CorpComms Magazine

1 Follow the Boy Scouts' example: be prepared
In a recent survey carried out by my firm, it transpired that more than half the respondents were unaware their business was regulated by the European Commission, the Health and Safety Executive, the Office of Fair Trading or the Pensions Regulator, even though all of these watchdogs have jurisdiction over every company operating in England.

This lack of awareness highlights how exposed many businesses might be to the disruption of a regulatory investigation and the penalties that may follow. Recent cases demonstrate that companies breaching regulatory requirements not only damage their reputation through negative publicity but can also face substantial penalties.

2 Know the industry-specific rules...
Be alive to the requirements and powers of the industry regulators. For example, the Advertising Standards Authority - a self-regulating organisation - oversees advertising to ensure it meets the standards set down in advertising codes. Then there is Ofcom, which regulates the television, radio, telecommunications and wireless communications sectors, and the Financial Services Authority, which regulates financial services groups.

3 ...and the not-so-specific ones
It might still be very relevant; data protection can be a minefield for the unwary. The Information Commissioner's Office is an important body when you are collating personal data. It is an independent authority designed to protect personal information, and also promote access to official information. All organisations are legally obliged to protect any personal information they hold.

4 Communicate internally
Several regulators have the power to search premises and take away documents. In some cases, it is a criminal offence to fail to cooperate with an investigation, so businesses are well advised to develop proper internal procedures to ensure all staff members likely to be exposed have a basic awareness of what to do in these situations.

5 Do not overlook the front line
The first point of entry to a company is a personal visit or a call, be it from a regulator or, often enough, a journalist. Ensure the switchboard/receptionist/CEO's PA is briefed on how to deal with the unexpected (in short: keep quiet and alert the right person internally).

6 Get everyone on message
It is crucial that knowledge is disseminated widely to those in the organisation who will largely be responsible for ensuring day-to-day compliance with the law. This is a highly regulated area, particularly so in the discrimination field. Make sure management and employees are trained in diversity issues. In a recent Nabarro survey, 70 percent of respondents had not run any form of training in diversity matters, even though employment tribunals have powers to hand out unlimited fines for discrimination cases and employers bear the liability.

7 Do not worry about the expense
It is a false economy to cut corners when it comes to spending on financial controls, be it bookkeepers, financial controllers or financial directors: be prepared to pay good money here. HM Revenue & Customs (HMRC) is often the biggest nightmare, so good VAT, PAYE, NIC and corporation tax records should be kept. VAT can be a difficult area, hence the need for someone with a sound understanding. Pay attention to freelancers and consultants, who are generally paid gross. It is important to ensure you get an indemnity from them for PAYE and for primary and secondary National Insurance contributions if there is a risk HMRC might see them as employees. Also make sure that what they are paid includes VAT. Watch out for stakeholder pension legislation: companies with five or more employees, including directors, are generally required to offer stakeholder pensions to employees.

8 Data protect staff records, too
Breaches in this area not only cause management a headache, but are also problematic when it comes to selling a business, because any buyer will want to be indemnified against liability arising.

9 Do not abrogate responsibility
Reputational risk is a matter for board-level attention. Ultimately, it's with the board that accountability will lie.

10 Protect management
Put an express indemnity in place between the company and its directors, to protect the directors from liability in the event they are sued/prosecuted without cause. This is known as a qualifying third party indemnity provision. An indemnity will not protect against regulatory penalties or criminal fines. Check the company's articles of association to ensure the firm has the power to indemnify directors. This has been in the spotlight relatively recently with the US government detaining or seeking extradition of company directors to the US. The main benefit is that the company can fund the cost of the proceedings by way of a loan to the director, which becomes repayable if the director is found to be culpable.

share me: del.icio.us | digg | reddit | Tweet