Key themes and developments on the agenda for businesses in February include a consultation on the reform of corporate criminal liability, guidance on the duty to report on payment practices and performance, and assistance with complying with the General Data Protection Regulation.
Consultation on the reform of corporate criminal liability
UK prosecutors have long argued that it is hard to prosecute companies in Britain due to high legal hurdles. In January, the Government opened a consultation on the reform of corporate fraud, money laundering and false accounting. The call for evidence seeks views on whether further reform is needed to combat corporate criminality in areas of economic crime other than bribery and tax evasion.
Action points: The deadline for responding to the consultation is 24 March 2017.
Duty to report on payment practices and performance
The Department for Business, Energy and Industrial Strategy (BEIS) has published its guidance to reporting on payment practices and performance. The guidance is for companies that must comply with the statutory reporting duty for payment practices and performance in relation to financial years beginning on or after 6 April 2017. Among other things, the guidance sets out:
- Which companies will come within the scope of the reporting requirement, and when parent companies will be required to report.
- Details about the information that businesses must provide in respect of their payment terms and their payment performance.
- When and where information must be reported.
The government has also published revised drafts of the Reporting on Payment Practices and Performance Regulations 2017. The draft regulations have been laid before Parliament and are intended to enter into force on 6 April 2017.
Action points: Organisations should use the guidance when reviewing their existing payment practices and performance. In-house counsel may not have previously had much insight into their organisation’s approach and may need to work with the finance team to audit current arrangements and put in place new internal systems to support reporting.
BEIS Green Paper on Industrial strategy
A Green paper seeking comments on government proposals for developing a modern industrial strategy has been published by BEIS. The Green Paper sets out the ten pillars underpinning the government’s new approach to industrial strategy, together with its proposals in each area. They include cultivating world-leading sectors by way of “sector deals”, to address sector-specific challenges and opportunities. This may, among other things, involve addressing regulatory barriers.
Action points: The deadline for responding to the Green Paper is 17 April 2017.
Corporate governance reform
The Business, Energy and Industrial Strategy Committee is continuing its investigation into corporate governance reform. The investigation is focusing on executive pay, directors’ duties and the composition of boardrooms.
ICSA and the Investment Association have recently announced that they are proposing to publish joint guidance to assist boards in improving their engagement with, and understanding of the views of, their employees and other stakeholders. It is proposed that the guidance will be published in the second quarter of 2017.
Updated ICO overview of the GDPR
Companies can get a helpful indication of where they should be focusing their time and resources in the run-up to the General Data Protection Regulation (GDPR) coming into force by referring to the Information Commissioner’s Office (ICO) overview of the GDPR.
The overview is updated each month and highlights guidance published by the Article 29 Working Party and the ICO, and sets out the topics that they are expected to publish guidance on in the future. The ICO is aiming to publish guidance on contracts and liability and on consent early in 2017, and intends to publish version two of its paper on big data in February 2017.
Draft E-privacy Regulation
A draft E-Privacy Regulation, which is intended to replace the current E-Privacy Directive (2002/58/EC), has been published by the European Commission. The new draft Regulation would apply to all electronic communications service providers, such as WhatsApp, Facebook messenger, Skype, Gmail, iMessage and Viber, rather than only traditional telecoms service providers.
It will introduce various enhanced privacy measures, including in relation to user consent, confidentiality of electronic communications, website cookies and unsolicited electronic communications.
Businesses, particularly those not currently subject to the E-Privacy rules, should note the huge potential fines proposed of up to EUR20 million or 4% of annual turnover, whichever is higher (like the GDPR). The latest record fine of £400,000 for a breach of nuisance calling laws in the UK (where a cap of £500,000 exists), pales in comparison.
Action points: In terms of compliance preparations and risk assessment, organisations should bear in mind that the Commission ambitiously provides for the Regulation to apply from 25 May 2018, along with the GDPR. However, this proposal is only the beginning of what can be a lengthy legislative process, potentially involving multiple amendments.
Network and Information Security Directive
The Network and Information Security Directive introduces new cybersecurity requirements for providers of key infrastructure and obliges them to report details of cyber attacks to the authorities. Businesses which fall within the Directive’s definition of digital service providers (such as online market places, cloud computing and search engines) will also be subject to security and breach notification requirements.
From 9 February 2017 to 9 November 2018, the Cooperation Group set up under the Directive will discuss the process, substance and type of national measures allowing for the identification of operators of essential services within a specific sector in accordance with specified criteria. Member states must adopt and publish the laws, regulations and administrative provisions necessary to comply with the Directive by 9 May 2018.
New guidelines on EU trade marks and registered Community designs
As of 1 February, the European Union Intellectual Property Office’s revised guidelines for the examination of EU trade marks and registered Community designs are applicable.
Last orders: consultations coming to a close in February
Consultations on the following matters are closing in February:
- Corporate governance reform.
- Ethnic diversity on boards.
- UK cybersecurity.
- Corporation tax losses reform.
- Scope of the VAT grouping rules.
- Draft legislation on restriction of interest deductibility.