The impact of ‘Brexit’ for compliance officers
The recent referendum result of the United Kingdom deciding to exit the European Union (EU) has come as a great surprise to many. It has already had a significant impact on the financial and currency-exchange markets, and will certainly create a significant period of uncertainty until the final terms of the exit have been negotiated and agreed.
We will have to wait and see what the consequences will be for the compliance community, as many of the topics will be subject to negotiation as part of any deals for the United Kingdom to retain some of its access to the common market in Europe. For specific legal areas, however, the impact could vary greatly.
There is likely to be very little change regarding anti-bribery and corruption prevention. The related legislation and prosecution has generally come from outside the EU (i.e. the United States Foreign Corrupt Practices Act) or from national legislation (such as the United Kingdom Bribery Act or other OECD-based legislation) and either applies to entities acting in a country or has extra-territorial jurisdiction based on a connection to a country. Removing the United Kingdom from the EU will then change neither the applicable laws nor the prosecuting authorities. In addition, the sharing of information between countries is unlikely to be affected, as this has been active globally for many years and is not tied to EU membership. On the other hand, the ability to prosecute individuals may be impacted by the United Kingdom no longer being part of the European arrest-warrant scheme, so bodies such as the Serious Fraud Office would presumably need to rely on the negotiation of an alternative method of arrest and extradition of EU nationals if they are to be subject to United Kingdom prosecutions.
Competition law is an area where we may see some changes in both procedure and prosecuting authorities. For many years the European Commission has led the attack on anti-competitive and cartel behaviour in Europe, resulting in many prosecutions and fines. Companies operating in the United Kingdom in the future will presumably not be subject to the same level of scrutiny from the Commission – although this may be subject to negotiations, and it may be seen that the United Kingdom authorities take just as hard a line. An area that is likely to change on this topic is monopoly assessments, where the market in question will now be two separate markets (i.e. a product might be a monopoly in the United Kingdom, where it wasn’t in the EU as a whole). This will probably have the largest impact on merger approvals, which will need to cover both jurisdictions.
Prohibitions on state aid to private companies – a hot political topic in the EU recently – will probably no longer apply to the United Kingdom. This will allow the government freedom to support projects such as the Port Talbot Steelworks (the future of the plant in south Wales has been uncertain since Indian owner Tata Steel announced in March that it might pull out of the United Kingdom) if it wants a solution outside of nationalisation; however, it remains to be seen whether this would be used in practice as the United Kingdom Government has not traditionally been supportive of private companies in this way.
In a similar manner, the rules for trade and export control may change as the United Kingdom starts to determine its own national interests again and the regimes diverge for imports or exports from countries outside of the EU. Trade between the United Kingdom and the EU will clearly be subject to more controls if negotiations do not result in the United Kingdom retaining free access to the EU common market. There will also be potential changes regarding political sanctions. While the United Kingdom and EU regimes are fairly consistent at the moment, they may diverge once United Kingdom foreign policy is more independent.
One area of significant uncertainty is that of data privacy. With the introduction of the new directive across Europe, depending on the timing of the actual exit, it may be the case that United Kingdom businesses are subject to the directive for a short period and then are no longer subject. In the long term, however, it would seem likely that United Kingdom businesses that hold data on EU citizens will still need to comply with the directive (as United States or other foreign businesses do now). United Kingdom businesses would, however, need to nominate a new ‘home’ regulator, as the United Kingdom Information Commissioner would no longer be available. This new home could possibly be with the Irish regulator, given its similar language and views on privacy to the United Kingdom. The hosting of data in the United Kingdom might be impacted, as it would be outside the EU, although the country’s standard of protection is still likely to be assessed as adequate since it will not change overnight. It could also be possible that the United Kingdom puts in place its own form of ‘Privacy Shield’ protection.
In the area of anti-money laundering, the fourth EU Directive on money laundering that came out in 2015 will be enforced in mid-2017, so British financial services firms and commercial organisations will need to comply with those requirements for at least a year before possibly coming under a United Kingdom equivalent. Due to the need for common anti-money laundering approaches among banks, it is likely that any future United Kingdom legislation will closely mirror the EU directive.
These are just some of the many areas that will need to be managed by the legal and compliance teams in the United Kingdom and in global organisations. There are also many regulatory regimes that are well entrenched, such as the European Regulation on Registration, Evaluation, Authorisation and Restriction of Chemicals (REACH) and the Waste Electrical and Electronic Equipment (WEEE) Directive, as well as new regulations such as MiFIR.
In addition, the ability to staff the compliance function with high-quality candidates may well be impacted by the reduction in free movement of people (both in and out of the United Kingdom).
Overall, the vote to leave the EU will result in a number of years of uncertainty for compliance teams as they juggle competing obligations – some temporary; others ongoing. All of this adds to an already complex role and stresses the need of compliance officers to be business focused and agile to help their management and boards through this uncertain period.