Law & Regulation
Law & Regulation News
Law & Regulation News
Important amendments to the prescribed format of liquidators Section 682 Reports to the CEA with effect from 1 October 2023.
The Minister of State at the Department of Enterprise, Trade and Employment, Dara Calleary, TD, has signed into law the Companies Act 2014 (Section 682) Regulations 2023 (S.I. No 474 0f 2023) (the Regulations).

The purpose of these Regulations is to prescribe the form of the liquidator’s report to the Corporate Enforcement Authority for the purposes of section 682(2) of the Companies Act 2014.

The associated Regulations can be accessed here.

Employer Obligations under the Protected Disclosures (Amendment) Act 2022
The Protected Disclosures (Amendment) Act 2022 amended the 2014 Act, and sets out to protect workers in the public, private and not-for-profit sectors from retaliation if they speak up about wrongdoing in the workplace.

Any individual who makes a protected disclosure is protected by law and the legislation ensures strong anti-penalisation is included.

Workers can report wrongdoing internally to their Employer or externally to a third party, such as a prescribed person.

From Size to Risk:
Rethinking Regulation to Prioritize Impact
Regulation is often considered as a burden, but it is the bedrock of a safe society. Striking the right balance is key.

Policymakers currently rely on simple metrics (quantitative criteria) such as turnover, balance sheets, number of employees to categorise and define enterprises. This determines how EU law applies to them. But in today’s world of climate urgency, multiple tensions and disruptive innovations, these metrics fall short.

Most European businesses fall under the small and medium-sized enterprises (SME) category according to these metrics.

However, these don’t always reflect the complexity of their models, or their societal and environmental impacts. Even small companies can operate across borders, on new markets, in risky regions, and have a business model that significantly impacts the environment and stakeholders.

Accountancy Europe explored the idea in its 2020 thought-leadership paper From risks to regulation. These insights remain pertinent as we reconsider SME categorisation and thresholds today.

UK fines Equifax £11m for role in major cyber-security breach
The UK’s Financial Conduct Authority (FCA) has fined Equifax Ltd more than £11 million for failing to manage and monitor the security of UK consumer data it had outsourced to its parent company based in the US.

The breach allowed hackers to access the personal data of millions of people and exposed UK consumers to the risk of financial crime.

In 2017, Equifax’s parent company, Equifax Inc, was subject to one of the largest cybersecurity breaches in history. Cyber-hackers were able to access the personal data of approximately 13.8 million UK consumers because Equifax outsourced data to Equifax Inc’s servers in the US for processing.

The UK consumer data accessed by the hackers ranged from names, dates of birth, phone numbers, Equifax membership login details, partially exposed credit card details, and residential addresses.

The cyberattack and unauthorised access to data was entirely preventable. Equifax did not treat its relationship with its parent company as outsourcing. As a result, it failed to provide sufficient oversight of how data it was sending was properly managed and protected. There were known weaknesses in Equifax Inc’s data security systems and Equifax failed to take appropriate action in response to protect UK customer data.

Therese Chambers, joint executive director of enforcement and market oversight, said: “Financial firms hold data on customers that is highly attractive to criminals. They have a duty to keep it safe and Equifax failed to do so. They compounded this failure by the ways they mishandled their response to the data breach. Regulated firms are on the hook, regardless of whether they outsource or not.

“The risk of identity theft never stops. Cyber criminals are sophisticated and innovative; it is imperative that firms maintain the highest standards in data protection.”