Monthly Archives: October 2018

Competition law – Big firms fined for involvement in cartels

cartel defition

Businesses have a responsibility and a legal obligation to follow competition law as laid out in the Competition Act 1998. In recent years, many large companies have been fined for involvement in cartels, and it is important for businesses to be aware of the dangers and pitfalls to avoid falling foul of the law, and racking up eye-watering fines which could run up to 10% of revenue. 

What is a cartel?

A cartel is an agreement between competitors which results in anti-competitive activities. This could include an agreement to fix prices, share markets, rig bids or limit output at the expense of the interests of customers and without any countervailing customer benefits. They increase prices by removing or reducing competition which results in increased prices for customers. They have a corrosive effect on the wider economy, as they reduce the incentive for businesses to operate efficiently, innovate, and provide the best value for money for consumers. Cartels lead to higher prices, poorer quality, and restricted or no choice.

Continue reading

HR & HIPAA – Two new GDPR knowledge checks

VinciWorks’ knowledge checks are five minute courses designed to help you and your staff assess their level of compliance, allowing you to decide on next steps. Feedback is given after each question is answered, allowing users to improve their knowledge while completing the assessment. A score is given at the end of each assessment, meaning users can easily establish how much they have yet to learn.

We have now released two knowledge checks focussing on specific aspects of data protection and the General Data Protection Regulation.

GDPR for Human Resources Staff

Screenshot of VinciWorks' Human Resources knowledge check

Each knowledge check offers feedback after each answer

This GDPR knowledge check was created for human resources staff and tests the following:

  • HR’s role in complying with GDPR
  • Processing and storing employees’ data
  • Consent, subject access requests and conditions for processing data
  • Employee rights with regards to GDPR

Free demo

Continue reading

Transparent risk identification – the four step process

The risk identification process

The four steps to risk identification

The risk identification process should involve your entire organisation, hence the phrase “everyone is a risk manager”. This means conducting surveys and interviews, analysing the responses and drafting a risk register based on those results. This is known as the transparent risk identification process because it requires everyone in the organisation to be transparent, includes the whole organisation and the results can be shared throughout the company. Here are the four steps to transparent risk identification that we recommend.

1. Collect responses and perspectives

Getting buy-in for risk management initiatives from the leadership and getting time with key stakeholders is a huge challenge faced by risk managers. The best way to do this is to start with a survey. This keeps the process brief and concise; it can cut right across the organisation and capture answers from a broad congregation. Using the appropriate tools, this is a quick and easy process and encourages engagement due to it being fully inclusive. A survey can be made available to everyone but be mandatory for those who will be getting a follow-up interview. Sending a survey to everyone promotes the risk management initiative at the organisation and reinforces the idea that everyone is a risk manager and that risk management involves the entire organisation.

Continue reading

Learning Management Systems explained

An example of VinciWorks' LMS 6.0 dashboard

An example of VinciWorks’ LMS 6.0 dashboard

What is a learning management system (LMS)? Who needs an LMS? How do they help with learning? While many have heard the term, for others it may be difficult to understand exactly what an LMS is and how it could be helpful to your organisation. Here is everything you need to know.

What is a Learning Management System?

The best way to describe a learning management system is to break down the title.

Learning – organisations manage ranges of staff, from a small team of ten to a multitude of departments, amounting to thousands of employees. Those employees are assigned to train on a number of topics, ranging from compliance training such as anti-money laundering, to webinars, workshops and seminars.

Continue reading

New York sexual harassment whistleblowing policy template

When it comes to any potential foul play at work, it is important that employees understand when they should share their concerns, who they should share them with and how to do so. In order to ensure all your staff feel comfortable raising any concerns they have regarding whether staff or clients are involved or assisting in sexual harassment, we have created a detailed whistleblowing policy template. The template can easily be edited to include relevant contact information, the company name and any company-specific procedures. The template is fully compliant with the New York State and City sexual harassment regulations.

Download policy template

Continue reading

In conversation with the SRA: What’s the latest on the SRA Handbook?

Ruth Cohen, VinciWorks' Legal and Research Executive

Ruth Cohen, Legal and Research Executive at VinciWorks

Director of Best Practice Gary Yantin and Legal and Research Executive Ruth Cohen recently travelled to Birmingham to meet with the SRA and discuss what’s coming up in the next 12 months. The new SRA Handbook is going to see some important changes in the regulation of solicitors, and we’re working hard at VinciWorks to make sure you have the tools you need to understand the Handbook and be compliant with the updated rules.

Overall, solicitors can not only expect a shorter, simpler code but two codes of conduct; one for individuals and one for firms. Nevertheless, the revised, 20th edition of the SRA Handbook was published on 1 October and contained a series of changes to the Insurance Distribution Directive (IDD).

The key changes being introduced by the SRA

SRA to provide regulatory guidance, yet support additional training from compliance providers

The SRA, while focusing on regulation, will be providing guidance to support the implementation of the upcoming regulatory changes. In addition to their own guidance, the SRA sees the role of compliance providers such as VinciWorks to provide additional guidance and training materials for law firms.

Continue reading

VinciWorks kicks off first risk identification masterclass

The risk identification process

The four steps to risk identification

On Wednesday 17 October, VinciWorks ran its first risk identification masterclass in an impressive Central London venue, the Law Society. Facilitators, experts Dean Hughes and Karla Gahan, focussed on risk identification, one of the key steps of Enterprise Risk Management (ERM). They gave guidance to delegates on how to better facilitate risk conversations, reveal awkward risks and black swans, and present those risks to the leadership with clarity and insight. This class provided delegates with the skills and confidence required to identify risks at a whole new level through a safe and constructive process.

What is risk identification?

Risk identification is the term used to describe the process of collecting, collating, classifying, refining, aggregating and disseminating risks. It is a critical step in the ERM process and takes place within the context of the risk framework. While one-off workshops and department-wide meetings play a role in risk identification, the process itself is ongoing and should be revisited on a regular basis.

Continue reading

GDPR and Section 11 of the Criminal Finances Act 2017

Judge sitting at his desk

Section 11 of the Criminal Finances Act 2017 amends the Proceeds of Crime Act (POCA) and affects the regulated sector. The new data sharing regime enables regulated persons to request and share information with their regulated peers, free in most respects from contravening the EU’s General Data Protection Regulations (GDPR). Any disclosure “made in good faith” that does not breach any duties of confidence or “any other restriction on the disclosure of information”.

The purpose is to encourage the sharing of information from different entities in the regulated sector and better enable the collation of multiple reports of potential money laundering into a single Suspicious Activity Report (SAR).
Continue reading

SRA Price Transparency Rules – What you need to know

Pricing spelt out in cubes

The Solicitors Regulatory Authority’ (SRA) Price Transparency Rules are set to come into effect in early December 2018. They provide a major change to how law firms must publicise their prices for certain services which they offer to clients and general consumers. This is part of key changes the SRA are carrying out as part of their Looking to the Future programme.

Who are the Price Transparency Rules intended for?

These are intended for law firms who are required to publish information on the prices and the services which they offer to consumers under Rule 1 of the SRA Transparency Rules. Those firms that are not obligated to provide a transparent pricing list may still find the Price Transparency Rules useful.

What are the aims of the new Price Transparency Rules?

The new Price Transparency Rules aim to ensure that before making certain choices regarding legal representation, consumers will be provided with pricing information, to allow them to make the most informed decisions regarding which legal services provider they choose. The aim is that by providing clear pricing details, consumer misunderstandings later in a transaction will be avoided, as a result of transparent information being provided from the onset.

Continue reading

Six ways GDPR compliance has helped businesses

Pre-GDPR consent email

Many companies sent consent emails as GDPR appraoched in May, with many others doing so in the following weeks

25 May, when the EU wide General Data Protection Regulation (GDPR) came into force, is fresh enough in our minds for us to remember the countless “are you still our friend?” emails from marketers. Many marketing professionals, managers and data protection officers will also remember the panic they faced when preparing for GDPR. As the influx of GDPR emails continued to flood in and cookie notifications started to pop up with increased regularity, skepticism started to mount amongst marketers and managers alike. Have the new regulations helped or hindered business’ sales and marketing efforts?

Your website can be accessed from around the world

US website down due to GDPR compliance

How often have you got this message when trying to access a US-based website from an EU country?

Continue reading