Changes to the PSC requirements for AIM listed companies
With effect from 23 June 2017 the new Anti-Money Laundering Directive (AMLD4) was laid before Parliament, and, as such, certain requirements in relation to the PSC regime have now changed. When the PSC regime was initially introduced, DTR5 issuers (which included UK AIM listed companies) were exempt from having to keep a PSC register. However, to implement the disclosure requirements of AMLD4, UK AIM companies (and companies listed on other smaller exchanges) are no longer exempt, on the basis that AMLD4 only expressly exempts companies admitted to trading on a regulated market, and AIM is not defined as a regulated market.
These changes came into effect on 26 June 2017, and affected companies had until 24 July 2017 to comply. UK AIM companies are now required to keep their PSC register information up to date in the same way as other unlisted UK companies. Any changes will need to be recorded on the company’s own PSC register within 14 days and notification of the change filed at Companies House within another 14 days.
Corporate governance code for large unlisted companies
Large private businesses will face more scrutiny and regulation in 2018, as the government confirmed plans to develop the first corporate governance code for unlisted companies. The voluntary code will be developed by the FRC and is part of a wider series of measures to introduce new boardroom standards.
Stephen Haddrill, Chief Executive of the FRC, said: “Large private companies are integral to the UK economy as significant employers and supporters of communities and families. It is right we develop a set of corporate governance principles to enhance confidence that they act in the public interest.”
The code was initiated after the BHS scandal, and will be the first set of corporate governance guidelines for private companies. The existing UK Corporate Governance Code for listed companies is also set to be reviewed, with a formal consultation expected in the autumn.
Modern Slavery Act Update
It is over a year since the Modern Slavery Act (MSA) was passed into law in the UK. Now that most eligible companies have published their first statements, groups such as CORE Coalition and the Business and Human Rights Resource Centre (BHRRC) have been collating the documents and providing commentary on them.
CORE coalition has published four short guides on the reporting requirement which are really helpful in forming the content of statements for future compliance. These four short guides include guidance on the legal requirements and recommended content, Weak and Notable Practice Guide (see further below), a publication called “Tackling Modern Slavery Through Human Rights Due Diligence” which explains how due diligence differs from an audit and the fourth guide entitled “Engaging with companies on Modern Slavery – a briefing for investors” discusses why investors should engage with companies on modern slavery issues. All these guides are available on the CORE coalition website.
The CORE guidance “Modern Slavery Reporting: Weak and Notable Practice” aimed to highlight areas for improvement to enhance standards of reporting and to increase accountability. CORE says that 84% of statements uploaded to the BHRRC’s Modern Slavery Act Registry do not comply with the basic legal requirements and overall the general standard of reporting is disappointingly low. CORE gives examples of weak and notable practices in relation to each of the five areas that the MSA suggests business should report on which should give companies a helpful insight into improving their statements for future years.
Companies that are commended on their statements include ASOS and Vodafone and examples of weak practice include Nandos.
The “Reporting on Payment Practices and Performance Regulations 2017” came into force in April 2017. As a reminder, these regulations apply to all companies and LLPs that meet the threshold test.
The requirements are quite complicated and there are a number of potential pitfalls and so companies should already be collating the information they need for their first report if their financial year started after 5 April 2017. Companies who have not yet reached the start of their financial year should still have time but should be getting their reporting systems ready and briefing relevant directors, colleagues and third parties. The Government website service which will publish submissions should start to display statements from October 2017, which will serve as a useful guide for companies with a later financial year.
In terms of practical steps, companies may have to change the way they collate and analyse invoicing information and they should consider if they need to provide training to those who need to know. Companies should also consider whether their standard terms may be making reporting more difficult. For example, it may be harder to report if the terms provide for payment from the date of the invoice since the reporting metric is linked to the date of receipt of the invoice.
General Data Protection Regulation
The European General Data Protection Regulation (GDPR), enforced by the Information Commissioner’s Office (ICO) and which will come into force on 25 May 2018, will change how businesses and public sector organisations should handle the information of customers. The new requirements include new rights for people to access the information companies hold about them, obligations for better data management for businesses and a new regime of fines. Companies should therefore put procedures and policies in place to deal with matters such as data retention and systems for dealing quickly with complaints.
GDPR will have an impact on companies that serve the role of “controllers or “processors” of personal and sensitive data, which are largely in line with current data protection laws in place. However, under the new legislation organisations will have more accountability for their handling of personal information, including data protection policies and processes implemented and used. Companies with over 250 employees will have to justify the reasons for collection and processing of the information, description of the information held, the length of retention and information on technical security measures in place. In addition, certain companies with large volumes of data are required to employ a Data Protection Officer.
Monitoring of employees’ online activity in the workplace is also an important issue for employers since the monitoring of e-mail and internet usage constitutes “processing” under the Data Protection Act.
Regulators will also have to power under GDPR to fine businesses that don’t comply. For more information, please refer to the ICO’s website or view the Guidance issued by ICO on preparation to the GDPR.
Role of the Company Secretary
Research conducted by technology firm eShare entitled “Under Pressure: the Company Secretary and the growing need for effective governance” has revealed that the role of Company Secretary is becoming harder than ever before and is also growing in profile. The eShare white paper includes contributions from Company Secretaries in the US and the UK and sets out how the role has changed over the past ten years. The white paper states that what was once a relatively low-profile position has become one of the most exposed, with overall responsibility for the organisations corporate governance.
Publication of annual tax strategy
The publication of the annual tax strategy should be made available on a company’s website for financial years beginning on or after 15 September 2016. The strategy must set out the approach and governance arrangements in relation to UK taxation, attitude towards tax planning, the level of risk in relation to UK taxation that the company is ready to accept and the approach of the company to its dealings with HMRC. If the business is part of a multi-national group, the requirement is to publish any strategy, or parts, only relevant to UK tax.
For more details of guidance from HMRC please visit their website.
EU Prospectus Regulation
In 2015 the European Commission conducted a consultation which identified shortcomings in the regime introduced by the prospectus directive. To improve the prospectus regime, in June 2017 the EU adopted Regulation (EU) 2017/1129 and its provisions will begin to apply on a rolling basis, with full application from 21 July 2019. The regulation covers various sizes of the companies and its aim is to make it cost-effective for small and medium companies to access capital markets, to introduce flexibility for all types of issuers and improve prospectuses for investors.
Changes implemented on 20 July 2017 concern the abolition of the prospectus for the admission to trading of securities representing less than 20% (previously 10%) of the same class of securities already admitted to trading on the same EU market. In addition, no prospectus is required from the conversion or exchange of other securities if they represent 20% or less of the shares of the same class already admitted to trading. Further changes will take effect in July 2018 with final compliance required from July 2019.
MAR – updated ESMA Q&A and notification templates
ESMA published an updated version of its Q&A on Market Abuse Regulation (MAR) in the end of May 2017.
In relation to the disclosure of inside information, ESMA’s updates expand on the timeframes and potential permitted delays of the disclosure of inside information provided certain conditions are met and notification is given to the competent authority of its intention to delay under Article 17(5).
ESMA expands on the topic of “closely associated persons” by giving an example of the scenario where a PDMR would not be considered to be discharging managerial responsibilities within a legal entity for the purposes of Article 3(1)(26)(d) of MAR.
“Proper purpose” test – an access to register of members
Under Companies Act 1985, the register of members of the company was open to inspection by any member of the company without any charge and any other person, on payment of a required fee. However, in recognition of the protection of the shareholders of the company, Companies Act 2006 (Sections 116-119) (the Act) allowed access to a company’s register subject to “proper purpose” test. Under Section 116 of the Act companies are obliged to respond to an individual requesting the register within five working days with no option to decline such request or, should company decide to apply to the court, notify an individual of such application.
The case Burberry Group PLC v Richard Charles Fox-Davies (2015) clearly sets an example of the decision of the court in relation to the “proper purpose” test. Mr Fox-Davies was not a member of the Company and stated that the purpose for the request was to assist members of the company to reassert ownership and recover the benefit of their holdings through his business practice, which hired “specialist researchers” with whom he would share the lost members’ information. The Court held that the request was not for a “proper purpose” but rather for Mr Fox-Davies’s own commercial interest and that Burberry Group PLC did not have to comply with the request unless it fully contained all the information required by the Section 116(4) of the Act.
Since the definition of the “proper test” was not included in the Act, the decision is left with the courts on case by case basis. ICSA’s guidance issued in January 2014 considers that the request is improper when it is made by or for the purpose of being used by the search agency specialising in recovering unclaimed assets. From the abovementioned case, it is clear that a company will only be required to provide a copy of its register of members where the application satisfies all requirements of the Act and “proper purpose” test is passed, which means that a request from a member will be resolved in his/her favour where the purpose relates to his or her rights only.
In July 2017, the Court of Appeal ruled that based on the facts of the case the purpose was not considered to be a proper purpose. Therefore, the appeal was declared dismissed.
Audit reform and the evolving role of the audit committee
The role of the audit committee has become more complex over the past few years as a result of the new EU regulatory framework for statutory audit. The legislation (Audit Directive and Audit Regulation) entered into force in June 2014, however the effective date for most provisions in the UK was 17 June 2016 (first financial year starting on or after 17 June 2016).
The provisions that have received the most attention apply only to public interest entities (PIEs) and their statutory auditors. Companies listed on EU regulated markets, as well as credit institutions and insurance undertakings are classified as PIEs.
As a result of the legislation, the audit committees of PIEs need to address the following requirements:
- The composition of the audit committee – at least one member is required to have competence in accounting and/or auditing. Committee members as a whole need to have competence relevant to the sector in which the PIE operates;
- Appointing external auditors – the audit committee is required to rotate the external auditor after a tenure of 10 years (the tenure could be extended to 20 years, and the transition rules apply);
- Tendering – a minimum of two prospective audit firms need to be recommended by the audit committee to the board;
- Monitoring performance – the audit committee is responsible for reviewing and monitoring the performance of auditors, and the FRC is responsible for monitoring the performance of audit committees;
- Non-audit services restrictions – audit firms are now prohibited from providing many non-audit services to their audit clients (e.g. valuation services, payroll and human resources services, bookkeeping and preparing accounting records and financial statements).
The future of AGMs? Jimmy Choo case study
Jimmy Choo plc (a luxury clothing accessories brand) was assisted by Registrar Equiniti in organising the UK’s first digital AGM in 2016, followed by another one in 2017. Shareholders’ virtual general meetings are held without a physical place of a meeting. Jimmy Choo’s AGM was held through a conference call and involved shareholders using an application connected directly to the AGM registration system, thus allowing the shareholders to submit questions and vote on the resolutions being put to the meeting.
As the global trends gravitate towards virtual/electronic/hybrid solutions for organising shareholders’ meetings, there are several concerns surrounding this area. Compliance with all formal aspects of AGM in electronic form must be ensured (i.e. the company’s articles may need to be amended accordingly, and the requirements regarding attendance and voting must be complied with). Furthermore, security of data and technical aspects of arranging an electronic AGM are of high importance, since the company needs to maintain an operating system necessary to facilitate such meeting, as well as provide ongoing technical support and ensure that different levels of access to data are properly managed.
There are, however, many benefits of organising a virtual AGM. The overall cost is reduced for both the company organising a digital AGM, and the shareholders attending it. The meeting is opened to a larger and remote audience, which in turn facilitates better engagement with investors. Such approach is also considered environmentally and socially responsible due to a reduced carbon footprint. It remains to be seen whether virtual AGMs will be adopted by more UK listed companies in the future.
Narrative Reporting I – Non-Financial Reporting Directive
The Financial Reporting Council (FRC) has published a factsheet on the UK regulations issued in December 2016 to implement the EU Non-Financial Reporting Directive (NFRD). These regulations amend the Companies Act 2006 requirements for the strategic report and include diversity requirements in the Disclosure and Transparency Rules (DTRs). Companies that are caught by the NFRD are those which are large companies and qualifying partnerships with more than 500 employees that are also listed or quoted companies, banks, authorised insurance companies or companies carrying on insurance market activity. Company Secretaries should therefore consider whether companies within their groups fall with the scope of the new regulations. Companies outside the scope will continue to apply the pre-existing non-financial reporting requirements in the strategic report.
The NFRD requires companies within scope to disclose information relating to environmental, employee, social, respect for human rights, anti-corruption and anti-bribery matters, to the extent necessary for an understanding of the company’s development, performance, position and impact of its activity.
There is a potential source of confusion in the legislation in that the new regulations apply to “traded” companies where as the pre-existing strategic report regulations apply to “quoted” companies. A key distinction is that “traded” companies include those with debt securities listed on a regulated market. However, AIM companies are excluded from both the pre-existing strategic report regulations and the NFRD as they do not meet the definitions therein.
The new regulations require companies to provide non-financial information within their strategic report. Irrespective of immateriality, where a company does not pursue policies in relation to environmental, employee, social, respect for human rights, anti-corruption and anti-bribery matters, the company must provide a clear and reasoned explanation for not doing so.
Company secretaries are urged to liaise with relevant departments within their organisation as well as external advisors to enable them to prepare for disclosures within their 2017 annual reports.
Narrative Reporting II – consultation on amendments to the strategic report guidance
In August 2017, the FRC published a consultation paper including draft amendments to its guidance on the strategic report. The proposed amendments aim to update previous guidance to reflect changes in the strategic report reporting requirements as noted above. The proposed amendments also aims to enhance the linkage between Section 172 of the Companies Act 2006 (Directors Duty to promote the success of the company) and the strategic report and to reflect recent developments in corporate reporting. The closing date for responses to the consultation is 24 October 2017.
Investment Association Statement on 2017 AGM season
The Investment Association (IA) has published a statement on shareholder voting analysis during the 2017 AGM season. Key trends arising from the IA’s analysis include the fact that 21 director re-election resolutions received a substantial vote against (i.e. 20% or more) up from four in 2016; the number of FTSE 250 companies receiving a substantial vote against their remuneration report was also on the increase, although remuneration votes were relatively stable among FTSE 100 companies. Six companies withdrew remuneration resolutions ahead of their 2017 AGM.
Alternative Performance Measures
Preparers of annual accounts should be thinking about disclosures around the use of Alternative Performance Measures (APMs). In July 2017, ESMA published updated Q&A on its guidelines on APMs. As a reminder, an APM is a financial measure of historical or future financial performance, financial position, or cashflows other than a financial measure defined or specified in the applicable financial reporting framework.
Senior Manager and certification regime
The wider financial services sector should take note of the FCA’s recent consultation paper in relation to the extension of the senior manager and certification regime. The implementation for banks, building societies, credit unions and PRA designated investment firms rolled out from March 2016 and now the FCA has published its consultation paper CP17/25 containing proposals for extending the new regime to all FCA regulated firms. The deadline for responses on the consultation paper is 3 November 2017 and firms must be ready to comply with the regime from the middle of 2018.
Legal Identity Identifiers (LEIs) and classification of regulated information
Listed companies are reminded that they should obtain their LEI promptly if not already done so and that they should start to classify their regulatory information in the required manner before the effective date of 1 October 2017.