The FT reported two days ago that – “Businesses would be hit with an annual £15bn bill for filling in customs forms for trade between the UK and the EU in the event of a no-deal Brexit, according to a British government paper published on Monday by HM Revenue & Customs. In its no-deal impact assessment, the British tax authority detailed the cost to business to complete all the paperwork for the 215m consignments of goods crossing between the UK and the EU, assuming trade remained at 2017 levels.
Interestingly, HMRC’s figures are likely to be on the low side as they did not include the additional costs of complying with new VAT procedures for services companies, which dominate the UK economy, or for new VAT rules that would apply to parcels following a no-deal Brexit. They also exclude the one-off costs businesses would incur in preparing to fill in customs declarations.
But what the FT’s report does not include is another massive headache for business. If Britain hasn’t secured a deal to leave the European Union as the clock ticks past midnight on Oct. 31, billions of data transfers could be thrown into legal limbo with all the financial implications it brings with it. And there are a lot given that Britain is considered a global data hub.
Though not as visible as lines of trucks backing up at ports, disruption to data would affect more of Britain’s economy, four-fifths of which is services, not goods.
To avoid heavy fines and lawsuits for breaching the EU bloc’s strict privacy laws, the majority of U.K. companies that rely on data flows from the EU must submit a mountain of compliance paperwork. Those efforts have accelerated in recent months as the risk of a chaotic departure grew.
The estimate of the extra administrative costs to business in the event of no-deal contrasts heavily with Boris Johnson‘s claim to the recent Conservative conference that the UK could save £1bn a month by leaving the EU on 31 October.
Massive technical and costly headache
Data transfers on its own is huge. It covers anything from customer information for holiday bookings to human resources files and insurance claims moved between subsidiaries of multinationals. The EU has some of the toughest rules in the world for protecting personal data, including the “right to be forgotten” from search engines. The emergence of cloud computing means packets of data are constantly on the move, making it far harder to keep track.
Bloomberg News reported yesterday that –
“Companies can compile sets of rules governing the information that flows across borders within their organization, and then have them approved by a data protection authority. This can cost as much as 250,000 pounds ($305,000) and take years to draft. Instead, many have opted to copy and paste “standard contractual clauses” covering every cross-border data transfer they can find. Smaller firms may not be able to afford or implement the safeguards, or even be aware of the issues.”
A study published in August by academics at University College London said when an accord on data protection between the U.S. and EU was struck down by the European Court of Justice in 2015, one single company was forced to apply 2 million standard contractual clauses, they said. Anti-money laundering and terror financing checks by banks could also fall outside the law in a no-deal, industry lobby group U.K. Finance has warned.
Andrew Solomon, a senior associate at law firm Kingsley Napley said.
“Most companies are aware they need to do it but they’ve been hoping common sense would prevail and they wouldn’t have to do it in the end.”
Moving out of the UK
Bloomberg goes on to say that –
“Some companies have gone a step further and relocated their servers so their EU data doesn’t pass through the U.K. One of Britain’s biggest gambling companies, GVC Holdings Plc, is moving servers hosting its online betting platforms to Ireland and ensuring parts of the business that handle EU online gambling are covered by Maltese licenses. Banks face the same problem. “Firms may need to move data processing activities between countries, consider the relocation of their data centres and/or implement other procedures to avoid problematic cross-border transfers of personal data,” said a spokesman for U.K. Finance.
To all intents, what this means is that the U.K. will be ejected from the European Data Protection Board of regulators. For its data protection arrangements to be deemed “adequate” by the EU, it will have to prove it meets strict requirements imposed by the EU’s General Data Protection Regulation, which ironically, it had a key role in drafting.
The U.K. has said it will recognize the EU’s rules, but the EU has warned Britain not to assume it will quickly reciprocate due to the uncertainty around the terms of its pending departure.
That accreditation process has never taken less than 18 months and Britain’s national security powers – allowing the government to monitor some private data communications — could draw detailed scrutiny, leading to longer delays.
To get around these problems many big corporations operating in both the U.K. and EU, such as former state phone monopoly BT Group Plc, have moved to register with continental data protection watchdogs to make sure they’ll still comply with EU data law.
However, it is seemingly forgotten by the Johnson government and by the more extreme elements within the government pushing for no-deal that the movement of data alone generates 174 billion pounds of value in the U.K., according to the Confederation of British Industry.
Part of that activity flows inside U.S. and Asian multinationals that chose the country as a hub for their European operations. Consultancy Frontier Economics says three-quarters of Britain’s international data flows are with the EU and a no-deal Brexit endangers the country’s position as a global hub for data flows, said Felicity Burch, the CBI’s director of digital and innovation.
“From day one, the free flow of data that underpins every sector from automotive to logistics will be hit,” said Burch. “Businesses have already undertaken costly legal processes and some are investing in EU data centres.”
Note to readers: please click the share buttons above or below. Forward this article to your email lists. Crosspost on your blog site, internet forums. etc.
Featured image is from TP