More than a year since the UK population chose narrowly, by referendum, to leave the European Union, in-house lawyers are coming to grips with what Brexit means for their company. In this series, we talk to UK-based in-house lawyers to find out how Brexit is affecting their work day-to-day, as ‘Brexit day’ approaches in 2019.
We spoke to a London-based GC of a software and data company in the financial services sector about how his company is preparing for change.
How have you had to react since the EU referendum result was announced?
Since the vote, Brexit has been a bit of a phony war. Everyone knows it’s a big event, but not what it means. When it first became news, it was a question of ‘What will we do?’; but it’s been a question of reacting to events rather than activating contingencies. We are located in all the major financial centers so we’re quite flexible in terms of where we operate. All our clients are global, so where we service them doesn’t make that much of a difference. Our initial view was that it wouldn’t have much of an impact.
Now, we’re starting to see the first few real practical issues coming up that we’re having to deal with. For example, we’re getting ready for the General Data Protection Regulation (GDPR) kicking in next year, but one of the key questions is: Who’s going to regulate us? Depending on the arrangements the EU makes with the UK, the main regulator for us could be the data authority of a different member state. We’re having to think about that at the moment, talking to the regulator and learning what the regime is there.
How do you deal with the constantly changing situation, with negotiations ongoing?
The lack of detail is difficult, and when you do hear details you take them with a pinch of salt because we know it’s going to change. Even if the government states a position, it’s likely to be subject to drastic change in negotiations. It’s easy to get the feeling that nothing’s going to be known until the last minute — so we’re in contingency planning until things become clearer late on.
To take another issue as an example, we have a client insisting that we hold all their personal data in the European Economic Area (EEA). That’s a technical question, and usually we’d say that’s fine, because our servers are in the UK; but if the UK is no longer in the EEA, then we’re having to think about changing our infrastructure to be ready going forward. That’s the first example where expenditure is attached that we wouldn’t make for any other reason. That’s hard to anticipate.
Is Brexit a key concern in its own right or more of a background issue at the moment?
At the moment Brexit is a small thing bubbling away in the background — it’s not a project in itself. There’s a Brexit aspect to certain projects, such as GDPR or data or IT issues. It hasn’t broken out as its own issue, but I think the closer we get, the more we’ll have to think about it.
The lack of detail is difficult, and when you do hear details you take them with a pinch of salt because we know it’s going to change. Even if the government states a position, it’s likely to be subject to drastic change in negotiations.
How do you prepare for potential redeployments of staff?
We’re lucky in that we have an office in another EU member state as a center of excellence and technical expertise, so if London’s location becomes an issue, we’d have that to fall back on. Roles moving over to different countries has happened before, but it would certainly be a concern for some people in London if they had to move. There’s also an issue in that we’ve got a really international workforce, and they have Brexit hanging over them to an extent too, as we don’t know what rights they’ll have. We’re nationalilty-neutral here with lots of movement between our offices — we don’t usually have to think about nationalities and suddenly we might have to.
Are colleagues throughout the company part of the conversation?
Most of the interest has been from the US — I think they are a bit bemused by it and are wondering what’s going on. There’s really no time to prepare for it at all. From an in-house lawyer’s point of view, it’s hard to plan — you can identify an issue as a risk and put it on the radar, but in terms of the plan to mitigate it, you don’t know what you’re targeting.
How will it affect contracting, with the possible changes to the flow of services, passporting and so on?
I think for us, the direction we’ll take will be led by the global banks that are our clients, who will need their contingency plans in place, and they need to make sure we can meet their needs. It’s likely that there’ll be a wave of contract amendments coming our way quite late in the day, but it’s more about what we can do to help our clients.
Regarding passporting, we’re not regulated but it’ll impact our clients, and that will impact us. We’ll need to support them through those changes. If the banks restructure to move functions to Europe then we may need to shift the balance of our teams to reflect that.