Many might say we are not heading for a downturn just yet and they could be right but we would suggest you do not ignore the vulnerabilities:
CFO survey points to defensive outlook
The Q2 CFO survey by Deloittes highlights a marked shift in the attitude of UK Chief Financial Officers towards a more defensive stance – conserving cash, reducing cost and asset disposals:
As larger corporates tighten their belts so their suppliers and partners feel the pinch – that’s you, your customers and maybe even your suppliers. Cash circulation slows down, payment terms are extended and life gets tougher for SMEs.
Action to take now
If you do not yet have robust credit management policies and procedures then now is the time to introduce some. If you already have policies in place then take the time to review them thoroughly. Pay attention to:
Plan for the downturn, enjoy the upturn
It may, of course, never happen. The economy may ride out all the vulnerabilities and shocks we have seen. Life may flow smoothly on...
However, when has a little housekeeping or spring cleaning ever been bad? If you’re prepared for the worst then you won’t be one of those struggling to catch up if things do take a dip.
If you would like to speak to us about getting prepared and what changes your business may need to ride out any economic problems then do email us at email@example.com.
We have all heard about the much greater fines that can be levied against organisations that fail to protect their customers’ data or that inadvertently disclose that data. GDPR is now here and the fines can be eye-watering. What perhaps fewer companies realise is that these fines are just the tip of the iceberg in terms of the true costs of a data breach.
I don’t plan to devote much space to the reputational risk associated with poor data security but I’m sure I would get plenty of comments if I left this off the list. You don’t need me to fill in the blanks though...
Data subjects and class actions
Messrs. Stalkem & Pounce, your eager data protection lawyers, are gearing up for the class actions that are likely to follow some of the more serious and high profile data breaches. The fines you may get from the regulator – the Information Commissioner’s Office in the UK – do not provide any immunity from legal action by data subjects who can prove loss, distress or heightened risk to themselves emanating from the disclosure of their data.
I have no real idea how substantial these damages could be in practice but there are some precedents which give an indication of what may be decided by courts:
"Awards of between £2,500 and £12,500 were awarded to six asylum seekers when their personal data was inadvertently published on the Home office website (TLT v Secretary of State for the Home Department. Reference )". Source: Ashfords LLP.
Supplier or customer contracts
In many businesses there will be little in the way of threat from suppliers or customers taking action because of a data breach unless the data concerned was theirs. However, it is worth checking your contracts to ensure there is no 3rd party action that can be taken resulting from a data loss. It may also be worth considering whether your contracts with others should incorporate such a clause.
Could your business could suffer financially, reputationally or otherwise were one of your suppliers or customers to lose data, even if that were not data you had provided them? GDPR has heightened the focus on data security but many businesses are only just beginning to appreciate the reach of this new regulation so don’t get caught out.
Credit card fines
If you take credit card payments you need to look very carefully at how you are doing this and whether you are storing such highly sensitive data. If you don’t need to keep the customers’ card details then don’t keep them – the requirement for far greater security measures will involve you in layers of cost most businesses can do without. If there is a breach and data is lost then the fines from Card Schemes – Visa, Mastercard or others – will be passed down the chain to you.
There are considerable Card Scheme fines associated with non-compliance following a data compromise; these can range from tens to hundreds of thousands or even millions of pounds. Many non-compliant merchants have ceased trading because the fines could not be accommodated. The fines are passed from the Card Scheme to the acquirer and then onto the merchant.
It is too early to tell how many businesses will be damaged beyond repair by the fallout from data leaks and breaches but there are plenty of layers to the costs that may be involved. It’s worth taking some time to ensure you understand where your organisation’s vulnerabilities lie so that these costs are, at least, well understood.
A client of ours, Calibre Facility Services Ltd, has just sponsored a choir of around 30 hearing-impaired children to defend their national title at a signing choir competition next May. We have attached the press release so please pass this on to any journalists you may know as it's a great story.
It's so lovely to see businesses supporting such worthy ventures and bringing real joy to these children.