Changes to rates for short-time working daily rates of pay
With effect from April 2017 the rate you pay an employee who is temporarily laid off or placed on short-time working has risen from £26 to £27 per workless day. Your policies, procedures and associated paperwork will need to be updated accordingly.
New General Data Protection Regulations (GDPR)
In May 2018 there are major changes in the way companies need to obtain agreement as to how they process employees’ data.
It comes into effect on 25 May 2018 for all EU member states. The Government has confirmed that the GDPR will be implemented in the UK as it will still be a member of the EU at that time. The GDPR will replace the Data Protection Directive (95/46/EC) (which is implemented in the UK by the Data Protection Act 1998) when it comes into effect.
The GDPR requires that personal data be processed according to many of the same principles as under the current Data Protection Act 1998. However, employers should note, in particular, that the GDPR has new requirements:
- that restrict the use of consent as a justification for processing data;
- on demonstrating compliance through the documentation of data processing activities;
- on adopting organisational measures for data protection such as policies and practices; and
- on providing more information to employees and job applicants on the purpose and legal grounds for collecting their data, and their rights in relation to their personal data.
Employers should also be aware that the GDPR creates a new enforcement system, with significantly higher maximum penalties than under the Data Protection Act 1998. In particular, breach of the GDPR in some circumstances can lead to a maximum fine of €20 million or 4% of an undertaking’s worldwide annual turnover, whichever is higher.
Will there be changes to the rules on obtaining consent to process personal data under the General Data Protection Regulation?
Yes, the General Data Protection Regulation (2016/679 EU) (GDPR) significantly restricts the use of consent as a justification for processing personal data, including employee personal data.
Under the GDPR, consent must be freely given, specific, informed and unambiguous. It must also be given by a statement or clear affirmative action. If consent is given through a written declaration, the request for consent must be clearly distinguishable from other matters and easy to understand.
For employers, the new requirements mean that generic consents (for example, those contained in the body of an employment contract) will not be a valid legal basis to justify processing employee personal data.
The GDPR will come into effect on 25th May 2018 and will apply directly in all EU member states. The Government has confirmed that the GDPR will be implemented in the UK as it will still be a member of the EU at that time.
Exactly what employers will need to do to comply with these changes is not yet completely clear, however to ensure compliance it is likely that employers will need to get all staff to sign a new Data Protection Consent Form.
IR35 rules & personal service companies engaged in the Public sector
In last year’s Autumn Statement, the government announced that it would reform the intermediaries’ rules (Personal Services Companies) in the public sector.
The generally accepted definition of a personal service company (PSC) is a limited company whose business is to supply an end-user ‘client’ (e.g. the NHS) with the professional services of the individual – who in turn owns most (or all) of the shares and is generally the sole director (or can by 50/50 share split with their spouse). The PSC invoices the client for the services performed and earns a profit that is subject to corporation tax, rather than income tax.
PSCs can be a tax-efficient way for such individuals to work, because they are able to take some or all of their earnings from the PSC as dividends rather than salary. This means they do not pay employer or employee national insurance contributions (NICs) on a large part of their overall income. However, one of the main reasons contractors use their own limited companies is because that is what clients demand.
Typically, the clients of PSCs do not want even the slightest risk of there being an employment relationship with their contractors. They will therefore avoid the various employer obligations and legal protections available to employees. Also, and crucially, any tax risk relating to the arrangement has historically been that of the contractor, through the operation of the so-called IR35 rules.
In a nutshell, the new IR35 rules apply where the contractual arrangements between the Public Sector client and the PSC are such that if the contract was with the individual, he would be an employee, rather than a self-employed contractor and need to be taxed via the client’s payroll.
Payments made by the client to the PSC are ‘deemed employment payments’ and the PSC must calculate and pay over the PAYE and NICs that would have been the liability of an employer making the same payments. HMRC has historically published guidance on the characteristics of employment versus self-employment, and has recently produced a helpful online tool.
From 6 April 2017, responsibility for operating the off-payroll working rules and deducting any tax and NICs due will move to the end user client (public sector body, agency or third party paying) an individual’s PSC.
This is perhaps an admission that IR35 in its current form is practically unpoliceable, given the resources at HMRC’s disposal. It is far better, therefore, to shift the compliance burden on to a relatively small number of public sector bodies, which will no doubt err on the side of caution in their interpretation and place the majority of PCS staff onto their payroll.
Anyone contracting with Public Sector bodies that has staff working for them on PCS arrangements – you can expect to receive a confirmation from your Public Sector body asking you to check the status of the PCS person via their on-line tool and report back to them the outcomes.
Complying with pension responsibilities and duties.
A high street footwear firm turned a £400 fine into a bill for more than £40,000 after claiming it was too busy to meet its pension responsibilities. The case has prompted a fresh warning to employers by The Pensions Regulator (TPR) not to ignore their automatic enrolment duties.
Johnsons Shoes Company was issued with a £400 fixed penalty notice after it failed to comply with the law on the automatic enrolment of its staff into a workplace pension. The company had been required to check whether its staff qualified to be put into a workplace pension scheme and to confirm to TPR that it had done so.
Johnsons paid the £400 fine but still did not become compliant. Despite repeated reminders – and being warned that it would face a new fine that would increase by £2,500 per day if it did not meet its responsibilities – the Shepperton-based business continued to flout the law.
The fine reached £40,000 before the company finally became compliant. At that point, Johnsons refused to pay the fine – forcing TPR to take the business to court to secure payment. Eventually Johnsons agreed to pay the £40,000 fine and £2,000 court costs, preventing the need for a full court hearing on the matter.
Charles Counsell, TPR’s Executive Director of Automatic Enrolment, said: “All employers have legal duties and can use the Duties Checker on TPR’s website to quickly understand exactly what they must do.”