Hidden Brexit Costs Of Corporate EU Compliance

Written by Simon Marsh on 4 August 2017

Hidden BRexit costs of corporate EU compliance

Many hoped BRexit  would mean remove the burden of compliance with EU directives from UK businesses. Two recent EU directives indicate this hope is likely to be in vain and UK businesses will bear the costs of compliance despite BRexit.

The 4th Anti Money Laundering Directive (4MLD) was incorporated into UK law earlier this year and came in to effect from 23 June 2017. Compliance with 4MLD is required for banks and professional service firms such as lawyers, accountants and estate agents as well as other businesses such as casinos.

Corporate businesses have already recognised the impact of 4MLD through the requirement to record and file details of the business owners – People with Significant Control – at Companies House.

All businesses will in future recognise the costs of 4MLD when obtaining new bank and finance facilities, buying and selling property or engaging new professional service firms. For many, providing documentary proof of the company and each of its directors and shareholders on a regular basis is already a fact of business life – 4MLD’s requirements has however increased the cost and the time of this fact of life.

Many more businesses are likely to see increased costs as a result of the EU General Data Protection Regulation (GDPR). GDPR has to be implemented by all entities which offer goods or services to, or monitor the behaviour of, EU persons (snappily referred to as data subjects) and applies to those who manage and process data as well as those who control it. It will therefore extend beyond those UK businesses which already have to comply with the Data Protection Act.

The penalties of failing to comply with GDPR range from 2-4% of worldwide turnover for a business and can be up to €20 million so the cost of non-compliance is likely to be greater than meeting the requirements of the new regulations.

GDPR will require businesses to review their systems for receiving, recording and handling personal information from dates of birth, addresses and credit card details to more detailed financial, medical and other personal information. Changes are likely to be required to terms and conditions of business and the manner in which customers provide their consent to the holding of their personal data.

GDPR takes effect from 25 May 2018 however all businesses should check their compliance with these regulations and start the review processes to ensure they comply when the new regulations come into effect.

WSM will be holding a breakfast seminar on GDPR and how it may affect your businesses on 10 October – contact Amanda Menassa at amanda.menassa@wsm.co.uk for details.