Around one in four adults in the UK experience mental health issues. These problems can often be exacerbated by work. The problem is that the vast majority of mental health training solutions require onsite, day-long, classroom-based external sessions that require a significant time and cost investment. Only the largest or most progressive companies can afford this form of training.
Convincing leadership to include company-wide mental health training in their budget and that effective training doesn’t need to come at a huge cost has proven to be a real challenge. VinciWorks has created a short guide to help present a business case for mental health training and get board buy-in.
The guide covers:
Some of the difficulties in getting board-level buy-in for action on mental health
Shocking statistics surrounding wellbeing at work
Guidance on how to get buy-in for mental health training
Business’ legal requirement to provide mental health training
Following engagement with relevant parties for over a year, together with a written consultation document and review period, HMRC laid their DAC6 Regulations before Parliament on 13 January 2020 under the International Tax Enforcement (Disclosable Arrangements) Regulations 2020, Statutory Instrument 2020 No. 25. However, trawling the Directive, the consultation paper and draft guidance to find that one piece of information you need is proving to be a real challenge.
We have summarised all of HMRC’s guidance into an easy-to-read guide answering many of the questions we’ve received from firms.
Here are some of the areas of DAC6 compliance the guide covers:
The extent to which Brexit will affect DAC6 implementation in the UK
On Wednesday 29 January, over 50 leading international firms joined us for our third DAC6 core group meeting. During the meeting, our panel, which included HMRC’s Policy Lead for DAC6, took questions from our 100-strong audience to try to make sense of the Directive and fill in some missing details. Here is a summary of the discussions with HMRC:
Brexit will not have any immediate effect on the UK’s implementation of DAC6. The Directive will continue to apply in full at least for the duration of the transition period or until a deal is reached.
DAC6 reporting obligations
All intermediaries have a reporting obligation. The primary interest of HMRC is to receive the correct information about transactions so that they can assess whether a transaction needs further review. While the Directive mandates reporting deadlines, reports should include as much relevant information as possible.
Details of the extension of the trust registration service under the Fifth Directive
On 24 January 2020, HMRC launched their promised technical consultation on changes to the Trust Registration Service (TRS) to be made under the Fifth Anti-Money Laundering Directive.
The changes will focus on the registration requirements of all UK and many non-EU resident express trusts, whether or not they incur a UK tax consequence. This could extend the number of registrable trusts from around 200,000 to over two million.
With new research showing that poor mental health costs UK employers £45 billion a year, now more than ever is the time to take action on wellbeing. Mental health-related problems for businesses, including presenteeism, absences, and staff turnover, have increased 16% since Deloitte’s last survey in 2016.
Changes in work practices, particularly the ‘always on’ culture, have made it harder for employees to disconnect during their downtime, and employers haven’t yet figured out how to adapt to this new work culture.
Research from the CIPD found that two fifths of UK businesses have seen an increase in stress-related absences, with management style increasingly identified as the source of stress.
Over 100 people from 50 top law firms, accounting firms and banks gathered at the offices of Freshfields Bruckhaus Deringer in a meeting organised by VinciWorks to fire questions at HMRC regarding the latest EU tax transparency law, DAC6.
HMRC have just published legislation implementing DAC6 and firms are scurrying to fully get to grips with the tremendous impact it will have on how law firms, banks and accountants do business. In response to a question about the impact of DAC6, the head of compliance at a top-five global law firm described the Directive as “the most difficult piece of legislation we’ve ever had to grapple with”.
178 notifications per day just in the first half of 2019
A total of £100m in fines
Here are some of the recent fines that regulating authorities have issued and guidance on how to make sure your business stays on the right side of GDPR.
Four GDPR fines we can learn from
British Airways – £183m (under appeal)
The airline was victim to a cyber attack where the personal data of 500,000 customers was stolen by hackers through a fake website. The ICO said the incident took place after users of British Airways’ website were diverted to a fraudulent site. Through this false site, details of about 500,000 customers were harvested by the attackers, the ICO said. The incident was first disclosed on 6 September 2018 and BA had initially said approximately 380,000 transactions were affected, but the stolen data did not include travel or passport details.
Why are they being fined?
Information Commissioner Elizabeth Denham said: “People’s personal data is just that – personal. When an organisation fails to protect it from loss, damage or theft, it is more than an inconvenience. That’s why the law is clear – when you are entrusted with personal data, you must look after it. Those that don’t will face scrutiny from my office to check they have taken appropriate steps to protect fundamental privacy rights.”
From Friday 31 January 2020, European rules and regulations stopped having effect in the UK by virtue of the fact that the UK’s membership in the EU will end. Britain has now entered a transitional period which will last until 31 December 2020.
To prepare for this change, the government passed a flurry of Brexit-related legislation in recent years. The one relating to data protection is the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019.
How much of an impact will Brexit have on business?
While there is sure to be some level of impact for everyone, the impact of Brexit on each business will depend on the type of business and, most importantly, in which jurisdiction they collect and process data. Due to the Brexit transition period, the impact is unlikely to be immediate.
VinciWorks has released a new five minute course to help organizations test their staff’s data privacy knowledge. The knowledge check has also been added to our data privacy training suite. Knowledge checks consist of different scenarios to help employees understand which course of action to take in different situations. We recommend knowledge checks are added to existing data privacy training plans as a refresher course.
The five minute data privacy knowledge check covers:
What counts as personally identifiable information (PII) and best practice
The principles of handling data
Scenario questions to test your ability to correctly handle certain situations
When and how to report a breach
Dealing with Confidential Disclosure Agreements (CDA) and Non-Disclosure Agreements (NDA)
27% of our listeners have suffered a data breach since GDPR came into force
On 31 January 2020, the UK will leave the European Union, and GDPR as we know it will come to an end.
From exit day, the GDPR we have become familiar with will disappear from the statute book and the Data Protection, Privacy and Electronic Communications (Amendments etc) (EU Exit) Regulations 2019 will come into effect. This will result in hundreds of changes to both the GDPR text in UK law and the Data Protection Act 2018.
In this webinar, our Director of Course Development Nick Henderson and DPO Ruth Cohen helped organisations understand what data protection looks like in a post-Brexit world.
The webinar covered:
How Brexit will impact on UK data protection law
What changes organisations, DPOs and compliance officers need to make to their policies and procedures
The most recent GDPR cases from across the UK and Europe