectations in recent months.

The NBB has published revised guidance on internal governance requirements for credit institutions and investment firms, drawing on the EBA Guidelines on internal governance. The guidance emphasises the need for clear segregation of duties, documented escalation procedures, and board-level engagement with risk appetite frameworks. For smaller institutions, the proportionality principle applies, but the NBB has made clear that proportionality does not mean absence of governance - it means governance calibrated to the institution';s size and complexity.

On AML, Belgium';s Financial Intelligence Processing Unit (Cel voor Financiële Informatieverwerking / Cellule de traitement des informations financières, CFI/CTIF) has updated its typology reports, identifying new patterns of suspicious activity in the real estate sector and in crypto-asset transactions. Obliged entities under the Act of 18 September 2017 - which includes banks, payment institutions, real estate agents, notaries, accountants, and lawyers in certain circumstances - must ensure that their risk assessments and transaction monitoring systems are calibrated to detect the patterns identified in the updated typologies.

A practical scenario: a real estate developer selling Belgian property to non-resident buyers must conduct enhanced due diligence where the buyer is from a high-risk jurisdiction as defined by the FATF or the European Commission. The enhanced due diligence obligation is not discretionary; it is a statutory requirement, and failure to apply it is a reportable breach. Many smaller developers and agents underestimate the documentation burden associated with enhanced due diligence and the consequences of inadequate record-keeping.

For businesses in the financial services sector navigating these overlapping regulatory requirements, professional guidance is essential. Contact info@vlolawfirm.com to discuss your compliance framework. We can help structure the setup correctly the first time and assist with regulatory mapping, policy drafting, and engagement with the NBB or FSMA.

FAQ

What are the main risks of non-compliance with the Belgian UBO register?

The UBO register is maintained by the Federal Public Service Finance and is a public-facing tool for transparency. Non-compliance - whether through failure to register, failure to update, or inaccurate information - exposes the entity and its directors to administrative fines. In more serious cases, the competent authority can impose additional sanctions and flag the entity for enhanced scrutiny in other regulatory contexts, including AML checks. Foreign-owned entities are particularly at risk because their ownership chains are often more complex and less familiar to local administrators. A proactive review of the register entry, conducted at least annually and after any ownership change, is the most effective mitigation.

How quickly must Belgian employers implement the pay transparency requirements, and what are the costs involved?

The timeline for implementation depends on the size of the employer. Larger employers face earlier deadlines, while smaller businesses have a phased implementation period. The costs involved include legal and HR advisory fees for conducting a pay equity audit, updating job advertisement templates, and revising internal pay grading documentation. In practice, the audit itself is often the most resource-intensive element, particularly where pay structures have evolved organically over time without formal grading. Companies that begin the process early, before mandatory reporting deadlines, are better positioned to address gaps without the pressure of an imminent filing obligation.

Should a foreign company with Belgian customers appoint a Belgian data protection representative?

The obligation to appoint an EU representative under Article 27 GDPR applies to non-EU companies that process personal data of EU residents on a non-occasional basis and are not otherwise established in the EU. For a company with Belgian customers, this means that if the processing is regular and systematic - for example, operating an e-commerce platform or a subscription service - an EU representative must be appointed and their contact details published in the privacy notice. The representative is the point of contact for the GBA/APD and for data subjects. Failure to appoint a representative when required is itself a GDPR infringement and can result in enforcement action, particularly where a complaint triggers supervisory attention.

Conclusion

Belgium';s regulatory environment is evolving across multiple dimensions simultaneously, from corporate transparency and employment law to tax compliance, data protection, and financial services oversight. Businesses operating in Belgium - whether as local entities or as foreign companies with Belgian customers or operations - face a demanding compliance calendar. Staying current with these developments is not optional; the enforcement posture of Belgian authorities across all the areas covered in this guide has become more active.

VLO Law Firms advises international clients on regulatory compliance and corporate matters in Belgium. We can assist with UBO register filings, employment contract reviews, transfer pricing documentation, GDPR compliance assessments, and AML policy updates. To request a consultation, contact: info@vlolawfirm.com