Q: GDPR comes in on 25 May 2018.What is it, how does it affect members and How does it affect payroll records?
A: The General Data Protection Regulation (GDPR), which is due to come into force this year, will affect any organisation that processes personal data. Recently I spoke to a member who acted as an intermediary between the seller and buyer of a business. In these cases it is common to pass details of staff salaries from the seller to the buyer. The key question is whether there is a need to include the personal information in such circumstances. In these cases it is advisable to remove any information that can identify an individual. By doing this the buyer will still be able to judge the financial viability of a company without having access to any personal information.
This is just one example of the need for organisations to understand the core principles of GDPR. Educating staff to the implications and impact of GDPR is the key first step. By doing this practices will be well placed to identify the areas of data processing that could be effected.
Once an organisation understands how it uses personal data it then also has to devise processes that accommodate the new consumer “rights” – for example the “right to be forgotten”. There are clear limits to how much data can be deleted following such a request: for example, HMRC records cannot be deleted following a request from an individual.
It is advisable to invest time in understanding these new rights and how a practice will need to respond to them. The key message of the GDPR is that people handling personal information need to be accountable as to how they process personal information.
Mark Taylor, technical manager – technical innovation, ICAEW IT Faculty
Q: What do those in practice need to know about the anti-money-laundering regulatory changes that came in last June?
A: The 2017 regulations build on the current regulatory framework, although there are some specific changes. Identifying and assessing risk is an important part of anti-money laundering (AML). The regulations set out a more prescriptive approach to firm-wide risk assessment. There is a requirement for a written risk assessment and a list of factors that you must take into account.
Firms must – where appropriate to the size and nature of the business – appoint a board member or senior manager responsible for AML compliance. All firms currently have a Money Laundering Reporting Officer (MLRO) and ICAEW has taken the view that where this person is sufficiently senior then they can also act as the senior person responsible for compliance. Sole practitioners are exempt from this requirement.
It is also necessary for an independent audit function to be established to assess the adequacy and effectiveness of the firm’s AML policies, controls and procedures. Independent does not necessarily mean external and sole practitioners are exempt from this requirement. Firms must also now assess the skills, knowledge, conduct and integrity of those employees whose work is relevant to compliance with the regulations.
The definition of politically exposed person (PEP) now extends to domestic PEPs who will require enhanced due diligence. ICAEW has prepared a more detailed overview of the main changes and this can be found at tinyurl.com/ICAEW-MLR2017.
The draft AML guidance (ccab.org.uk/reports.php) for the accountancy sector is awaiting HM Treasury approval.
David Stevens, ICAEW integrity and law manager, technical strategy department
Q: What must be done to register Chartered Students for Level 7 Apprenticeships?
A: The Level 7 accountancy apprenticeship was approved by government in November 2017, with registrations for ICAEW students opening thereafter. There is no set timetable to register but your tuition provider will likely have application deadlines for each cohort.
To register a new student, first select a registered tuition provider and agree the training costs. Next, recruit a new apprentice or choose one from your workforce. Your training organisation can advertise your apprenticeship via the “find an apprenticeship” service.
Having chosen your apprentice and checked their eligibility, work with your tuition provider on an apprenticeship agreement and commitment statement. Once ICAEW is appointed as end-point assessment organisation and the apprentice registers (at icaew.com) the apprenticeship can begin.
The first end point assessment for the Level 7 will be July 2019. Apprenticeships must be a minimum of 12 months in length but it is anticipated that this apprenticeship will take 36-48 months. Level 4 apprentices must complete their apprenticeship before they can progress to level 7.
head of marketing and acting head of student recruitment, ICAEW
“The key message of the General Data Protection Regulation is that people handling personal information need to be accountable as to how they process personal information”
Mark Taylor, ICAEW IT Faculty
Five in brief:
- IFRS 9 and 15: These two major international financial reporting standards, on financial instruments and revenue, will have a profound impact on financial statements. They both come into effect for IFRS reporters for accounting periods beginning on or after 1 January 2018. ifrs.org
- US tax reform: President Trump signed tax reform legislation on 22 December 2017 – the Tax Cuts and Jobs Act. This is being seen as the biggest overhaul of the US tax code in more than 30 years and there are major changes to tax on overseas operations that are now enshrined in US law. icaew.com/ustax
- MiFID II: This introduces wide-ranging changes to financial services regulation as of January 2018. MiFID II will have an impact on pensions schemes and how they use and pay for fund management services. plsa.co.uk
- Preliminary Announcements: The Financial Reporting Council has published revised guidance for auditors on prelims that contains a new voluntary statement. frc.org.uk
- Gender pay gap: Organisations with more than 250 employees must disclose their gender pay gap. New regulations introduce penalties from April 2018. gov.uk
There are many forces shaping accountancy practices, from regulation and skills to technological advancement and economic change. If you have a question or need advice about any of these things and more, please email us at email@example.com and we'll find the answer for you.