Three-quarters of SMEs risk huge fines by failing to prepare for data laws, warns Close Brothers

Three-quarters of SMEs risk huge fines by failing to prepare for data laws, warns Close Brothers

  • Only one in four SMEs has begun to prepare for GDPR
  • Just one in three SMEs aware of GDPR’s implications
  • Firms face fines of up to 4% of turnover for failures

With less than nine months to go until the introduction of strict new data protection and privacy laws, three-quarters of small and medium-sized enterprises have yet to even start preparing for the new regulation, research from Close Brothers reveals. Just one in four SMEs (25.4%) have begun their compliance preparations, a survey conducted by Close Brothers discloses, despite swingeing fines and penalties for businesses that fall foul of the rules.

The General Data Protection Regulation (GDPR), a European Union directive, comes into force in the UK on 25 May 2018, and includes provisions for the EU to levy huge penalties on businesses found guilty of a compliance failure. In the worst cases, this could see firms fined up to €20m or 4% of their annual global turnover.

However, with time running out for businesses to ensure compliance, Close Brothers’ research shows that currently, just one in three (33.3%) SMEs are aware of GDPR’s implications, even though they are covered by the majority of its provisions.

David Thomson of Close Brothers warned the research showed a dangerous lack of preparation for a new data protection regime that may not be straightforward to comply with.

“The GDPR regime includes requirements for new processes such as the employment of data controllers, privacy impact assessments and greater choice for customers, including the right to be forgotten – businesses will also be required to disclose all data breaches to regulators,” David said. “Some of the rules sound deceptively simple, but many firms will struggle to cope because they don’t even have a clear idea of what data they currently hold on customers, or where and how it is stored.”

Close Brothers’ research suggests many SMEs have a great deal of work to do in the short space of time remaining before the GDPR’s implementation. While the survey includes some positive findings – for example, 73% of SMEs say they don’t share customer data with third parties – many businesses simply do not know whether they would be compliant with the new law.

“All organisations must take the GDPR seriously and SMEs are no exception,” added Close Brothers’ David Thomson. “Making an investment now in order to prepare and protect your business is essential if you do not want to risk incurring significant financial penalties – or the major reputational damage that a public breach of the new regulation would undoubtedly cause.”

Notes to editors:
Close Brothers has published a short guide to help SMEs begin preparing for the GDPR. See: https://www.closeinvoice.co.uk/news-and-insights/four-steps-smes-must-take-now-prepare-eu-data-laws

All figures, unless otherwise stated, are from a GMI survey conducted August 2017. The survey canvassed the opinion of 900 SME owners and business managers from several industries across the UK and Ireland on a range of issues affecting their businesses.

About Close Brothers Invoice Finance
Close Brothers Invoice Finance is a leading, independent provider of invoice finance to both SMEs and large businesses throughout the UK, Ireland and Germany.

Close Brothers Invoice Finance is a member of Close Brothers Group Plc. Close Brothers is a leading UK merchant banking group providing lending, deposit taking, wealth management services and securities trading. We employ 2,900 people, principally in the UK. We are listed on the London Stock Exchange and are a member of the FTSE 250.

Share this...
0 replies

Leave a Reply

Want to join the discussion?
Feel free to contribute!

Leave a Reply

Your email address will not be published. Required fields are marked *