Each guide identifies five key priorities for the area of risk, and gives a heads-up on why each is a priority area. The priority is explained in further detail, with a series of mini-checklists and action points.
Having a clear understanding of the nature of competition law compliance and the associated risks/challenges for businesses is the first step to setting effective compliance arrangements. We help organisations with this.
Practical guidance tools, registers, training aids and other templates to help you comply with data protection law and manage privacy risks
Helping in-house counsel, privacy and compliance professionals manage the regulatory burden. GDPR, BA, MLR and plenty more, we've got it covered.
The Home Office, HM Treasury, Ministry of Justice, Companies House, Serious Fraud Office and Department for Business and Trade have updated guidance...
This week's edition of Risk & Compliance weekly highlights includes OFSI’s penalty on Colorcon for Russia sanctions breaches, OFSI’s new and updated...
The National Crime Agency (NCA) and The Law Society have launched a joint campaign aimed at solicitors and conveyancers to address payment diversion...
Law360, London: Some 59% of small and midsized enterprises have said they experienced a cyberattack in 2025, Hiscox said on 30 September 2025,...
The Office of Financial Sanctions Implementation (OFSI) has issued a penalty of £152,750 on Colorcon Limited, a pharmaceutical industry supplier and...
How to manage fraud riskThe Economic Crime and Corporate Transparency Act 2023 (ECCTA 2023) introduced a corporate offence of failure to prevent...
What’s new and what’s changed in 2021—Risk & Compliance [Archived]ARCHIVED: This Practice Note has been archived and is not maintained. For more...
How to handle data subject requestsThis Practice Note is intended for private sector commercial organisations in the UK. It provides practical...
Responding to a data subject access request—protecting third party rightsThis Practice Note is intended for private sector commercial organisations in...
What’s new and what’s changed in 2020—Risk & Compliance [Archived]ARCHIVED: This Practice Note has been archived and is not maintained. For more...
Dawn raid—PR Director—flowchartIn the event of a dawn raid, it may be necessary to issue a public statement or respond to press. This Flowchart guides...
Data privacy manager—non-DPO—job description and role profile1Data privacy manager detailsName of organisation[Insert name of organisation]Name of...
Data protection board briefingDate: [insert date]1IntroductionAs our [senior management team OR board], it is important for you to understand how data...
Data protection board report1General informationDate of this report[Insert date of this report]Date of last report[Insert date of last report]Period...
Data protection risk assessment—long form1Background informationAssessment for[state whether the assessment relates to the whole organisation or a...
How to plan and conduct an internal investigationAn internal investigation is a legal process undertaken by an organisation (with or without outside...
Anti-bribery and corruption—post-training assessment answersQuestionCorrect answer1. How many new offences does the Bribery Act 2010 create? (b)...
Money Laundering Regulations 2017—scope and applicationThis Practice Note sets out the scope and application of the Money Laundering, Terrorist...
Money Laundering Regulations 2017—nominated officerThis Practice Note sets out when organisations must appoint a nominated officer (sometimes referred...
Sanctions regime—RussiaThe Russia (Sanctions) (EU Exit) Regulations 2019, SI 2019/855, made under the Sanctions and Anti-Money Laundering Act 2018...
How to manage legal riskIt is often said that running a business means taking risks and that the biggest risk an entrepreneur can take is not to think...
Contract management risk management guideWhy you need to manage this riskContract management is often seen by the business as an activity which is...
Competition law compliance—post-training assessment answersQuestionCorrect answer1. Competition law protects business and consumers from...
SRA Code of Conduct for Solicitors, RELs and RFLs—for in-house lawyersThis Practice Note provides guidance for in-house solicitors on the SRA Code of...
Anti-bribery and corruption—post-training assessment questionsHow to use this testThese questions are designed to test your understanding after your...
How to create a legal risk registerThis Practice Note is intended for in-house lawyers. It explains how to create a legal risk register, a tool that...
Tipping-off and prejudicing an investigationThere are several offences of tipping-off and prejudicing an investigation that apply to the regulated...
Confidentiality risk management guideWhy you need to manage this riskConfidential information is one of the most valuable assets of any business....
Records retention schedule1Introduction1.1This Record retention schedule accompanies and is incorporated into [insert organisation’s name]’s Records...
Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017—key information for businessesThe Money...
This envisages a team of participants coming together to deliver a project jointly, sharing risks and rewards on a ‘no claim, no blame’ basis. See, for example, the NEC4 Alliance Contract (News Analysis: NEC4 Alliance Contract—multiple parties, shared risks and shared incentives).
A type of derivative contract in which two parties agree to exchange the difference in value of a specified asset between the time the contract is opened and the time it is closed. The contract payout will be the difference in the price of the asset. They are similar to spread betting.
Buy-out of a public company (which then re-registers as a private company).