Recently, we have seen a rush of companies, notably in the financial services sector, set out plans to phase out their use of self-employed workers who operate via limited companies in the light of the looming new Off-Payroll tax legislation that is due to hit the private sector in April 2020.
The reforms have certainly prompted firms to reconsider how they engage with their workforce and some have discovered instances where they had long-term contractors working with them who have been happy to convert to full-time employment.
However, the banks are a very special case because they cannot reclaim much of the VAT that is charged to them by contractors. So, by putting them on payroll, they can potentially save the VAT, and can use that to pay the extra employment taxes that are due under the new reforms – which is actually less than the VAT. For those firms that are unable to offset VAT, this strategy isn’t available to them.
For the changes in banking, the overall effect on the Treasury is likely to be a reduction in tax take, particularly because banks are offering reduced rates, typically cuts of 25%, in conjunction with the changes – but policymakers are blind to this. The effect on the hiring firms will see them struggling to hire the top talent and skills they need for projects and, in instances where they need highly sought-after skills, they will undoubtedly discover that hiring contractors on payroll will cost them significantly more. Rate rises for in-demand contractors will be inevitable as the flexible workforce shrinks as part of its rebalancing.
Decisions made by the global banks could be seen to be a kneejerk response to legislation that they simply do not know how to navigate and we have seen other firms take blanket ban decisions to not engage contractors – whilst this could be considered an overly cautious approach, for them it’s more of a strategic one and makes some sense.
Off-Payroll compliance will prove crucial to a company’s continued engagement of contractors, who will naturally seek engagements where they can secure a fair and accurate IR35 status assessment, creating the opportunity for an ‘outside IR35’ contract.
A diligent, structured approach to compliance not only mitigates risk and appeases contractors, it also minimises the administrative and cost burden of complying with the rules. Here isa four-stage, 12-step strategy enabling companies to achieve exactly this.
Stage 1: Identify
Step 1: Collate
Depending on the size of a firm’s contingent workforce, the burden of assessing each contractor for IR35 might seem daunting. But only contractors trading via a limited company need to be considered under the Off-Payroll rules – this could be a small portion of the workforce. To find out, we advise that clients send a spreadsheet to their recruitment partners to complete, detailing the operating structure used by each contractor.
Step 2: Explore
Meanwhile, evaluate your contractors and group together those who have similar contract templates or working conditions. At this stage, your chosen Off-Payroll compliance solution or provider should help identify those who may pose a significant IR35 risk and inform on whether it’s practical to change the working conditions in some cases to mitigate IR35 risk across your workforce.
Step 3: Segment
Having undertaken the previous two tasks, and having received completed spreadsheets from your recruitment partners, you’ll now know the size of the task at hand. For example, if the majority of contractors posing a high IR35 risk are engaged via umbrella companies, your compliance burden will be far smaller than if most operate via limited companies.
Step 4: Assess
Your next step is to assess your affected contractors for IR35. An IR35 assessment requires the assistance of a compliance solution or provider, and needs to gather information from the contract paperwork, the working conditions and the contractor’s details. Ideally, you’ll want to address individual areas of the assessment to the relevant parties, to ensure accurate assessments while sharing the compliance workload.
Stage 2: Analyse
Step 5: Risk profiling
The Off-Payroll rules also require hirers and their recruitment partners to police their contractor supply chains. This is due to the liability transfer provisions, which permit HMRC to pursue hirers and agencies for unpaid tax in the event that another intermediary has been non-compliant. Many tax avoidance schemes operate under the guise of ‘umbrella companies’, so beware of intermediaries with no professional accreditations, or whom market information suggests may be dodgy.
Step 6: Modelling
Conducting status assessments will help you to find answers to a number of critical questions, such as:
- What is the accumulative employment tax liability for ‘inside IR35’ contractors?
- What status factors are common across the firm, causing risk?
- What projects are at most risk?
Answering these questions will help inform a sound strategy to mitigate any damaging financial impact posed by the Off-Payroll rules.
Stage 3: Plan
Step 7: Engagement
The Off-Payroll rules will cause many companies to review their engagement options. One reason is because direct engagement of contractors deemed ‘employed for tax purposes’ creates a heightened risk of employment rights claims. Clients may seek to insert intermediaries into the arrangement to mitigate this risk, at which point they will need to consider their chosen model of engagement.
Step 8: Policies
Having considered some of the previous steps, you will now be well placed to establish some policies for the supply and engagement of contractors going forward. For example, you might ask yourself:
- Should ‘inside IR35’ contractors be allowed to contract via limited companies?
- Should we restrict the umbrella providers that contractors can operate through?
Step 9: Finance
Similarly, having conducted some financial modelling, you will now be ready to establish a financial plan for your workforce. This might involve exploring potential legitimate policy changes in working practices to secure the ‘outside IR35’ status of contractors. Where this isn’t possible, depending on your budget, you may need to make some big decisions, such as:
- Which contractors will be difficult to retain ‘inside IR35’?
- How much would it cost to retain key individuals?
A financial plan will help you to prioritise expenditure to ensure that projects continue to run as smoothly as possible.
Stage 4: Implement
Step 10: Communication
Communication with contractors is critical. Speak to those deemed within scope of IR35 in groups to establish what their plans are. Making it clear that you have conducted a considered IR35 status assessment may mean that some are more inclined to continue working for you. In turn, their feedback will help you update and refine your strategy accordingly.
Those who are leaving will require termination notices. You will also need to serve termination notices to ‘inside IR35’ contractors who are staying, before offering them an alternative method of working. Also, make sure all outstanding invoices are paid. All of this needs to be achieved by the end of March 2020.
Step 11: Alignment
You must communicate policies established in step eight to your recruitment partners, as they will play a crucial role in implementing them. As well as explaining your plans, you will need to establish a deadline. We recommend allowing at least a month’s notice, to give recruiters time to notify suppliers that aren’t on your Preferred Supplier List (PSL).
Step 12: Monitor
Sustained monitoring of your workforce is key to compliance, to ensure that working practices continue to reflect the written agreement, negating any potential IR35 risk. Each contract renewal should be accompanied by a new status assessment. Similarly, keep an eye out for analysis of the latest IR35 court cases. Some may set future precedents impacting employment status case law, which could affect your current workforce.
The benefits of structured Off-Payroll compliance
Compliance with the Off-Payroll rules is not only a legislative requirement, but also key to the continued engagement of valuable contractors. Implementing these 12 steps will help ensure continued compliance with the Off-Payroll rules, while minimising the associated workload in the long-term.
How payments can help streamline operations and boost customer satisfaction in the vending industry
By Darren Anderson, Business Development Manager, Self Service, Ingenico Enterprise Retail
The COVID-19 pandemic has had an astounding impact on the payments industry, causing cash usage to plummet as contactless and card-not-present volumes soared. Of course, this phenomenon was not unforeseen by payments professionals, who had predicted such a movement away from cash, but not at the speed the virus guidelines facilitated. In fact, due in part to the hygiene perks of contactless payment methods increasing its adoption, 50% of customers think that cash will disappear completely at some point in the future.
The unattended market was ahead of the pandemic in terms of contactless alternative payment method (APM) adoption, and it continues to upgrade its offerings to suit a wider range of industries. Nevertheless, the pain point for vending operators is that they’re often not sure exactly how these technologies work, or how to implement them. And with payments offerings constantly evolving, it’s becoming harder for vending operators to know which solution would be the best fit for their business.
As such, one easy way for vending operators to ease this load is to partner with a knowledgeable payments advisor who can not only provide the best solutions for their business, but guide them through the process and any need-to-knows. It’s also important to investigate the payments trends across the vending market, what the future might bring and what vending operators need to know about newer payments technology and the value it can bring to their unattended retail business operations.
Vending through the pandemic
Coronavirus has impacted the unattended market in various ways. In some cases, vending machine use has decreased as a result of lower footfall and closed premises. However, the nature of vending being self-service, for many it’s just been a case of upgrading systems to meet new guidelines and hygiene recommendations to start boosting their usage again. As cash usage decreased over the course of the pandemic, cards and APMs stepped in to provide a host of benefits, and as customers use and enjoy these seamless technologies, they are fast becoming the preference.
These developments have provided the opportunity for vending operators to embrace newer technologies which, although ultimately positive, can prove daunting if such retailers are not accustomed to working closely with payments. Fortunately, the vending market is in a great position to take advantage of new contactless technologies, being already low on human interaction and having 24/7 capabilities.
What’s more, the market can not only cater to consumers’ evolving needs, but it can also provide the flexibility and reliability that consumers are relying on as the world around them is changing. Many new technologies can also improve the general operations and management of vending, offering features such as easier on-the-go stock management and maintenance notification technology.
Keeping the consumer in mind
Consumers today want to enjoy the latest innovations and best-in-class customer experiences. These shoppers believe that self-service is a time-saver, and they also view cashless and contactless as faster and more seamless ways to pay – a fact which is reflected in the recent consumer demand for a wider variety of APMs. Customers now expect even more options to pay for their goods and services, from QR codes, to in-app payments and more.
Alongside the cashless trend, data-security and customer experience are two other factors driving the vending market evolution. With constantly evolving fraud developments in the online world, good security is more pertinent than ever, and has to be a central consideration to vending operators – as well as ensuring a seamless customer experience.
From a customer usage standpoint, mobile payments are becomingly increasing popular, as driven by the Gen Z market. According to our research, 63% of Gen Zers have said they would pay more for a mobile experience.
Trust and a good experience are also considerable factors across all customer groups, with 95% of customers claiming their loyalties lie with a company they trust, and 86% willing to pay more for a positive experience.
To appeal to ever-hungry consumers, vending operators need to provide the options they want. In the unattended market, this is relatively simple – not only do they provide a convenient and reliable method of payment for customers, but they also avoid face-to-face interaction. They can also supply a range of different products and accept a variety of payment methods to appeal to all customers, no matter their preference.
Using payments to drive revenue
Driving revenue is a two-pronged approach – you need to appeal to customers to keep them coming, and streamline operations to reduce overheads. In order to meet both parties’ expectations, it’s important to respond well to new vending challenges, taking note of the solutions that enable merchants to provide their customers with the payment methods they prefer.
Payments are complicated, so there’s no need to worry if you’re not hugely familiar with the offering out there, or unsure where to start – that’s where a payment service provider (PSP) can assist. With the expertise that a PSP brings, along with the technological solutions they offer, vending operators can improve customer journeys in all unattended environments.
Such technological solutions are flexible and can cater to specific business needs, while providing easy, quick, and secure payment methods that protect both the business and the customer’s personal data. They can also improve operational efficiency, increasing business performance with features such as real-time reporting and smart transaction management, to provide a best-in-class customer experience.
With smart devices, a secure gateway and advanced acquiring capabilities, PSPs can help vending operators design a flexible vending solution tailored to their individual and specific needs. To find out more about unattended retail and how your company can benefit from Ingenico’s unique expert knowledge, get in contact with Ingenico Enterprise Retail today at www.ingenico.com/smartselfvending.
ISO 20022 migration: full speed ahead despite recent delays, says new Deutsche Bank paper
Today, Deutsche Bank has released the third installment in its “Guide to ISO 20022 migration” series, which offers a comprehensive update on the industry shift to the de facto global standard for financial messaging: ISO 20022. This paper comes at a critical time for the ISO 20022 migration, with a number of changes to existing timelines and strategies from SWIFT and the world’s major market infrastructures having been announced this year.
The paper explores the latest developments, including SWIFT’s year-long postponement of the migration in the correspondent banking space. The decision meets industry calls for a delay and also provides ample time to build the new central Transaction Management Platform (TMP) – a core feature of SWIFT’s new strategy that will allow the industry to move away from point-to-point messaging and towards central transaction processing.
It also details the wave of action that has been seen by market infrastructures around the world – with many, including the ECB, EBA CLEARING and the Bank of England, announcing revised migration approaches.
“Now more than ever, with shifting timelines and strained resources, it is vital that banks and corporates alike do not view the ISO 20022 migration as just another project that can be put on the back burner,” says Christian Westerhaus, Head of Cash Products, Cash Management, Deutsche Bank. “The delays in the correspondent banking space, and across several market infrastructures, should not be seen as an opportunity for banks to take their foot off the pedal. The journey to ISO 20022 is still moving ahead at speed – and internal projects need to reflect this.”
The Guide also highlights the implementation issues on the migration journey ahead – most notably surrounding interoperability between market infrastructures, usage guidelines and messaging formats. This is achieved through a series of deep dives, case studies, and points of attention drawn from Deutsche Bank’s internal analysis.
“As this year has proved, nothing is set in stone, “says Paula Roels, Head of Market Infrastructure & Industry Initiatives, Deutsche Bank. “The ISO 20022 migration involves a lot of moving parts and keeping abreast of the latest developments is critical for banks and corporates alike. As the deadlines near, and the ISO 20022 story develops, this series of guides will continue to highlight key points for consideration over the coming years.”
The Psychology Behind a Strong Security Culture in the Financial Sector
By Javvad Malik, Security Awareness Advocate at KnowBe4
Banks and financial industries are quite literally where the money is, positioning them as prominent targets for cybercriminals worldwide. Unfortunately, regardless of investments made in the latest technologies, the Achilles heel of these institutions is their employees. Often times, a human blunder is found to be a contributing factor of a security breach, if not the direct source. Indeed, in the 2020 Verizon Data Breach Investigations Report, miscellaneous errors were found vying closely with web application attacks for the top cause of breaches affecting the financial and insurance sector. A secretary may forward an email to the wrong recipient or a system administrator may misconfigure firewall settings. Perhaps, a user clicks on a malicious link. Whatever the case, the outcome is equally dire.
Having grown acutely aware of the role that people play in cybersecurity, business leaders are scrambling to establish a strong security culture within their own organisations. In fact, for many leaders across the globe, realising a strong security culture is of increasing importance, not solely for fear of a breach, but as fundamental to the overall success of their organisations – be it to create customer trust or enhance brand value. Yet, the term lacks a universal definition, and its interpretation varies depending on the individual. In one survey of 1,161 IT decision makers, 758 unique definitions were offered, falling into five distinct categories. While all important, these categories taken apart only feature one aspect of the wider notion of security culture.
With an incomplete understanding of the term, many organisations find themselves inadvertently overconfident in their actual capabilities to fend off cyberthreats. This speaks to the importance of building a single, clear and common definition from which organisations can learn from one another, benchmark their standing and construct a comprehensive security programme.
Defining Security Culture: The Seven Dimensions
In an effort to measure security culture through an objective, scientific method, the term can be broken down into seven key dimensions:
- Attitudes: Formed over time and through experiences, attitudes are learned opinions reflecting the preferences an individual has in favour or against security protocols and issues.
- Behaviours: The physical actions and decisions that employees make which impact the security of an organisation.
- Cognition: The understanding, knowledge and awareness of security threats and issues.
- Communication: Channels adopted to share relevant security-related information in a timely manner, while encouraging and supporting employees as they tackle security issues.
- Compliance: Written security policies and the extent that employees adhere to them.
- Norms: Unwritten rules of conduct in an organisation.
- Responsibilities: The extent to which employees recognise their role in sustaining or endangering their company’s security.
All of these dimensions are inextricably interlinked; should one falter so too would the others.
The Bearing of Banks and Financial Institutions
Collecting data from over 120,000 employees in 1,107 organisations across 24 countries, KnowBe4’s ‘Security Culture Report 2020’ found that the banking and financial sectors were among the best performers on the security culture front, with a score of 76 out of a 100. This comes as no surprise seeing as they manage highly confidential data and have thus adopted a long tradition of risk management as well as extensive regulatory oversight.
Indeed, the security culture posture is reflected in the sector’s well-oiled communication channels. As cyberthreats constantly and rapidly evolve, it is crucial that effective communication processes are implemented. This allows employees to receive accurate and relevant information with ease; having an impact on the organisation’s ability to prevent as well as respond to a security breach. In IBM’s 2020 Cost of a Data Breach study, the average reported response time to detect a data breach is 207 days with an additional 73 days to resolve the situation. This is in comparison to the financial industry’s 177 and 56 days.
Moreover, with better communication follows better attitude – both banking and financial services scored 80 and 79 in this department, respectively. Good communication is integral to facilitating collaboration between departments and offering a reminder that security is not achieved solely within the IT department; rather, it is a team effort. It is also a means of boosting morale and inspiring greater employee engagement. As earlier mentioned, attitudes are evaluations, or learned opinions. Therefore, by keeping employees informed as well as motivated, they are more likely to view security best practices favourably, adopting them voluntarily.
Predictably, the industry ticks the box on compliance as well. The hefty fines issued by the Information Commissioner’s Office (ICO) in the past year alone, including Capital One’s $80 million penalty, probably play a part in keeping financial institutions on their toes.
Nevertheless, there continues to be room for improvement. As it stands, the overall score of 76 is within the ‘moderate’ classification, falling a long way short of the desired 90-100 range. So, what needs fixing?
Towards Achieving Excellence
There is often the misconception that banks and financial institutions are well-versed in security-related information due to their extensive exposure to the cyber domain. However, as the cognition score demonstrates, this is not the case – dawdling in the low 70s. This illustrates an urgent need for improved security awareness programmes within the sector. More importantly, employees should be trained to understand how this knowledge is applied. This can be achieved through practical exercises such as simulated phishing, for example. In addition, training should be tailored to the learning styles as well as the needs of each individual. In other words, a bank clerk would need a completely different curriculum to IT staff working on the backend of servers.
By building on cognition, financial institutions can instigate a sense of responsibility among employees as they begin to recognise the impact that their behaviour might have on the company. In cybersecurity, success is achieved when breaches are avoided. In a way, this negative result removes the incentive that typically keeps employees engaged with an outcome. Training methods need to take this into consideration.
Then there are norms and behaviours, found to have strong correlations with one another. Norms are the compass from which individuals refer to when making decisions and negotiating everyday activities. The key is recognising that norms have two facets, one social and the other personal. The former is informed by social interactions, while the latter is grounded in the individual’s values. For instance, an accountant may connect to the VPN when working outside of the office to avoid disciplinary measures, as opposed to believing it is the right thing to do. Organisations should aim to internalise norms to generate consistent adherence to best practices irrespective of any immediate external pressures. When these norms improve, behavioural changes will reform in tandem.
Building a robust security culture is no easy task. However, the unrelenting efforts of cybercriminals to infiltrate our systems obliges us to press on. While financial institutions are leading the way for other industries, much still needs to be done. Fortunately, every step counts -every improvement made in one dimension has a domino effect in others.
Half of UK’s finance sector confirms diversity should be more of a priority in the workplace, with calls for action across the industry
Almost half (45%) of Britain’s banking/financial services workforce think their employer could do more when it comes to diversity, according to a...
American Express and Amazon Business Launch Co-branded Credit Cards for Small Businesses in the UK
The co-branded Cards offer flexible benefits and payment optionality by allowing small businesses to decide between earning rewards or adjusting...
Go Global To Expand Your Revenue Stream
By Christian Spaltenstein, Managing Director, AFEX Americas Banking and financial operations have evolved immensely in the past few years. Innovation...
Local authorities and business networks play a key role in small business success, and must be protected during COVID rebuild
23% of UK’s top performing businesses have been supported by local enterprise partnerships and growth hubs Similarly, 30% of Britain’s...
What Does the FinCEN File Leak Tell Us?
By Ted Sausen, Subject Matter Expert, NICE Actimize On September 20, 2020, just four days after the Financial Crimes Enforcement...
Investment Roundtable: Live with Jim Bianco
With Q4’s macro picture still looking grim amid the return of exponential coronavirus waves in Europe and the U.S. and...
Equity markets react to a rise in Covid-19 cases, uncertain Brexit talks and the upcoming US election
By Rupert Thompson, Chief Investment Officer at Kingswood Equity markets had another choppy week, falling for most of it before...
October furlough changes – what you need to know
By Alan Price, employment law expert and CEO of BrightHR The Job Retention Scheme is coming to an end on...
Do we really need banks? Yes, but digital transformation industry-wide is vital
By Charley Cooper is Managing Director at enterprise blockchain firm, R3 The Coronavirus crisis has taught us that we are...
Turning a Critical Eye on Impersonation Scams
By Mike Kiser, security strategist and evangelist at SailPoint “The criminal is the creative artist; the detective only the critic.”...