Artifact GuideUK Online Safety ActRegulated Service Scope

UK Online Safety Act Regulated Service Scope

Regulated Service Scope decisions under the UK Online Safety Act should be written in operational language: who is in scope, what must happen, what evidence proves it, and when escalation is needed.

Use this guide to turn official requirements into scope, evidence, owner, and review decisions. This guidance is practical, source-linked, and should be validated against current legal and policy requirements before implementation.

Back to main artifactReview sources
Author
Sorena AI
Published
May 9, 2026
Updated
May 9, 2026
Sections
4

Structured answer sets in this page tree.

Primary sources
4

Cited legal and guidance references.

Publication metadata
Sorena AI
Published May 9, 2026
Updated May 9, 2026
Overview

This page helps you determine when UK Online Safety Act obligations apply, who owns each action, the required evidence, and the review path before escalation. In plain terms, a regulated service is generally a user-to-user service, a search service, or a service with links to the UK that publishes or displays provider pornographic content.

Section 1

What should teams decide about Regulated Service Scope under the UK Online Safety Act?

Start by deciding whether the service is a regulated service: a user-to-user service, a search service, or a service with links to the UK that publishes or displays provider pornographic content. Then identify which illegal-content, children-safety, age-assurance, user-empowerment, transparency, complaints, risk-assessment, or provider duty that Ofcom can supervise or enforce is triggered. The useful answer should name the exact trigger, affected product or process, required action, owner, evidence, and escalation point.

Keep the Online Safety Act source, service-scope decision, user-to-user/search feature map, risk assessment, code-of-practice mapping, age-assurance evidence, and Ofcom-facing record together.

  • Define the exact Regulated Service Scope trigger and the business process it affects.
  • Record which role, product, system, customer group, or data flow is in scope.
  • Attach the source-linked rule, the owner, and the evidence field before approving the control.
  • Escalate uncertainty when the facts depend on thresholds, exemptions, cross-border activity, vulnerable users, or enforcement-sensitive wording.
Sources for this answer
UK Government - Online Safety Act explainer
GOV.UK explains which services the Online Safety Act applies to, including search services and services with user-generated content.
Age assurance for the Children's code
Primary source support for the Regulated Service Scope decision.
UK Government - Online Safety Act explainer
GOV.UK scope source explaining that Online Safety Act duties apply to search services and services where users post or interact with content.
Section 2

Who should own Regulated Service Scope, and what evidence should prove the decision?

Ownership should sit with the team that can change service design, moderation, recommender systems, age assurance, reporting, complaints, terms, or transparency data, with legal and trust-safety review.

Evidence should show service categorisation, illegal-content risk assessment, children access assessment, children risk assessment, mitigation controls, age-assurance decisions, terms/complaints records, and Ofcom reporting readiness.

  • Name one accountable owner and one reviewer for the Regulated Service Scope workflow.
  • Keep source screenshots or source links, decision notes, implementation tickets, and approval records together.
  • Use dated evidence for deadlines, notices, risk assessments, contracts, user journeys, and regulator-facing records.
  • Review the evidence after product changes, new markets, new vendors, enforcement updates, or material changes in the source text.
Sources for this answer
Age assurance for the Children's code
Evidence and ownership support for UK Online Safety Act.
UK Government - Online Safety Act explainer
GOV.UK scope source explaining that Online Safety Act duties apply to search services and services where users post or interact with content.
Online safety and data protection
Evidence and ownership support for UK Online Safety Act.
Section 3

Which edge cases should teams check before relying on a Regulated Service Scope decision?

Most Online Safety Act mistakes happen at the boundary between user-to-user, search, pornography, category, child-access, illegal-content, and transparency duties.

Use this section before launching a user feature, recommender change, moderation change, age-assurance flow, complaint process, or transparency-reporting process.

  • Check whether the rule changes for minors, consumers, business users, public-sector bodies, regulated sectors, high-risk services, or cross-border transfers.
  • Separate binding law, regulator guidance, consultation material, standards, and enforcement commentary in the evidence record.
  • Do not rely on a previous answer if the data categories, user interface, vendor role, or contractual flow changed.
  • Track unresolved assumptions in an open-questions section and route legal interpretation points for review.
Sources for this answer
UK Government - Online Safety Act explainer
GOV.UK explains which services the Online Safety Act applies to, including search services and services with user-generated content.
Age assurance for the Children's code
Boundary and edge-case support for this artifact page.
UK Government - Online Safety Act explainer
GOV.UK scope source explaining that Online Safety Act duties apply to search services and services where users post or interact with content.
Online safety and data protection
Boundary and edge-case support for this artifact page.
Section 4

How should teams operationalize Regulated Service Scope with proportionate controls?

Use an Online Safety Act workflow that captures service scope, user groups, risk assessment, code mapping, child-access status, mitigation owner, evidence, and Ofcom escalation path.

The output should be a service-scope memo, risk assessment, children access assessment, mitigation plan, age-assurance decision, complaint workflow, or transparency-report evidence pack.

  • Create a short intake question that identifies the Regulated Service Scope scenario.
  • Map the answer to a required action, evidence field, owner, reviewer, and review date.
  • Link related artifact pages with descriptive anchors so users can move from scope to deadlines, controls, penalties, and templates.
  • Update the workflow when official source material changes or when internal evidence shows recurring exceptions.
Sources for this answer
UK Government - Online Safety Act explainer
GOV.UK explains which services the Online Safety Act applies to, including search services and services with user-generated content.
Age assurance for the Children's code
Operational implementation support for Regulated Service Scope.
UK Government - Online Safety Act explainer
GOV.UK scope source explaining that Online Safety Act duties apply to search services and services where users post or interact with content.
Recommended next step

Turn UK Online Safety Act Regulated Service Scope into assigned work

Use this UK Online Safety Act guide to turn Regulated Service Scope into owners, evidence requests, review checkpoints, and reusable operating records inside Sorena.

Assessment workflow
Open Assessment Autopilot for UK Online Safety Act

Turn Regulated Service Scope into scoped questions, evidence fields, and review tasks.

Explore next step
Research workflow
Review UK Online Safety Act source evidence

Use Research Copilot to answer follow-up questions with cited source material.

Explore next step
Talk to Sorena
Talk through UK Online Safety Act service scope

Review scope, evidence, owners, and the next compliance actions with Sorena.

Explore next step
Primary sources

References and citations

Age assurance for the Children's code
ico.org.uk
Referenced sections
  • Operational implementation support for Regulated Service Scope.
"The OSA places requirements for age assurance on organisations that fall in scope."
Online Safety Act 2023
legislation.gov.uk
Referenced sections
  • Supports Regulated Service Scope under the UK Online Safety Act.
"regulated service means a regulated user-to-user service, a regulated search service, or a service with links to the United Kingdom that publishes or displays provider pornographic content"
Online safety and data protection
ico.org.uk
Referenced sections
  • Boundary and edge-case support for this artifact page.
"Links between online safety and data protection Online safety and data protection can interact in a variety of"
UK Government - Online Safety Act explainer
gov.uk
Referenced sections
  • GOV.UK scope source explaining that Online Safety Act duties apply to search services and services where users post or interact with content.
"The Act's duties apply to search services and services that allow users to post content online or to interact with each other."
Related guides

Explore more topics

How should teams decide whether UK Online Safety Act applies?
UK Online Safety Act guidance for Regulated Service Scope, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Age Assurance Guide
UK Online Safety Act guidance for Age Assurance, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Age Assurance Options Guide
UK Online Safety Act guidance for Age Assurance Options, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Age Assurance Selection Workflow Guide
UK Online Safety Act guidance for Age Assurance Selection Workflow, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Applicability Test Guide
Practical guidance for the UK Online Safety Act applicability test, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Categorisation Guide
UK Online Safety Act guidance for Categorisation, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Checklist
Practical guidance for the UK Online Safety Act checklist, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Children's Access Assessment Guide
UK Online Safety Act guidance for Children's Access Assessment, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Children's Safety Duties Guide
UK Online Safety Act guidance for Children's Safety Duties, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Complaint And Appeal Handling Workflow Guide
UK Online Safety Act guidance for Complaint And Appeal Handling Workflow, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Compliance Guide
Practical guidance for the UK Online Safety Act compliance, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Content Moderation And Appeals Guide
UK Online Safety Act guidance for Content Moderation And Appeals, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Deadlines and Compliance Calendar Guide
UK Online Safety Act guidance for Deadlines and Compliance Calendar, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Enforcement And Penalties Guide
UK Online Safety Act guidance for Enforcement And Penalties, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act FAQ
Practical guidance for the UK Online Safety Act FAQ, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act ICO Overlap Guide
UK Online Safety Act guidance for ICO Overlap, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Illegal Content Duties Explained Guide
UK Online Safety Act guidance for Illegal Content Duties Explained, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Illegal Content Risk Assessment Guide
UK Online Safety Act guidance for Illegal Content Risk Assessment, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Moderation And Appeals Guide
UK Online Safety Act guidance for Moderation And Appeals, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Ofcom Enforcement Guide
UK Online Safety Act guidance for Ofcom Enforcement, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Ofcom enforcement: penalty tiers, investigations, and senior manager liability
UK Online Safety Act guidance for Ofcom Enforcement, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Online Safety Risk Assessment Template Guide
UK Online Safety Act guidance for Online Safety Risk Assessment Template, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act penalties and fines Guide
UK Online Safety Act guidance for penalties and fines, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Requirements Guide
Practical guidance for the UK Online Safety Act requirements, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Risk Assessment Workflow Guide
UK Online Safety Act guidance for Risk Assessment Workflow, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Risk Assessments Playbook Guide
UK Online Safety Act guidance for Risk Assessments Playbook, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Senior Manager Liability Guide
UK Online Safety Act guidance for Senior Manager Liability, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Service Classification Workflow Guide
UK Online Safety Act guidance for Service Classification Workflow, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Service Scope and Categorization Guide
UK Online Safety Act guidance for Service Scope and Categorization, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act Transparency Reporting Guide
UK Online Safety Act guidance for Transparency Reporting, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act User-to-user And Search Services Guide
UK Online Safety Act guidance for User-to-user And Search Services, with practical decisions, evidence, edge cases, and external source citations.
UK Online Safety Act vs Dsa Guide
UK Online Safety Act guidance for Online Safety Act vs Dsa, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Age Assurance under the UK Online Safety Act?
UK Online Safety Act guidance for Age Assurance, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Categorisation under the UK Online Safety Act?
UK Online Safety Act guidance for Categorisation, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Children's Access Assessment under the UK Online Safety Act?
UK Online Safety Act guidance for Children's Access Assessment, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Ico Overlap under the UK Online Safety Act?
UK Online Safety Act guidance for Ico Overlap, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Illegal Content Risk Assessment under the UK Online Safety Act?
UK Online Safety Act guidance for Illegal Content Risk Assessment, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Moderation And Appeals under the UK Online Safety Act?
UK Online Safety Act guidance for Moderation And Appeals, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Senior Manager Liability under the UK Online Safety Act?
UK Online Safety Act guidance for Senior Manager Liability, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about Transparency Reporting under the UK Online Safety Act?
UK Online Safety Act guidance for Transparency Reporting, with practical decisions, evidence, edge cases, and external source citations.
What should teams do about User-to-user And Search Services under the UK Online Safety Act?
UK Online Safety Act guidance for User-to-user And Search Services, with practical decisions, evidence, edge cases, and external source citations.