These Regulations are made under the Sanctions and Anti-Money Laundering Act 2018 (c.13) to establish a sanctions regime for the purpose of furthering the prevention of certain cyber activity as defined in regulation 4(2) (“relevant cyber activity”). Following the UK’s withdrawal from the European Union, these Regulations replace the EU sanctions regime implemented via EU Council Decision (CFSP) 2019/797 of 17 May 2019 concerning restrictive measures against cyber-attacks threatening the Union or its Member States and Council Regulation (EU) 2019/796 of 17 May 2019 concerning restrictive measures against cyber-attacks threatening the Union or its Member States.