Certus Login   Client Area   ☏ 0844 880 9808  

UK SMEs not ready for new EU data laws

picfair-291506969-one-euro-coin-on-paper-sheets-with-charts.jpg

In April 2016, the European Parliament voted to update the EU’s general data protection regulation (GDPR), with organisations in the member states given two years to comply. Two months later, financial services group Close Brothers found 82% of UK SMEs surveyed are not prepared for the new legislation. If the UK stays in the EU, what would GDPR mean for Britain’s small businesses?

Lack of understanding

Close Brothers’ quarterly survey determined 82% of 850 owners or senior managers were unaware of GDPR or did not understand its implications. From the remaining respondents, 14% said they would need advice, while just 4% understood GDPR and how it would impact their businesses.

Ian McVicar, Managing Director of Close Brothers Technology Services, described GDPR as “one of the most significant and anticipated pieces of legislation conceived in the EU in recent years”. McVicar also added: “It is intended to strengthen and unify data protection for individuals within the EU.”

Implications for UK businesses

GDPR was drafted to update 1995 data protection laws for the present, and EU companies have to demonstrate compliance after the legislation is adopted. Among the changes will be a mandatory 72-hour window to report data breaches, while certain companies are legally required to employ data protection officers.

For UK companies believing Brexit will halt GDPR, this might not be the case. Even if the country does vote to leave, domestic businesses will have to comply if they want to transact with EU companies.

Ultimately, this would be unavoidable for many UK businesses, as the EU accounts for approximately half of the country’s international trade. Therefore, time must be taken now to determine the exact costs of compliance.

Companies failing to adhere to GDPR beyond the two-year compliance period will incur a penalty amounting to 4% of annual revenue or €20 million [£15.5 million]. From those options, the exact penalty will be the larger value.

With GDPR adding another cost for UK SMEs, there is an even greater need to maintain a consistent cash flow. By working with ethical Enforcement Agents, like Dukes Bailiffs, you will ensure your outstanding invoices are collected at clear, consistent intervals.

Talk to us