News
Print Article

High Court World-Check GDPR trial settles before hearing, appearing to close series of KYC database challenges

05/07/2026

Ioannides v Refinitiv: High Court World-Check GDPR trial settles before hearing, appearing to close series of KYC database challenges.

Speed Read:

  • The High Court trial listed for 29 June 2026 in Ioannides v Refinitiv Limited did not proceed.
  • Persella Ioannides, owner of Cyprus investment firm MeritKapital, had sought removal of allegedly inaccurate personal data about her from Refinitiv's World-Check database under the UK GDPR.
  • The parties reached a confidential settlement; terms are not public.
  • This appears to mark the end of a clutch of similar High Court challenges against KYC/due diligence databases. All have now settled, been struck out or otherwise concluded without a full merits judgment.

Executive Summary

  • On 29 June 2026 the High Court was due to hear what would have been the first full trial of a know-your-client (KYC) database GDPR case in England and Wales.
  • Persella Ioannides, owner of the Cyprus investment firm MeritKapital, brought proceedings against Refinitiv Limited (part of LSEG Risk Intelligence, operator of the World-Check database).
    • She alleged that World-Check contained inaccurate claims linking her or her firm to sanctioned individuals or adverse reporting connected to family entities (notably MeritServus and related structures subject to UK sanctions in 2023 following the Cyprus Confidential disclosures and Roman Abramovich-related matters).
  • The claim centred on core UK GDPR obligations:
    • Data accuracy (Article 5), the right to rectification and erasure (Articles 16 and 17), and potentially issues around profiling and automated decision-making (Article 22). It was viewed as a significant test case for how commercial risk intelligence providers handle PEP/family association data, adverse media, and the distinction between corporate and personal data.
  • The trial did not happen. The parties settled on confidential terms. Public case records show the matter as concluded/stayed following activity in late June 2026.
  • This follows the confidential settlement in April 2026 of claims brought on behalf of children/grandchildren of Serbian politicians (the Lazarević and Stojilković matters), in which Refinitiv agreed to certain adjustments to World-Check entries. Other similar challenges against World-Check and comparable databases have also been resolved without proceeding to full trial.

Background to the Claim

  • World-Check is one of the leading commercial databases used globally by financial institutions, professional services firms and others for sanctions screening, PEP identification, adverse media checks and broader due diligence.
  • The Ioannides claim alleged that the entries inaccurately depicted MeritKapital (which she fully owns and operates as a distinct entity) as owned by, controlled by, or linked to sanctioned persons or family interests. Refinitiv had previously argued in related proceedings that much of the data concerned the company rather than Ms Ioannides personally.
  • The case was notable because it was positioned as the first opportunity for the High Court to examine in detail the data protection obligations of KYC database operators when processing risk intelligence data that can have significant commercial and reputational consequences for individuals and businesses.
  • Claimant solicitors: Peters & Peters. Defendant solicitors: DLA Piper.

The Settlement and Its Significance

  • Settlement terms are confidential. No judgment on the substantive legal issues has been handed down.
  • This outcome aligns with the pattern seen in the earlier World-Check cases involving PEP relatives: confidential resolution on or shortly before the eve of trial, with no binding precedent created on key questions such as:
    • The standard of accuracy required for commercial risk databases.
    • The scope of data subject rights when data is used for regulatory compliance screening.
    • The application of Article 22 UK GDPR to automated profiling or risk scoring in this context.
  • As far as can be ascertained from available reporting and case records, this development brings to a close the recent wave of High Court challenges against KYC and due diligence database providers on UK GDPR grounds. All appear to have settled, been struck out or otherwise ended without a full contested trial on the merits.

Implications for Compliance Professionals

  • Financial institutions and others that rely on World-Check and similar tools should note:
    • These databases remain valuable screening tools but are not a substitute for independent due diligence and ongoing monitoring.
    • Data subjects are increasingly prepared to challenge entries they consider inaccurate or unfair, particularly where listings have commercial or personal consequences.
    • The absence of a judicial ruling means important questions about the lawfulness and accuracy obligations of third-party risk data providers remain untested in open court.
    • Firms should continue to apply their own judgement when reviewing hits, document decision-making, and be prepared to consider representations from data subjects.
  • The lack of precedent is a double-edged sword: it avoids potentially unfavourable rulings for database operators and users alike, but it also leaves uncertainty for all parties on how UK GDPR applies in this commercially important area.

Sources for verification and further reading (full URLs for cut-and-paste)

Note on sources: The specific confirmation that the Ioannides matter settled confidentially on or around the scheduled trial date comes from Lexology PRO reporting. Public court tracking platforms show the case as concluded/stayed following activity in June 2026, which is consistent with that reporting. No public judgment or detailed settlement terms have been released. All other details above are drawn from the cited public sources and contemporaneous court records. Readers are encouraged to verify directly via the links above, noting that some Lexology PRO content may require a subscription.

DATA PROTECTION PEPs

The Team

Meet the team of industry experts behind Comsure

Find out more

Latest News

Keep up to date with the very latest news from Comsure

Find out more

Gallery

View our latest imagery from our news and work

Find out more

Contact

Think we can help you and your business? Chat to us today

Get In Touch

News Disclaimer

As well as owning and publishing Comsure's copyrighted works, Comsure wishes to use the copyright-protected works of others. To do so, Comsure is applying for exemptions in the UK copyright law. There are certain very specific situations where Comsure is permitted to do so without seeking permission from the owner. These exemptions are in the copyright sections of the Copyright, Designs and Patents Act 1988 (as amended)[www.gov.UK/government/publications/copyright-acts-and-related-laws]. Many situations allow for Comsure to apply for exemptions. These include 1] Non-commercial research and private study, 2] Criticism, review and reporting of current events, 3] the copying of works in any medium as long as the use is to illustrate a point. 4] no posting is for commercial purposes [payment]. (for a full list of exemptions, please read here www.gov.uk/guidance/exceptions-to-copyright]. Concerning the exceptions, Comsure will acknowledge the work of the source author by providing a link to the source material. Comsure claims no ownership of non-Comsure content. The non-Comsure articles posted on the Comsure website are deemed important, relevant, and newsworthy to a Comsure audience (e.g. regulated financial services and professional firms [DNFSBs]). Comsure does not wish to take any credit for the publication, and the publication can be read in full in its original form if you click the articles link that always accompanies the news item. Also, Comsure does not seek any payment for highlighting these important articles. If you want any article removed, Comsure will automatically do so on a reasonable request if you email info@comsuregroup.com.