UK’s Industrial Strategy announced—new Government contracting approach will favour UK-based firms after Brexit.
The FCA has fined Aviva, the UK insurance group, £8.2 million for failing to have appropriate controls over its outsourced service providers. According to the FCA’s press release, the fine would have been even larger at £11.8 million but for a 30% discount due to Aviva for agreeing with the FCA to settle at an early stage.
The case related to a number of FCA Handbook breaches between 1 January 2013 and 2 September 2015, including breaches of Principles 3 and 10, the Outsourcing Chapter of SYSC and the Client Assets Sourcebook (CASS)—rules which apply whenever a firm holds or controls client money or has custody assets as part of its business. Two Aviva group companies, Aviva Pension Trustees UK and Aviva Wrap UK had outsourced the administration of client money and external reconciliations in relation custody assets to third party administrators (TPAs). In what is the first CASS case in relation to oversight failures of outsourcing arrangements, the FCA found that the Aviva companies had “failed to put in place appropriate controls over … [the TPAs] … to which they had outsourced the administration of client money and external reconciliations in relation to custody assets … [resulting] in Aviva failing to sufficiently challenge the internal controls, competence and resources of their TPAs.”
Should what goes out come back in? In a recent guest blog for MRO-Network.com the bringing back in-house of functions that have previously been outsourced. From regaining control of business-critical functions to increased flexibility and simplified purchasing, Mike and Caron examine the benefits and challenges of returning functions to the fold.
The UK’s financial services regulator, the Financial Conduct Authority (FCA), has recently published summaries of the responses it received to a Call for Inputs (CfI) on the use of big data in the retail general insurance (GI) sector as well as outlining its responses to the issues raised. Insurance companies, which are increasingly using big data (gleaned from social media, loyalty cards, aggregator sites and other such sources) to determine risk profiles and set premiums, can rest a little easier given that the FCA says that it has decided not to undertake a full market study or make a reference to the Competition and Markets Authority.
If you operate a website which does business with consumers based in the European Union, read on.
In the recent case, Verein für Konsumenteninformation v Amazon EU Sàrl (28 July 2016), brought by Austrian consumer protection body Verein für Konsumenteninformation (VKI), the Court of Justice of the European Union (ECJ) held that Amazon’s standard terms of business were unfair under the Unfair Terms in Consumer Contracts Directive. As such, an injunction was granted forcing Amazon to change its standard terms.
July 7, 2016, saw the UK’s Financial Conduct Authority (FCA) publish fresh guidance in order to clarify the requirements which apply to the financial services firms it regulates when outsourcing to the cloud. When the FCA talks about the cloud, it is referring to the full range of cloud solutions which have evolved (such as private, public and hybrid cloud) as well as the various “X as a Service” solutions such as IaaS (infrastructure), PaaS (platform) and SaaS (software).
We all know that “cloud computing” is one of the most tired and overused phrases in the technology industry, and it has been for years. Everyone has gone “to the cloud” now, right? Not so fast. When it comes to cloud-based enterprise email, the market has lagged somewhat behind.
A Gartner report published on February 1, 2016, found that “[t]he cloud email market is still in the early stages of adoption with 13 percent of identified publicly listed companies globally using one of the two main cloud email vendors.” Those two leading cloud email vendors are: (a) Microsoft, which offers Microsoft Office 365 and has an 8.5% adoption rate among global companies; and (b) Google, which offers Google Apps for Work and has a 4.7% adoption rate among global companies. There are other providers in this space, including Amazon Web Services and Rackspace, which also provide cloud email solutions.
According to Theresa May, the UK’s recently installed prime minister, Brexit means Brexit. But what this actually means in practice is still unknown. There is still a huge amount of debate over what Brexit will look like, what process should be followed and how long it will take. Some commentators, such as Michael Dougan, Professor of European Law at the University of Liverpool, have suggested that it could take up to 10 years to make all the necessary adjustments.
In the meantime, it’s business-as-usual in the field of commercial contracts, outsourcing and technology deals. That said, there are some key areas that should be considered when putting these deals together, given what we now know (and still don’t know) about Brexit, as well as provisions that should be kept under review as the Brexit story unfolds. This is going to be an evolving area, but, based on discussions with both buyers and sellers over the past couple of weeks, here are my top ten:
In case you missed it, the Great British public caught the world off guard when, on 23 June 2016, a small but significant majority voted in favour of the UK withdrawing from the European Union. Much like the termination of an outsourcing agreement without detailed exit provisions and a well worked out plan, the decision has sparked political and economic chaos, as the UK is plunged into a period of prolonged uncertainty with much wider ramifications for political stability and economic growth across the EU and beyond.
What does this all mean?
From a UK-based outsourcing lawyer’s perspective, it is very much a case of wait and see. The English law regime applicable to outsourcing and procurement remains, for the time being, “as is”. Until parliament moves to repeal or amend the European Communities Act 1972, UK laws, which include the application of the EU Treaties, remain unchanged. Moreover, laws and regulations which have been transposed into English law in response to EU Directives in diverse areas such as working time, agency workers, data protection and TUPE laws will continue until further notice.
The ERISA Advisory Council1 recently announced that, as part of its goals for 2016, it will be focusing on cybersecurity issues affecting retirement plans and, in particular, the extent to which such issues relate to third-party administrators and vendors (TPAs) of retirement plans. To read what our attorneys have to say about this click here.
