Government silence on GDPR leaves businesses in dark

Businesses need more leadership from the government about the future for the UK’s anti-money laundering and GDPR laws, according to Martin Schofield of RFS Financial Crime.

Businesses need more leadership from the government about the future for the UK’s anti-money laundering laws and other forthcoming regulations, such as the General Data Protection Regulation (GDPR), claims one of the country’s leading financial crime and compliance trainers.

‘Companies are having to implement changes to the way they operate due to the newly implemented Money Laundering Regulations 2017, whilst also preparing for the introduction of the GDPR. With the requirements of these legislative pieces emanating from within the EU, businesses are required to implement and prepare for what could be very costly changes with too little assurances being provided of what the future holds for the UK legislative environment following Brexit,’ says Vivek Dodd, director at Skillcast, a corporate e-learning provider.

His views were backed by Martin Schofield, director financial crime at RFS Financial Crime, who partner with Skillcast to produce financial crime training.

‘Businesses we deal with have said they are more than slightly concerned about implementing costly changes following MLD4, and preparing for other legislative changes such as GDPR, without any assurances whatsoever as to what will happen once we leave the EU,’ says Schofield.

‘With a number of firms still developing and progressing their thought processes to view compliance as a ‘value add’ department rather than just a hit to the firm’s bottom line, it is often the case that Compliance Departments receive a limited budget to prepare for and implement change, when there are other financial pressures to running a business, and those in charge are obviously wondering what the future holds in terms of further expenditure if laws change,’ he adds.

He continues, ‘firms are understandably concerned that they may invest now in change to implement new and forthcoming laws, essentially derived from the requirements of the EU, without any insight as to whether they will see a return on this investment, i.e. will the laws remain as written post separation, or will the government seek to change these laws in a bid to prove to the Brexiteers that their call to arms was valid, and now, under its own legislative control, the UK can step away from the requirements of the EU and use the laws on hot topics such as, AML and Data Protection as cases in point.

‘As the MLD4 is essentially derived from the requirements of the 2012 FATF recommendations, of which the UK is a direct member, we expect to comply with this EU directive anyway. So, an assurance from the government in this respect would not be too hard to achieve, and if that’s not forthcoming, is there anything that businesses should be reading between the lines?’ he adds.

Earlier in the summer, the Great Repeal Bill entered parliament, with the government having to decide which of the 19,000 EU laws are to be kept after the UK formally exits the EU in March 2019, and by which time businesses across the UK are expected to comply with MLD4 and GDPR.

Mr Dodd said Skillcast’s view was businesses have been calling for certainty and this is this is one area where the government can provide it without losing too much on its negotiating position, and added that the government should take a unified approach with the EU towards financial crime, data protection and other areas of compliance.

‘It would appear to be common-sense to do this.’ he says.

‘If the UK tightens its controls, we may make our country a more difficult place for financial crime. However, if that leads to the perception of overly stringent controls and red tape, it will put the UK out of step with the rest of the EU resulting in companies moving abroad or being unable to do business with companies in the EU and other jurisdictions. Conversely, relaxing the regulations may make us more competitive, but also more attractive to criminals.

‘And that may result in the UK becoming a less favourable country to do business with, across the EU and the world, because of the increased regulatory risk that we present. One example of that would be the reluctance of our business partners in the EU to share personal data with companies in the UK, wreaking havoc on our services businesses, such as law firms and accountants. From the perspective of such businesses, the EU Directives are goldilocks of regulations, not too hot or too cold, but just right.’

He added that at the moment business has been told to carry on as normal and Brexit won’t alter anything, but no one knows what may be planned in the future first few years following Brexit.

‘We are not under any illusions about how difficult the whole Brexit process is, but there really needs to be more clarity than we are seeing right now,’ says Mr Dodd.

‘In today’s world, it is clear to everyone that as much needs to be done as possible to fight financial crime and terrorist financing in a way that is effective and yet not placing the UK out line with the rest of the world,’ he adds.

‘Is Brexit a good or bad thing? Who knows, time will tell. But one thing is certain, the UK cannot remain an island in regulatory compliance.’

Further reading on GDPR

Owen Gough, SmallBusiness UK

Freddie Halvorson

Owen was a reporter for Bonhill Group plc writing across the and titles before moving on to be a Digital Technology reporter for the

Related Topics


Leave a comment