Ofcom's Compliance Roadmap: The End of Dating's Regulatory Honeymoon

Ofcom has just handed every dating platform operating in the UK a detailed schedule of what needs to be done, when it needs to be done, and — implicitly — what happens if it isn't. The regulator's newly published compliance roadmap runs from March 2026 through May 2027, with the first formal submissions due in April. Dating operators now have 12 months to prepare risk assessments that meet statutory requirements under the Online Safety Act (OSA), a regime that represents the most stringent safety framework the sector has faced.

The timeline is unambiguous. Between April and July 2026, services formally notified by Ofcom must submit illegal content and children's risk assessment records. By July 2026, all platforms must ensure their risk assessments and record-keeping duties are current. Come October 2026, Category 1 and 2 services — a classification that captures most major dating platforms — must provide risk assessment records and publish transparency summaries. Ofcom will simultaneously publish a statutory report on content harmful to children, a signal of where regulatory scrutiny will land hardest.

Create a free account

Unlock unlimited access and get the weekly briefing delivered to your inbox.

Register free

No spam. No password. We'll send a one-time link to confirm your email.

Dating platforms that treat this as a compliance exercise rather than an operational priority will find themselves explaining their risk frameworks to Ofcom by summer 2026.

The ones that don't have frameworks to explain will find themselves in a considerably worse position.

What the roadmap actually requires

The compliance burden is substantial. Dating platforms must conduct and document risk assessments for both illegal content and child access, two areas where the sector's track record has been patchy at best. Ofcom has published a digital tool for the Children's Access Assessment, which the regulator claims takes less than 10 minutes to complete. That figure is misleading. Completion time is not assessment time. The underlying work — evaluating age verification systems, understanding how under-18s might bypass controls, documenting mitigation measures — requires considerably more than 10 minutes of executive attention.

Platforms must also demonstrate they're addressing priority harms. Ofcom's Group Director of Online Safety, Oliver Griffiths, has flagged protections for women and girls as a core focus, alongside tackling illegal hate speech and terrorist content. For dating operators, the women and girls priority is existential. Women represent the commercially critical cohort for mixed-gender platforms; retention and safety perception directly determine whether a service can maintain viable gender ratios. Any platform that cannot credibly demonstrate it's mitigating harassment, unsolicited sexual content, and intimate image abuse will struggle both with Ofcom and with its own unit economics.

The roadmap also includes ongoing work on cyberflashing and intimate image abuse, offences that disproportionately affect dating platforms. Final statements on these priority offences are scheduled throughout 2026, which means compliance teams should expect the goalposts to move mid-process. Crisis response protocols — how platforms handle reports of imminent harm — will also be under scrutiny.

The child access problem

Dating services face a reputational and legal minefield around underage access. Most platforms set a minimum age of 18, but enforcement has historically relied on self-reported dates of birth and rudimentary checks. Ofcom's emphasis on Children's Access Assessments suggests the regulator knows this and intends to fix it.

The implications extend beyond immediate compliance. Platforms that discover material underage access during their assessments will need to document how they're addressing it, likely requiring investment in age verification technology that goes beyond the honour system. Some operators will face a choice between stronger age assurance and friction that damages conversion rates. Ofcom's position is clear: err on the side of exclusion.

Publishing risk assessment summaries means disclosing what harms a platform has identified and what it's doing about them. Competitors, journalists, and advocacy groups will compare disclosures.

Operators should also prepare for the October 2026 transparency summaries to become public relations flashpoints. Any platform that publishes a threadbare summary — or one that appears to downplay known risks — will face questions.

Who this hits hardest

The phased timeline creates asymmetric pressure. Match Group (MTCH), Bumble (BMBL), and other well-capitalised operators have compliance infrastructure and legal teams that can absorb the workload. Smaller platforms and white-label providers face a more difficult calculation. Building the systems to conduct credible risk assessments, maintain statutory records, and implement mitigation measures costs money and operational bandwidth that many don't have.

White-label operators — providers that power multiple dating services under different brands — face multiplicative compliance obligations if Ofcom treats each branded service as a separate in-scope entity. The DII Industry Directory lists dozens of smaller UK-facing dating platforms that may lack both the resources and the organisational capacity to meet April's deadlines. Consolidation pressure was already building; this roadmap will accelerate it.

Platforms attempting to stay beneath Ofcom's radar by claiming they're not user-to-user services will find the regulator unsympathetic. Any service that facilitates communication between members almost certainly falls within scope, regardless of how artfully the terms of service are drafted.

What happens next

Ofcom's January 2027 statutory report on app stores adds another variable. If the regulator concludes that Apple and Google are insufficiently policing age ratings and safety standards for dating apps distributed through their platforms, app store compliance requirements could tighten materially. Operators should watch this carefully; app store rejections or additional review layers could create distribution bottlenecks just as platforms are trying to implement OSA changes.

The statutory report on content harmful to children, due October 2026, will likely set the tone for Ofcom's enforcement appetite. If the regulator finds widespread failures in child protection — and given the sector's history, it probably will — expect accelerated timelines and reduced tolerance for non-compliance.

Dating platforms have 12 months to treat this seriously. The ones that start building their risk assessment frameworks now, allocate compliance budget, and engage with Ofcom's guidance as it's published will be fine. The ones that wait until March 2026 to begin will be scrambling. And the ones that assume this is performative regulation that won't be enforced should ask themselves whether they're prepared to test that hypothesis with Ofcom holding statutory powers.

The April 2026 deadline is fixed. The compliance burden is real. The regulatory environment for UK dating platforms has fundamentally changed, and the roadmap Ofcom just published is the clearest signal yet that the regulator intends to use the authority Parliament gave it.