Regulatory round-up – November/December 2018


Consumer and Retail Finance – November/December 2018
Latest from the FCA, including new measures on high-cost credit and overdrafts; other sector news. […]
Latest from the FCA, including new measures on high-cost credit and overdrafts; other sector news.
Financial Conduct Authority (FCA)
Stop press!! On 18 December 2018, the FCA announced the next package of measures forming part of its high-cost credit review. It announced proposals to change how banks charge for overdrafts, published the results of its review into the retail banking market, made new rules strengthening the protections for consumers using home-collected credit, catalogue credit and store cards, started consulting on further measures on buy now pay later offers, and published final guidance for registered social landlords to provide greater clarity about the activities for which they are likely to require authorisation as credit brokers.
In relation to home-collected credit, the FCA issued a consultation in May 2018 on information requirements for refinancing and further borrowing, and on guidance on its interpretation of section 49 of the Consumer Credit Act 1974 (CCA), which prohibits the canvassing of cash loans off trade premises. The new rules and guidance are largely the same as those consulted on. The FCA’s guidance on section 49 of the CCA came into force immediately, on 19 December 2018. Firms have until 19 March 2019 to fully comply with the rules and guidance on explaining the comparative costs of borrowing. See chapter 2 of the feedback document. The FCA’s analysis shows that consumers who use home-collected credit over long periods do not appear to suffer significant economic harm as a result in the same way that can be seen in other parts of the high-cost credit markets. The FCA is not currently planning to develop proposals for a price cap.
In relation to catalogue credit and store cards, the FCA is proceeding with the proposals in its May 2018 consultation paper, subject to some minor changes. See chapter 3 of the feedback document.
Chapter 4 of the feedback document is a consultation on additional proposals to apply requirements on buy now pay later offers more widely and to make them more transparent, as well as a proposal to prevent backdated interest being applied on repaid sums up to the date of payment. The consultation closes on 18 March 2019 with final rules due to be published in June 2019.
In relation to overdrafts, the FCA is consulting until 18 March 2019 (again, with final rules due to be published in June 2019) on proposals to simplify the pricing of all overdrafts and end higher prices for unarranged overdrafts.
The FCA’s final report into retail banking business models can be found here, setting out areas for further work. Written submissions in response to the report are requested by 15 February 2019.
On 22 November 2018, the FCA announced its proposal to introduce a price cap on rent-to-own firms to protect vulnerable customers from high costs. Under the proposed cap, which is subject to consultation until 17 January 2019 and is expected to come into force on 1 April 2019, credit charges cannot be more than the cost of the product. Firms will need to benchmark the cost of products against the prices charged by three other retailers. The FCA is also introducing a two-day cooling off period for the sale of extended warranties, effectively banning firms from selling these warranties at the point of purchase. The ban will come into force on 22 February 2019. In chapter 6 of the consultation paper, the FCA sets out its approach to promoting the availability and awareness of alternatives to high‑cost credit (a further update on alternatives to high-cost credit is also covered in chapter 6 of the feedback document published on 18 December 2018).
On 1 November 2018, the FCA’s Director of Supervision (Retail and Authorisations) delivered a speech on ‘Realising the benefits of purposeful leadership’. He believes that the consumer credit sector has become a safer place for borrowers and spoke about the challenges still faced by the sector, including the evolving ‘vulnerability landscape’ and uncertainty around change and regulation. He said that “regulatory change will continue in high-cost credit markets as long as we continue to find evidence of considerable harm to consumers which flows systematically from business models”.
He also gave some examples of what healthy cultures look like, compared with those firms that are “hell bent” on simply being compliant with the rules, and discussed accountability and leadership – “leadership is vital in ensuring a firm’s purpose is the right one and setting the tone for the rest of the organisation and putting in place systems, controls, governance and training, and incentives to drive them through”. He asked attendees to “pause for a moment of self reflection on the business models and the cultures of your firms. We are not going to demand that you adopt any particular strategy or culture. But I think there is a lot to be said for a purposeful culture which is about the outcomes for consumers not just about compliance with rules and box-ticking”.
The approach to consumers, the duty of care and consumer credit are some of the key specific issues raised by the Financial Services Consumer Panel, one of four independent statutory panels. See the FCA’s recently published response to key comments from the independent panels’ annual reports for 2017/18.
In relation to consumer credit, the Consumer Panel commented that the FCA should have a clear vision of what a good consumer credit market looks like for consumers and that it should not only focus on ‘traditional’ high-cost products but also on credit cards, unauthorised overdrafts, guarantor loans and other forms of higher-cost credit such as instalment loans. The Panel argued that the FCA has been reluctant to act decisively on financial products that contribute most to over-indebtedness (credit cards, overdrafts) and suggested that the FCA has adopted a ‘piecemeal’ approach to high-cost credit, rather than looking at the market as a whole.
On 27 November 2018, the FCA announced that it is delaying the launch of its credit information market study from Q4 2018/19 to June 2019. It will collect evidence to gain a better understanding of the potential for harm in this market and, if necessary, identify remedies.
In a speech delivered on the same day, the FCA’s Executive Director of Supervision (Investment, Wholesale and Specialists) set out the FCA’s view on how well UK financial services are managing risks associated with new technology, using analysis from the FCA’s cross-sector survey on firms’ technology and cyber capabilities. She warned that, on the basis of the data that the FCA is currently collecting, it sees no immediate end in sight to the escalation in tech and cyber incidents that are affecting UK financial services. The FCA says that the speech, survey report and infographic about how to react to a ransomware attack are relevant for firms whatever their size. The report draws out the different responses from large and smaller firms and the FCA encourages all firms to consider how its findings apply to them.
On 20 November 2018, the FCA published a research summary for banks and building societies on designing effective current account prompts which aim to increase consumers’ engagement with their current account, raise awareness of the current account switching service, and highlight developments in the retail banking market.
On 6 December 2018, the FCA published its findings on how mortgage lenders treat customers with long-term mortgage arrears and provide forbearance to affected customers. In a speech delivered on 6 November 2018, the FCA’s Executive Director of Strategy and Competition spoke about the FCA’s vision for the mortgage market, following the publication of interim findings from its mortgage market study. In related news, the FCA and Prudential Regulation Authority (PRA) are jointly consulting until 22 March 2019 on proposals for new reporting requirements for mortgage lenders and home finance administrators.
On 14 December 2018, the FCA introduced new rules on handling complaints about authorised push payment fraud. See the press release.
The FCA has reminded firms of their obligations under CONC 3, after its financial promotions team identified that some motor finance firms were not complying with the rules, particularly in relation to posts on social media platforms. Firms are directed to the FCA’s finalised guidance on social media and customer communications. The FCA has also recently seen examples of furniture companies failing to comply with the rules on their websites.
On 14 November 2018, the FCA published the findings of its review of how firms have implemented its whistleblowing rules, which were introduced in September 2016. The FCA sets out its expectations of firms and senior management, and provides identified examples of good practice and areas for improvement.
On 10 December 2018, UK Finance and the Association for Financial Markets in Europe submitted their joint response to the FCA’s consultation on proposed guidance for firms preparing Statements of Responsibilities and Responsibilities Maps under the Senior Managers and Certification Regime (SM&CR). They are widely supportive but would like to ensure that statements communicating policy or supervisory expectation are kept to the appropriate publications and do not effectively introduce new regulation.
The FCA published a letter which was sent in August 2018 to the chairs of remuneration committees of level 1 firms, setting out how the FCA plans to assess these firms’ remuneration policies and practices throughout 2018/19 and what this means for the recipients of the letter in their Senior Management Function 12 role.
On 16 November 2018, the House of Commons Treasury Select Committee published a letter to the Committee Chair from the FCA’s Chief Executive, regarding the FCA’s plans to ensure the accuracy and integrity of the data in the Financial Services Register. Among other things, the letter refers to the SM&CR and the recent consultation to introduce a ‘Directory’.
As part of its proposed financial crime strategy, which focuses on anti-money laundering, anti-bribery and corruption and fraud, the FCA intends to publish at the end of Q2 2019 a discussion paper on the roles and responsibility of industry and consumers in tackling fraud. The FCA recently published a report analysing the results of its first annual financial crime data return.
On 19 November 2018, the Head of the Financial Crime Department delivered a speech in which he discussed financial crime, artificial intelligence and the FCA’s approach.
The following day, the FCA’s Executive Director of Strategy and Competition delivered a speech on the conclusions of the Cryptoassets Taskforce, whose final report was published at the end of October 2018. Among other things, he spoke about the three major harms associated with cryptoassets (to consumers, market integrity and the risk of financial crime) and the proposed next steps of the FCA and HM Treasury in this area.
On 28 November 2018, the FCA published its revised Approach to Authorisation and feedback statement, following the publication of its consultation paper in December 2017.
The FCA is consulting until 14 January 2019 on regulatory fees and levies: policy proposals for 2019/20. A Handbook Notice will be published in Q1 2019.
On 7 December 2018, the FCA published its latest quarterly consultation paper, which includes proposed changes to SUP 16, to ensure compliance and increase accuracy of Firm Details reporting.
On 19 December 2018, the FCA published a policy statement confirming the revised Payment Services and Electronic Money Approach Document and Handbook changes following consultation feedback. The FCA says that firms should note the Handbook changes in the policy statement and the guidance in the revised Approach Document and adapt their practices accordingly.
Other sector news
On 9 November 2018, the House of Commons Treasury Select Committee launched an inquiry into consumers’ access to financial services. The inquiry will focus on the interaction between vulnerable consumers and financial services firms. The closure of bank branches and a fall in the number of free-to-use ATMs are noted as areas of concern.
On 23 November 2018, the same Committee launched another inquiry, this time into IT failures in the financial services sector. Written evidence is requested by 18 January 2019. The inquiry will focus on: the common causes of operational incidents in the sector; the ways in which consumers lose out as a result of such incidents; and whether regulators have the relevant skills to adequately hold people to account. According to the FCA, several high-profile cases of disruption to retail banking services in the first half of 2018 contributed to an increase in complaints to certain firms.
On 14 November 2018, the Chair of the Treasury Committee commented on a letter from the Economic Secretary to the Treasury about so-called mortgage prisoners, customers trapped in expensive deals and unable to remortgage because of the tightening, in recent years, of affordability assessment criteria and/or because their ‘zombie banks’ no longer offer new products. Also see the press release from UK Finance.
The Creditworthiness Assessment Bill, a Bill to require certain matters to be taken into account when assessing a borrower’s creditworthiness, is not now expected to have its second reading debate in the House of Commons until 25 January 2019.
The Minimum Service Obligation (High Street Cashpoints) Bill, a Bill to require banks to provide cash machines to be made available on designated streets and to enable local authorities to designate streets that require cash machines in towns of more than 5,000 residents, is also due to have its second reading debate in the House of Commons on 25 January 2019.
Recent research carried out by debt charity StepChange – ‘Locked Out: Examining the impact of problem debt on people’s housing situations’ – looks at how the charity’s clients’ problem debt affected their access to housing and the security, quality and affordability of their homes, at a time when they were trying to stabilise their finances and/or repay their debts. See the press release.
On 15 November 2018, UK Finance announced that, from that date, consumers would be able to compare clearer and more consistent information about the additional services current account providers offer all customers, including those in potentially vulnerable circumstances, following a voluntary commitment made by the industry.
On 30 November 2018, UK Finance announced that the banking industry has agreed to a series of voluntary proposals to deliver stronger, fairer outcomes for more SME customers, following the recent publication of an independent review report recommending new routes for SMEs to challenge banks without going to court. On 3 December 2018, the Economic Secretary to the Treasury wrote to the co-chair of the All-Party Parliamentary Group on Fair Business Banking, setting out the government’s approach to SME dispute resolution in more detail.
A new National Economic Crime Centre was launched on 5 November 2018. On the same day, the House of Commons Foreign Affairs Select Committee launched an inquiry into the future of UK sanctions, to explore and evaluate different options for the UK’s approach to sanctions policy after leaving the EU.
The Financial Action Task Force published its mutual evaluation report of the UK’s anti-money laundering and counter-terrorist financing measures. It concludes that the UK has a well-developed and robust regime, but that it needs to address certain areas of weakness, such as supervision and the reporting and investigation of suspicious transactions. See the press release.
Over in Europe, the Council of the EU adopted conclusions on an action plan to better tackle money laundering and terrorist financing, and the European Commission launched a review of the Distance Marketing of Financial Services Directive.
On 6 December 2018, the Bank of England (BoE) Deputy Governor for Markets and Banking gave a speech setting out the BoE’s work with the UK payments industry to adopt the global standard for payments messaging, and other initiatives in this area including the creation of a Standards Advisory Panel which will be jointly run by the BoE and Pay.UK.
The Payment Systems Regulator (PSR) responded to LINK’s third ATM ‘footprint report’, which shows that in September 2018 a number of protected ATMs were withdrawn from service.
The PSR is consulting until 4 January 2019 on general directions for the implementation of ‘Confirmation of Payee’, the new name check safeguard to protect people from authorised push payment scams.
Latest data from the Bank for International Settlements shows, among other things, that paper-based payments like cheques and cash still play important roles in society. An interim report published by the independent Access to Cash Review (‘Is Britain ready to go cashless?’) shows that despite the increasing use of cards and electronic payments, approximately eight million (17%) of people say cash is an economic necessity.
The European Payments Council published its 2018 Payment Threats and Fraud Trends Report, providing an overview of the most important threats in the payments landscape. It also recently published an interview on the key findings of the Capgemini/BNP Paribas World Payments Report 2018.
And finally, on 12 November 2018 and following a public consultation, the Financial Stability Board published its Cyber Lexicon, a set of core terms related to cyber security and cyber resilience in the financial sector.
Looking ahead to 2019
- January 2019: FCA policy statement on general standards and communication rules for the payment services and e-money sectors.
- 22 February 2019: Ban on sale of extended warranties at point of purchase comes into force.
- Early 2019: FCA consultation on guidance for firms on the identification and treatment of vulnerable consumers; government feasibility study to help design a pilot for a no-interest loans scheme.
- March 2019: FCA policy statement on regulatory fees and levies: policy proposals for 2019/20.
- 1 April 2019: Rent-to-own price cap expected to come into force.
- April 2019: FCA regulated fees and levies: rates proposals 2019/20; Banking Standards Board report on the industry’s culture.
- June 2019: FCA credit information market study due to be launched; final rules on overdrafts and on buy now pay later offers.
- Summer 2019: Consultation feedback and final rules on FCA and PRA proposals for new reporting requirements for mortgage lenders and home finance administrators.
- End of Q2 2019: Discussion paper on the roles and responsibility of industry and consumers in tackling fraud.
- 9 December 2019: SM&CR extended to all firms authorised under the Financial Services and Markets Act 2000.

Data Protection – November/December 2018
Privacy Shield second annual review report, Brexit guidance, latest from the ICO, cybersecurity and more. […]
Privacy Shield second annual review report, Brexit guidance, latest from the ICO, cybersecurity and more.
US continues to ensure adequate level of protection for personal data transferred under the Privacy Shield
Stop press!! The European Commission has today confirmed in its report on the second annual review of the functioning of the EU-US Privacy Shield that the US continues to ensure an adequate level of protection for personal data transferred under the Privacy Shield from the EU to participating companies in the US. The Commission does, however, expect the US authorities to nominate a permanent Ombudsperson by 28 February 2019 to replace the one that is currently acting. See the press release.
Guidance on data protection and Brexit
On 13 December 2018, both the UK’s Information Commissioner’s Office (ICO) and the government published guidance for organisations on data protection and Brexit, in particular relating to a ‘no deal’ scenario. This blog post contains links to the various ICO materials and practical tools. The advice is particularly relevant for those involved in transfers of personal data to and from the European Economic Area. As there will be no control over provisions for the free flow of data into the UK, organisations will need to give careful thought to alternative data transfer mechanisms, such as standard contractual clauses. If you require any assistance in this regard, please do not hesitate to contact Andrew Northage or Jeanette Burgess, who will be very happy to help.
The political declaration setting out the framework for the future relationship between the UK and the European Union contains a section on data protection. It says that both parties are committed to ensuring a high level of personal data protection to facilitate data flows between them, given their importance. The EU will start the assessments on the adequacy of the UK’s data protection standards as soon as possible after withdrawal, endeavouring to adopt decisions by the end of 2020, which is when the transitional period is due to end.
In related news, the EU is currently in the final stages of adopting an EU-Japan adequacy decision, which will be the first adequacy decision since the EU General Data Protection Regulation (GDPR) came into force.
Latest from the ICO
The ICO has updated its Guide to the GDPR to include:
- detailed guidance on encryption, aimed at helping organisations to understand the importance of encryption as an appropriate technical measure to protect the personal data they hold
- expanded guidance on contracts and separate detailed guidance on contracts and liabilities between controllers and processors
- guidance and separate detailed guidance on controllers and processors
- a section on passwords in online services.
On 12 November 2018, the ICO issued a call for views on a new direct marketing code of practice, to reflect requirements under GDPR and the new Data Protection Act 2018. The consultation closes on 24 December 2018. Other recent calls for views concern a code of practice for the use of personal information in political campaigns, and an age appropriate design code, which will set out the design standards the ICO expects providers of online services and apps used by children to meet when they process their data. The various codes are intended to provide organisations with practical guidance.
Following changes to the Privacy and Electronic Communications (EC Directive) Regulations 2003, the ICO can now impose a monetary penalty on an officer of a body corporate or Scottish partnership in addition to the body itself, where the breach occurs as a result of action, or inaction, by that officer. The changes came into force on 17 December 2018.
It has been reported in the media that Facebook is appealing the £500,000 fine imposed on it by the ICO in the wake of the Cambridge Analytica scandal. The fine is one of a number of actions taken by the ICO as part of its investigation into the use of data analytics for political purposes. On 6 November 2018, the ICO published an update report to Parliament on the investigation. See the blog post for details.
The ICO has issued the first fines to organisations across a range of sectors for failing to pay the new data protection fee. In related news, the government recently published the outcome of its consultation on whether the current exemptions from paying the data protection fee remain appropriate and fit for purpose. Views were also sought on whether new exemptions should be introduced.
In the ICO’s first prosecution under the Computer Misuse Act, a motor industry employee was sentenced to six months in prison after he accessed thousands of customer records containing personal data without permission.
In other recent enforcement action: two companies that made nearly 1.73 million direct marketing phone calls to Telephone Preference Service subscribers were fined £160,000 and £90,000 respectively; another company was fined £200,000 after it sent 14.8 million marketing text messages without valid consent through a third party service provider; the Metropolitan Police Service was ordered to make significant changes to the ways in which it uses its Gangs Matrix (a database that records intelligence related to gang members) to comply with data protection law; and a former headteacher was fined £700 after he obtained schoolchildren’s personal data from schools where he had previously worked and uploaded it to his new school’s server.
The ICO is analysing initial responses to its regulatory sandbox project. It recently consulted on creating a regulatory sandbox, following on from the publication of its Technology Strategy for 2018-2021. The sandbox “will be a safe space where organisations are supported to develop innovative products and services using personal data in innovative ways”. A consultation workshop will take place on 6 February 2019 and the ICO is committed to opening the sandbox, probably through a live ‘beta’ phase, later in 2019. See the blog post for details.
And finally, the ICO’s Deputy Commissioner (Policy) has posted a festive GDPR myth-busting blog to address some of the ongoing misconceptions surrounding GDPR and the new Data Protection Act 2018.
Cybersecurity update
The government has been undertaking its annual survey detailing the costs and impacts of cyber breaches and attacks on organisations. Businesses and charities from across the UK were selected at random to take part.
On 30 November 2018, hotel chain Marriott announced a data security incident involving its Starwood guest reservation database, potentially affecting up to 500 million guests. In the UK, the ICO is ‘making enquiries’.
The ICO recently fined Uber £385,000 (under the old data protection legislation) for failing to protect customers’ personal information during a cyber attack. The customers and drivers affected were not told about the incident for more than a year. Instead, Uber paid the attackers responsible US$100,000 to destroy the data they had downloaded. The ICO’s Director of Investigations said: “Paying the attackers and then keeping quiet about it afterwards was not, in our view, an appropriate response to the cyber attack. Although there was no legal duty to report data breaches under the old legislation, Uber’s poor data protection practices and subsequent decisions and conduct were likely to have compounded the distress of those affected”.
On 19 November 2018, the Joint Select Committee on the National Security Strategy published a report on the UK’s critical national infrastructure. It quotes the head of the National Cyber Security Centre as saying that a major cyber attack on the UK is a matter of ‘when, not if’. Among other things, the Committee says that the government’s current approach to improving the cyber resilience of the UK’s critical national infrastructure is “long on aspiration but short on delivery” and that “identifiable political leadership is lacking”. It urges the government to appoint a single Cabinet Office Minister charged with delivering improved cyber resilience across the UK’s critical national infrastructure.
On 10 December 2018, the European Parliament, Council and Commission reached a political agreement on the Cybersecurity Act, which will reinforce the mandate of the European Union Agency for Network and Information Security and establish an EU framework for cybersecurity certification. The Cybersecurity Act is part of a broader package of measures proposed in September 2017 to deal with cyber attacks and build strong cybersecurity in the EU and is a priority of the Digital Single Market strategy. See the press release for details.
More from Europe…
Ahead of a Transport, Telecommunications and Energy Council (Telecommunications) meeting in Brussels on 4 December 2018, consumer groups, non-governmental organisations and industry representatives wrote an open letter to EU member states in support of the ePrivacy Regulation, which was originally expected to apply at the same time as GDPR but has been slow to move forward. The organisations are concerned by the lack of progress and are urgently calling for agreement so that the legislative process can continue without delay. They stress that reform of the ePrivacy framework “is necessary to deliver effective confidentiality and security of modern online communications, to ensure clarity of the legal framework, and to restore public trust in the digital economy”.
In the meantime, the European Parliament and Council have both signed off on new rules for the free flow of non-personal data in the EU. See the Council’s press release. The regulation has since been published in the EU Official Journal and applies six months after publication.
A new regulation applied from 11 December 2018, bringing the data protection rules for EU institutions and bodies in line with the standards imposed on organisations by GDPR. See the press release from the European Data Protection Supervisor.
The European Data Protection Board is consulting until 18 January 2019 on guidelines on the territorial scope of GDPR.
The European Commission has been seeking feedback on a recommendation to establish a format for a European Electronic Health Record Exchange. The initiative “aims to facilitate cross-border interoperability and secure access to electronic health records for seamless exchange and use of health data in the EU”. Adoption by the Commission is planned for the first quarter of 2019.
The Irish Supreme Court is now expected to hear Facebook’s appeal in the Schrems litigation in January 2019. It was previously scheduled for December 2018. The appeal concerns the Irish High Court’s referral of questions over the validity of the European Commission’s adequacy decisions on standard contractual clauses to the Court of Justice of the European Union. Walker Morris will continue to monitor and report on developments.
…and back in the UK
The government has published the response to its consultation on the creation of a Centre for Data Ethics and Innovation, a new advisory body, “to ensure our society keeps pace with the rapid developments in data-driven technology, supporting ethical and innovative uses of data and Artificial Intelligence”. The Centre’s first strategy document is due to be published by spring 2019. It has been commissioned to study the use of data in shaping people’s online experiences, and the potential for bias in decisions made using algorithms, with an interim progress update expected in summer 2019. The annual work programme will be agreed between the Centre’s chair and the Secretary of State for Digital, Culture, Media and Sport.
On 2 November 2018, the government published guidance for controllers relating to the register of information sharing agreements under Part 5 of the Digital Economy Act 2017, which gives government new powers to share personal information across organisational boundaries to improve public services.
On 21 November 2018, the Home Office published a communications data code of practice. Among other things, the code provides guidance on the procedures to follow when communications data is acquired and retained under parts 3 and 4 of the Investigatory Powers Act 2016.

Health and Safety – November/December 2018
Sentencing update, HSE injury and ill health statistics, government response to Hackitt Review and more. […]
Sentencing update, HSE injury and ill health statistics, government response to Hackitt Review and more.
Almost three years on from the new sentencing guideline and £1 million-plus fines continue to bite
Bus company Midland Red (South) Limited was fined £2.3 million following a collision in which two people were killed and others were seriously injured. An investigation found that the 77 year old bus driver had put his foot on the throttle believing it to be the brake. The company dealt inadequately with numerous complaints about his driving and ignored warnings to ensure he reduced his working hours due to the effect of fatigue on his standard of driving. The driver was not fit and capable of undertaking his role and the company was in breach of its duty of care to passengers and members of the public. It was in breach of its own policies.
Southern Gas Networks plc was fined £1.2 million (and ordered to pay costs of almost £19,000) after two of its employees were injured, one of them suffering severe burns, during the repair of a damaged gas main. An investigation by the Health and Safety Executive (HSE) found that the company had failed to adhere to its own procedures or recognised safe systems of work. The construction company that had caused the damage had not followed safe digging techniques when excavating around the pipeline and was fined £60,000 (with costs of over £12,000).
The Atomic Weapons Establishment was fined £1 million (and ordered to pay costs of over £26,000) after one of its employees was injured in an electrical incident. The Office for Nuclear Regulation’s Deputy Chief Inspector and Director of Operating Facilities said: “This related to a conventional safety hazard and should have been avoided – and indeed would have been – had the right procedures and processes for safety been in place”.
Application of gross negligence manslaughter sentencing guideline
The new definitive sentencing guideline for gross negligence manslaughter came into effect on 1 November 2018 and has been applied in two recent cases.
In the first case, a farmer was sentenced to four and a half years’ imprisonment for gross negligence manslaughter and 10 months’ imprisonment for further health and safety offences (to run concurrently) after a volunteer at his farm died instantly when her hair and clothing became trapped in the Power Take Off (PTO) shaft of an old milling machine. The guarding on the PTO shaft was “utterly appalling” and the farmer’s “basic approach to health and safety showed a flagrant disregard for regulations”.
In the second case, the owner and manager of a takeaway were sentenced to two and three years’ imprisonment respectively for gross negligence manslaughter, plus a total of 8 and 10 months’ imprisonment respectively for health and safety and food offences (all to run concurrently), following the death of a teenager from an allergic reaction to nuts. She had specified her allergies in a note with the takeaway order, which was ignored. There were no appropriate systems or conditions in place to protect customers with known allergies.
As we have noted previously, the consultation paper for the draft sentencing guideline said that the aim was to regularise practice rather than substantially alter it, other than in the case of higher culpability offences arising from health and safety breaches where it was anticipated that sentences would rise. The new guideline is a further indication of the increasingly tough line being taken when it comes to health and safety breaches. While the focus tends to be on the employer as principle dutyholder, it is important to remember that directors, managers and others are also very much in the firing line. It is never going to be possible to eliminate the risk of harm entirely, but the current sentencing climate should bring home the message to employers and management that health and safety is a priority and there are steps that can be taken to minimise exposure.
In related news, a construction site manager has lost his appeal against conviction for gross negligence manslaughter (for which he was sentenced to four years’ imprisonment) following the death of a worker in a trench collapse [1]. At the close of the prosecution case, the appellant had submitted that there was no case for him to answer on the count of gross negligence manslaughter because there was no evidence that he had ever witnessed a trench in an open and dangerous condition, no evidence that he ever saw anyone working in the trench which was not battered (i.e. sloped), and there was a site foreman present at all times. This was rejected by the judge, who held that there was sufficient evidence upon which a reasonable jury, properly directed, could convict the appellant. On appeal, the Court of Appeal was in no doubt that the judge was right to leave the case to the jury. There was evidence from which the jury could conclude that the appellant was actually aware of the method of excavation and that it was dangerous.
In reliance on a previous Court of Appeal decision, the appellant also appealed on the ground that the judge had erred in law in directing the jury that they were entitled to consider what the appellant ought to have known about the way in which the trenches were being dug on site at the time of any alleged breach of duty by him. The Court of Appeal dismissed the appeal. The factual matrix in this case was that it was a question of ‘when’ not ‘if’ the trench would collapse, and this was or should have been apparent to anybody. Consequently, there was reasonable foreseeability of serious and obvious risk of death to anyone in or near the trench. The evidence simply did not permit the appellant to argue that, but for the trench collapse, no objective observer would have been aware from the facts available to the appellant at the time that there was a significant risk of death arising from his breach of duty.
HSE releases annual injury and ill health statistics
The HSE recently published its annual statistics showing that 1.4 million workers were suffering from work-related ill health and around 555,000 from non-fatal injuries in 2017/18. Construction and agriculture are among the higher risk industry sectors.
Among other things, the rate of self-reported work-related stress, depression or anxiety has shown signs of increasing in recent years. The HSE recently launched its Talking Toolkit to help prevent work-related stress, as part of its ‘Go Home Healthy’ campaign.
Government to take forward all recommendations in Hackitt Review
On 18 December 2018, the government announced the introduction of a tougher regulatory system for building safety, including taking forward all of the recommendations in Dame Judith Hackitt’s review of building regulations and fire safety which was published in May 2018. The government has published an implementation plan setting out its programme of work. See the foreword on pages 6 and 7 and the next steps section on pages 32 and 33 of the document. Among other things, the government has also published at the same time a call for evidence to inform a full technical review of the building regulations fire safety guidance, known as Approved Document B (fire safety), and the response to its consultation on proposed amendments to Approved Document B on restricting the use of assessments in lieu of tests (known as ‘desktop studies’). See the amendments to the guidance and the explanatory circular letter. The amendments take effect on 21 January 2019.
Regulations giving effect to the ban on the use of combustible materials on the external walls of high-rise residential buildings, as well as new hospitals, residential care premises, dormitories in boarding schools and student accommodation over 18 metres come into force on 21 December 2018. Over the next few months, the government will be launching a broad consultation on the new regulatory framework. It will be establishing a Joint Regulators’ Group to trial elements of the new regulatory system ahead of any new proposed legislation. Walker Morris will continue to monitor and report on developments.
______________
[1] R v Winterton, [2018] EWCA Crim 2435
Contains public sector information published by the Health and Safety Executive and licensed under the Open Government Licence.