Disputes Matter – February 2018


Serving effective [warranty claim] notices
Walker Morris’ Head of Commercial Dispute Resolution, Gwendoline Davies, explains why notifying contractual warranty claims […]
Walker Morris’ Head of Commercial Dispute Resolution, Gwendoline Davies, explains why notifying contractual warranty claims – and serving legal notices generally – can be a particularly tricky business. Gwendoline shares some practical advice.
Notification of warranty claims…
Back in 2016, Walker Morris’ Corporate partner Richard Naish reported on the importance of clarity and accuracy when notifying breach of warranty claims. The issue has recently come before the courts again.
In Teoco UK v Aircom Jersey [1] the Court of Appeal was asked to determine whether the purchaser/claimant’s notification of a breach of SPA warranty claim – worth some £3.46 million – was valid.
Notification requirements
The purchaser had bought group companies pursuant to a sale and purchase agreement (the SPA) which contained a tax covenant and various warranties under which the seller warranted that the companies had paid all tax due. As is typical, the seller’s liability was subject to notification of claims obligations which, in this case, required the purchaser to give notice: “setting out reasonable details of the claim (including the grounds on which it is based and the Purchaser’s good faith estimate of the amount of the claim)”.
Notification letters
In February 2015 the purchaser’s solicitors wrote to the seller, referring generally to the tax covenant, tax warranties and general warranties, alleging potential breaches and purporting to comply with the notification of claims obligations within the SPA. When the seller responded that the letter contained insufficient detail to constitute a valid notification, the purchaser’s solicitors wrote again, this time simply setting out a breakdown of tax allegedly due.
Court of Appeal confirmation
The High Court had previously concluded that the purchaser’s letters did not constitute valid notification of a claim because, without identification of the specific warranties alleged to have been breached, they did not set out the legal grounds for a claim. The Court of Appeal agreed and clarified as follows:
- While every notification clause (like every other contractual provision) will turn on its own individual wording…
- …certainty is important [2].
- A compliant notification of warranty claim should identify the particular warranty/ies alleged to have been breached [3].
- Whilst there may be some cases in which the ‘reasonable recipient’ test may be relevant [4], in this case there was real scope for doubt about which provisions the purchaser thought may found a claim.
…and service of notices generally
The notification of warranty claims obligations in the Teoco SPA were also time-limited: notice had to be given as soon as reasonably practicable after the purchaser became aware of a claim, and in any event on or before the longstop date of 31 July 2015. Legal proceedings also had to be commenced within six months of the date the seller was notified and, once a claim had been commenced, no new claim may be brought in respect of the same matter. (The purchaser therefore effectively had only one ‘shot’ at getting any claim right).
Such time limits and other claim restrictions are common, not only in relation to warranty claim notifications, but also in relation to the service of all sorts of contractual notices.
Most modern commercial contracts also contain separate, detailed service of notice clauses with additional obligations and requirements which, if they are not strictly complied with, can invalidate any notice. The consequences of that can be significant.
In the recent case of Zayo Group International Ltd v Michael Ainger & Ors [5] (incidentally, also a notification of warranty claim dispute) the claimant had left service of the relevant notices until the last minute. The contract in question provided for notices to be served on all seven defendants by hand at the addresses specified in the contract or such other addresses as may be notified in writing. When the courier arrived at the address of one of the defendants, he discovered that she no longer lived there and left without leaving the notice. The deadline for service expired later that day, so the claimant had no opportunity to further attempt service. When the claimant subsequently sought to bring proceedings, the High Court dismissed its claim in full and against all defendants, on the basis that service had not been validly effected.
Practical advice
A good tip, when it comes to the service of any contractual notice, is to remember the mantra: who, when and how? Immediately a party considers serving a notice, it should ascertain exactly:
- Who is required to give notice and on whom the notice should be served. (Consider the party/counter-party itself? Legal representatives? Other agents? Have there been any assignments, novations or variations which change the position? What are the current names and addresses/contract arrangements for the relevant parties/agents?).
- When the notice should be served, including whether there are any long-stop dates for service or for completion of any other conditional/procedural steps (such as commencing any follow-on court claims, or the like).
- It is also important to bear in mind, when calculating dates, that there may be different dates to ascertain. For example, depending on the nature and wording of the notice clause, you may need to know the date on which a notice actually has to take effect; the date by which it has to be served on (i.e. received by) the receiving party; and/or the date by which it has to be issued.
- All of those dates can be influenced by other factors (such as the required method of valid service; how long that will take; whether the contract designates when service will take place or whether the contract relies on external deeming provisions; whether there are any weekends/bank holidays to take into account and/or whether only working/business days count (which can differ across different countries); and so on.
- The ‘how‘ covers:
- The content of the notice – such as the requirement in this claim (and in the majority of notification of warranty claim cases) to set out, with the requisite specificity, the legal basis of the claim.
- The form of the notice and any strict procedural requirements (in Mannai Lord Hoffmann famously said: “if the [termination] clause had said that the notice had to be on blue paper, it would have been no good serving a notice on pink paper“).
- The fact that service must be effected in accordance with any contractually specified method. That, in turn, can lead to problems if notification obligations within contracts are drafted in isolation from, or inconsistently with, more general service clauses and other relevant contractual provisions. For example, what happens if a party gives a PO box as its service address, but the contract specifies service by recorded delivery? (You cannot effect recorded delivery on a PO box.) What happens if the contract specifies that the service address is a party’s registered office, but the agreement is assigned to an individual? (Individuals do not have registered offices).
The best advice is to leave the issue of warranty claim notifications – and indeed the service of legal notices generally – entirely to the experts. The consequences of getting any such notice wrong can be too costly to gamble. That is particularly the case where, as in Teoco, the potential claimant only has one bite at the cherry. Instructing specialist legal representatives to take on the risk for you reduces the chance of any problems arising.
________________________
[1] Teoco UK Ltd v Aircom Jersey 4 Ltd & Anor [2018] EWCA Civ 23
[2] Senate Electrical Wholesalers Ltd v Alcatel Submarine Networks Ltd [1999] 2 Lloyd’s Rep 423
[3] RWE Nukem Ltd v AEA Technology Plc [2005] EWHC 78 (Comm)
[4] i.e. the objective test, established in the House of Lords case of Mannai Investment Co Ltd v Eagle Star Life Assurance Co Ltd [1997] AC 749, HL, which can (in some circumstances) save an otherwise defective notice if the reasonable recipient would nevertheless have been left in no doubt as to its meaning
[5] [2017] EWHC 2542 (Comm)

Contract termination tips 4 U
Commercial Dispute Resolution partner Malcolm Simpson explains what parties can learn from the recent Phones […]
Commercial Dispute Resolution partner Malcolm Simpson explains what parties can learn from the recent Phones 4 U v EE [1] contract termination case.
English law allows termination of a contract:
- On grounds of repudiatory breach (i.e. a breach so serious that it goes to the heart of the contract and gives rise to a right for the aggrieved party to accept the breach, terminate the contract and claim ‘loss of bargain’ damages).
- In cases where the contract does not contain express rights to terminate, on reasonable notice.
- In accordance with the parties’ own express agreement as to the circumstances in, and methods by, which a contract may be brought to an end. Common express contractual grounds for termination include material or substantial breach of any particular terms; where there is a change of control in either party; where there has been damage to reputation; in the event of a party’s insolvency; and/or simply without any reason or cause but on notice.
Sometimes more than one of these rights to terminate will exist concurrently, and Phones 4 U v EE confirms that parties may now have to be more careful than ever in such cases, when seeking to terminate their contracts.
EE, no ‘loss of bargain’ damages 4 U
In September 2014 EE informed Phones 4 U that it would not be renewing its agreement for Phones 4 U to sell EE mobile phone contracts when the agreement expired the following year. Phones 4 U then went into administration. Under the express termination provisions in the parties’ agreement, the appointment of administrators was not a breach of contract, but it allowed EE to terminate immediately, which EE did. In those circumstances, however, Phones 4 U remained entitled to receive payments generated from EE contracts which it had sold, and Phones 4 U brought a claim against EE for unpaid commission.
EE counter-claimed that Phones 4 U’s cessation of trading amounted to a repudiatory breach of the parties’ agreement. EE argued that that gave EE both a right to terminate and also the right to recover loss of bargain damages in respect of revenue that EE would have received during the remainder of the term of the agreement had Phones 4 U continued to trade.
The High Court gave EE short shrift and struck out EE’s counter-claim because:
- In a claim for loss of bargain damages, the repudiatory breach must have caused the innocent party’s decision to terminate. If the decision to terminate was independent of a repudiatory breach, any claim for loss of bargain damages must fail.
- EE’s termination notice clearly stated that the agreement was terminated in accordance with the express contractual clause which provided for termination in the event of a party’s insolvency. The notice did not mention any repudiatory breach at all.
- If a termination notice communicated a decision to terminate under an express provision irrespective of any breach, then no right to recover damages for repudiatory breach could arise even if conduct amounting to repudiatory breach, in fact, existed.
- It could not be said that the agreement in this case was terminated on grounds of repudiatory breach. EE could not re-characterise events after the fact, and so EE had no right to loss of bargain damages.
- EE’s termination notice sought, in very general terms, to “reserve all rights and remedies [EE] may have under [the] Agreement“. Such a general reservation was not sufficient to overcome the fact that the notice had unequivocally terminated pursuant to an express right independent of any breach.
WM Comment
In her article on the service of notices, Gwendoline Davies has highlighted some of the technical difficulties that can arise when serving any legal notice. All of those issues equally apply when a party issues any termination notice.
In addition, the Phones 4 U v EE case illustrates that when a repudiatory breach is committed, the innocent party can opt to accept the breach, end the contract and potentially claim loss of bargain damages. It is therefore always crucial, if and when any party considers terminating a contract for any reason, to ascertain exactly what rights that party has, and to prepare the termination notice sufficiently carefully so as to protect and/or assert those rights accordingly.
Other traps for the unwary in contract termination scenarios can include the risk of affirmation (i.e. that the right to terminate can be lost, even inadvertently, in certain circumstances where a party commits to keep the contract alive); the risk of estoppel (for example, where one party has led another to believe it will not terminate and then circumstances dictate that it would be unjust to allow that party to go back on its word); and the significant risk of purporting to terminate a contract when the right to do so has not arisen, which risks putting the innocent party in repudiatory breach of contract, with a consequent liability for loss of bargain damages.
Any party considering terminating any commercial contract in the UK should seek specialist advice. As well as ensuring that you have the most appropriate and effective overall exit strategy, a UK commercial dispute resolution solicitor will be able to guide you through the traps which can arise both within the contract itself and in contract and common law generally.
_____________________
[1] [2018] EWHC 49

When is a penalty not a penalty?
Nick Lees, a partner in Walker Morris’ Commercial Dispute Resolution team, examines recent case law […]
Nick Lees, a partner in Walker Morris’ Commercial Dispute Resolution team, examines recent case law which is starting to clarify, in practical terms, when contractual clauses may or may not amount to unenforceable penalties.
The penalty rule…
Contracting parties frequently wish to pre-emptively protect themselves against the breach of their counterparty. Parties therefore often agree, within their contractual arrangements, the consequences that will flow from a party’s breach. However when doing this, parties must beware of the common law rule which provides that, to the extent that such a clause is a penalty, it will be unenforceable.
In Cavendish and ParkingEye [1] the Supreme Court explained that a penalty is a contractual provision that imposes a detriment on the party in breach of a primary obligation which is out of all proportion to any legitimate interest of the innocent party in the performance of that obligation. Breaking that down, there are three tests which can help to determine whether a provision amounts to an unenforceable penalty. Last year, the Vivienne Westwood case [2] helped to clarify how those tests operate in practice:
- The ‘threshold test’ – is the penalty rule engaged at all? In English law, the court will not generally interfere with a party’s ‘primary’ contractual obligation to do something, but it can regulate the ‘secondary’ liability that may be imposed when a party breaches that obligation. The penalty rule is only engaged at all, therefore, if the provision in question imposes a secondary liability for breach of a primary obligation. (In Vivienne Westwood, the landlord had done a deal, by way of offering a rent concession in a side letter, to attract the tenant to its premises. The tenant had entered into the lease and the side letter simultaneously, but could not be under two different rent obligations at the same time. The true, primary obligation was to pay the reduced rent as per the side letter deal and so the obligation to pay the higher lease rent was a secondary liability that only arose in the event of a breach of contract. The initial ‘threshold test’ was therefore met, and the penalty rule was in play.)
- The ‘legitimate interest test’ – does the clause serve to protect any legitimate interest? A clause that is potentially penal in nature may nevertheless be allowed if it serves to protect a legitimate interest of the innocent party in the performance of the primary obligation.
- The ‘exorbitance test’ – if so, is the provision out of proportion to the protection of that interest, by being extravagant or unconscionable?… so long as the provision in question is not exorbitant or unconscionable in amount or effect as against the legitimate interest which it serves to protect, then it may not amount to a penalty.
…and examples of its practical application
In the last couple of months, the High Court has applied the penalty rule in two different practical scenarios.
In Holyoake v Candy [3] a borrower argued that various clauses in loan documentation were unenforceable penalties. The clauses in question included:
- A provision requiring the borrower to pay a redemption figure on early repayment of the loan, where the redemption sum included the whole of the interest that would have accrued by the end of the period of the loan.
- A provision in an escrow deed that if the borrower did not repay the debt and complete the relevant sale/purchase agreement, a new debt would arise.
- Provisions requiring the payment of certain fees under a loan extension agreement.
The High Court found that the clauses were not unenforceable penalties. That was because, in each instance, the clauses in question were not ‘secondary’ obligations triggered by a breach of contract – the penalty rule was, therefore, never engaged at all.
In ZCCM Investments Holdings plc v Konkola Copper Mines plc [4] a settlement agreement allowed the defendant to make payments to the claimant in instalments. The agreement contained an acceleration clause which provided that, in the event of breach by the defendant, all unpaid sums due to the claimant would have to be paid within five business days, failing which interest would accrue at the rate of LIBOR plus 10%. When the defendant failed to make a payment and the claimant sought to rely on the acceleration and enhanced interest clause, the defendant argued that it was an unenforceable penalty. Disagreeing with the defendant and upholding the clause, the High Court confirmed:
- There was nothing extravagant, exorbitant or unconscionable in requiring a commercial party under the terms of a settlement agreement to pay immediately the full amount of the loan in the event of any non-compliance with its terms.
- The claimant had a legitimate interest in requiring strict compliance with the settlement agreement.
- The defendant knew what it was signing up and the agreement was an arms’ length contract that had been entered into by the defendant with the benefit of expert legal advice.
- It was reasonable for a claimant to require increased interest in the event of a defendant’s default and there was nothing to suggest that the particular enhanced interest rate was extravagant.
WM Comment
Since the Supreme Court restated the rule against penalties in Cavendish and ParkingEye, any practical application of the rule is of interest as it can help contracting parties and their professional advisers to negotiate and complete contracts with a greater understanding of the terms that are likely to be, or not to be, enforceable.
In addition, the Holyoake case highlights, in particular, that, subject to the proviso that it is the substance of a clause (as opposed to just its form) which matters, parties can circumvent the penalty rule by clever drafting.
Anyone negotiating contractual terms should bear in mind the following practical advice:
- The modern approach embraces more flexibility, which is apparently starting to result in fewer clauses being found to be unenforceable penalties.
- More than ever before, careful drafting can help parties to pre-emptively protect themselves against certain breaches of contract, in particular:
- Parties should consider framing contractual obligations so as to ensure that they are primary obligations to which the penalty rule does not apply, as opposed to secondary provisions which merely set out consequences of breach.
- Parties may wish to specify, in the contract itself, the commercial context and why the particular clause provides reasonable and proportionate protection of a legitimate interest.
- Legitimate interests which can justify a particular provision may be commercial in nature, but they may also take into account wider social, economic or consumer considerations.
- The courts should now be more reluctant to characterise a clause negotiated between commercial parties and/or parties that are legally advised as a penalty.
- Businesses would be well advised to review their existing and standard contracts in case any terms can now be improved upon (and in case any provisions which still fall foul of the rule against penalties can be identified and addressed accordingly).
______________________
[1] [2015] UKSC 67, and see our Walker Morris briefing
[2] [2017] EWHC 350 (Ch), and see our Walker Morris briefing
[3] [2017]EWHC 3397 (Ch)
[4] [2017] EWHC 3288 (Comm)

Combatting cybercrime and fraud
Cybercrime and fraud are increasingly key risks for businesses, for professionals and for individuals alike. […]
Cybercrime and fraud are increasingly key risks for businesses, for professionals and for individuals alike. A Walker Morris Commercial Dispute Resolution specialist offers some practical risk management advice.
Scale of the problem
Information security breaches can cause devastating financial loss and serious reputational damage – and they are on the rise.
- Nearly 70% of large businesses experienced a cyber security breach in the last 12 months or so [1]. That is an increase on the two thirds of large businesses which detected and reported a cyber security attack in the 2015/16 financial year. With attacks not reported, the true figure is likely to be much higher.
- Some 37% of UK businesses are now experiencing cyber attacks approximately once per month.
- Identity theft (of various types, including fraudulent e-mails, spyware/malware and other devices deployed via cyber attacks) now accounts for some 75% of fraud (up from around 40% in 2015/16).
- 2,356,000 instances of bank account fraud were reported in the 12 months to June 2016, making it the most common form of cybercrime in the UK [2].
- The National Security Council and Serious and Organised Crime authorities are aware of over 39,000 cybercriminals and over 6,000 cybercrime groups operating within the UK today. Although the authorities’ knowledge is improving all the time, there are still gaps, so the reality is even worse [3].
- Apart from organised crime, businesses face information security risks from ‘hacktivists’, IT-savvy teenagers, competitors and even simple human error.
- Cybercrime and fraud reports to the Law Society are also on the rise. Between 2012 and 2016 there was a 101% increase in reports of bogus law firms (54% of which related to the identity theft of a genuine firm or individual). That represents a 101% increase on 2012.
- In 2016/17, over 70% of the sums incurred by HM Land Registry’s Indemnity Fund involved claims concerning fraud and forgery [4].
- The FCA has also reported [5] its concerns that many business continuity plans do not work. For example, mirrored backup solutions, which rely on backup tapes which may be a few days old, are insufficient. If an attack happened tomorrow, what would be lost and what would be the effect on your business and your customers if your backup tapes were a week old?
Risks to watch out for
There are some increasingly common scams and indicators of fraud which, if they are detected in time, may enable a business to intervene to prevent any loss. Businesses should therefore ensure that their staff are trained to recognise and watch out for the following frauds and warning signs.
Common scams
- Phishing is where fraudsters acquire sensitive information, such as bank account details, by posing as a known or trustworthy entity in an electronic communication.
- Identity theft can also be perpetrated when a fraudster impersonates a genuine individual or firm using details that may have been obtained via the internet, social media or other personal data sources.
- CEO fraud is a form of identity theft whereby a fraudster impersonates a senior figure at a firm to impose authority and to order money/asset transfers that might otherwise be prevented by fraud prevention policies or practices.
- E-mail hacking is where a fraudster hacks into the e-mail accounts of a business or individual and intercepts confidential information and communications. The fraudster can then pose as a person with whom that business/individual would expect to transact and can redirect monies or assets and disappear with the spoils. In a recent unreported High Court case which exemplifies a very common scenario, an individual claimant was defrauded of substantial sums of money when a fraudster hacked into his e-mail account and masqueraded as his builder. As the individual was expecting an invoice in respect of building works, he paid sums over to the fraudster in the belief that he had been sent a genuine invoice.
- Friday afternoon fraud is the name often given to a scam perpetrated on a bank or law firm late in the day in a conveyancing or similar transaction. The fraudster takes advantage of peak time pressure to complete (when information and data security lapses may be more likely to occur) to impersonate one of the parties.
- Bogus firms are created by criminals and deceive individuals or genuine firms to steal money or information.
- Social engineering is where a criminal gains confidential information through building a personal relationship with a member of staff.
- Malware is software which attacks a business’ data and information security. Viruses and other programs can infiltrate a business’ IT systems, causing damage and allowing access to data.
- Ransomware, an increasingly common and sophisticated form of malware, encrypts files and enables cybercriminals to demand a ransom for a decryption key. The FCA has reported that it now often sees not just isolated ransomware infections, but even self-replicating ransomware and other malicious software, which spreads rapidly through entire networks.
Warning signs/indicators of fraud
- Errors or inconsistencies in the spelling, grammar and terminology of firm names; slogans; logos; e-mail addresses, formats or account providers; other brand identifiers (such as company numbers, SRA/FCA registrations); and/or in communications generally.
- Newly registered or non-registered websites or domain names which may have been set up solely for the purpose of the fraud.
- Unexpected or unsolicited electronic communications – especially e-mails with attachments – which can contain and release malware.
- Absent, unclear or inconsistent background information, personal or trading history or other supporting documentation. These may indicate a fake or stolen identity.
- Last minute changes to key information, such as bank details or correspondence addresses.
- Unexpected overseas accounts or addresses.
- Absent or inconsistent telephone numbers, in particular absent or inconsistent landlines, and telephone numbers which divert to call-back services.
- Pressured instructions for unusually quick completions.
- High value/cash transactions or transactions with other unusual elements (such as back-to-back transactions).
- Inconsistent search results.
- A ‘gut feeling’ that something is not right.
Prevention and cure
There are some simple, practical steps that all businesses can take, both to help manage the risks and to mitigate damage caused in the event of an attack.
In terms of prevention:
- Customers/clients should be advised of the risks – if they are alive to the risks they can help, especially in relation to the protection of their own data and communications.
- Staff training is vital. All staff should be trained to recognise and react appropriately to the risks and indicators of cybercrime and fraud. In particular, all staff should be made aware of the existence and terms of businesses’ policies, procedures and reporting requirements where fraud is suspected.
- Businesses should share, internally, information and data relating to any attempted attacks. All areas of a business can then become alive to suspected attacks as soon as they occur.
- Policies, procedures and reporting requirements should be reviewed and updated, and training should be repeated, regularly. Cybercrime is a sophisticated and fast-moving phenomenon. Fraudsters today are very adept at harnessing technological advances for criminal purposes.
- Undertake regular online checks to ensure that your own firm/brand is not being impersonated.
- Adopt and foster a security culture, which includes good cyber security governance; the identification and protection of key assets; fit-for-purpose IT security/detection capabilities and business continuity plans; and a comprehensive understanding of how data is stored and protected. (In many cases, this will involve a detailed understanding and adoption of any third party/cloud data storage provider’s threat profile.)
- Where possible, firms should facilitate home and mobile working for their staff. This can help to ensure business continuity in the event of an attack.
- Where possible, meet and speak, rather than always communicating by e-mail and be extremely cautious of giving any sensitive information electronically.
- Where electronic communication is essential, encrypted e-mails and password protected portals offer a much greater level of data security.
- The Law Society’s Find A Solicitor website can be used to check the identity of qualified solicitors in England and Wales and Lawyer Checker can be used to verify solicitors’ accounts.
- Bank account details should be confirmed in person or on the telephone. This should include asking security questions to which only the genuine party or solicitor would know the answer.
- Any instructions that are given to change bank account or payment details should be treated with the utmost caution, investigated thoroughly and ideally confirmed in person.
If you do find yourself or your business a victim of fraud:
- As well as following any internal incident management regime, you should immediately notify the police, who may be able to recover some of the stolen monies and potentially take action against the fraudsters. You should also notify any lender and/or insurer, any other parties to the transaction or the customer/client and any interested/industry bodies such.
- Seek immediate specialist legal advice. For example, Walker Morris Commercial Dispute Resolution team has significant expertise in fraud claims and would be able to urgently initiate a freezing injunction to try to preserve stolen monies in the fraudsters’ bank account(s). If the whereabouts of monies is unknown, Walker Morris also has extensive experience in tracing and recovery.
- There are also other tactical options which specialist solicitors could deploy on a victim’s behalf. In the recent builder/hacker case referred to above, the victim was able to apply to the High Court for both a Norwich Pharmacal order [6] (which required the bank to reveal the identity of the holder of the account into which the defrauded sums had been paid), and a declaratory order that the monies were held by the holder of that account on trust for the victim.
- Other civil remedies which may assist in a fraud case may, depending on the circumstances, include breach of contract, negligence, breach of trust, unjust enrichment and/or tracing claims – all of which could help to recover lost funds.
WM Comment
Cybercrime and fraud are risks that are on the rise – but so too are the knowledge, technological means and legal expertise required to effectively respond to and combat them.
The best means of protection for your business and your customers is to be proactive in your data protection and security practices, and to have expert legal assistance in your corner just in case anything does go wrong.
If you would like to discuss the content of this article in more detail, please do not hesitate to get in touch.
___________________
[1] UK Government Cyber Security Breaches Survey 2017 Main Report
[2] UK Government Cyber Security Breaches Survey 2016 Main Report
[3] Source: Agenda Screening Services
[4] Estates Gazette ‘Lessons on Fraud’, 14 October 2017
[5] FCA’s ‘Approach to cyber security in financial services firms’, September 2016
[6] a Norwich Pharmacal order, named after the case which gave rise to the remedy (Norwich Pharmacal Co v Commissioners of Customs and Excise [1974] AC 133) allows pre-action disclosure against a person who will not be party to subsequent proceedings, so as to identify another person (for example a wrong-doer); or so as to identify the nature of a wrongdoing, who or which can then be the subject of proceedings.