what's in the news

Courtesy of Thames Valley Business Magazine February 2012

What could 2012 offer you and your business? For many Thames Valley-based businesses, 2012 is a year for optimism, opportunity, growth and investment, writes Patrick Long, Banking & Finance Partner, Pitmans LLP.
 
Respondents to Pitmans “Funding your Business” Survey , conducted in December 2011, clearly felt the UK economy’s recovery would remain in recession for the majority of 2012, but it is against this backdrop that over 60% of Thames Valley based respondents said that they anticipate a year of steady growth in 2012. This is a marked contrast to respondents from businesses which lie outside of the Thames Valley region, who predominantly forecast trade at similar levels as 2011.

The Thames Valley has long been labelled the economic powerhouse of the UK, thanks largely to its diversity, strong skills based and excellent infrastructure – attracting top talent and global businesses from software, manufacturing, pharmaceutical, utility and construction sectors.

Click here to view the summary of Pitmans “Funding your Business” Survey.

For further information on the survey, please contact Pitmans Banking & Finance team.

Patrick Long
Partner
T: +44 (0) 118 957 0488
E: plong@pitmans.com

Written Ministerial statement

Edward Davey, Minister for Employment relations, consumers and postal affairs; Department for Business, innovation and skills

In March 2011 I announced that we would be taking steps to improve the transparency and confidence of pre-pack sales in insolvency.  We subsequently consulted interested parties on measures targeted at the sales of assets in insolvent companies where these are sold to connected parties (such as the directors or their close associates).

Pre-pack sales can offer a flexible and speedy means of business rescue and when used appropriately can be the best way of maximizing returns for creditors. However, everyone who is affected by insolvency is entitled to have confidence that insolvency procedures are used fairly and that insolvency practitioners deliver the best possible outcome for all creditors.

It is apparent that concerns remain about the use of pre-pack sales, particularly where the assets are sold to a connected party – something that is often referred to as ‘phoenix-ism’. I am concerned about the potential for sales to be effected at an undervalue, particularly in smaller-value asset sales, where unsecured creditors may receive less than they should.  I also believe that it is important to consider the effect of pre-pack sales on competitors in the market.

Following the announcement, BIS officials have discussed the merits and practical application of the proposed measures with a range of interested parties, including secured and unsecured creditors, insolvency practitioners, and business representatives.

Having taken account of all the issues, however, the Government is not convinced that the benefit of new legislative controls presently outweighs the overall benefit to business of adhering to the moratorium on regulations affecting micro-business which is an important plank of this Government’s deregulatory agenda. As much of the concern was related to small businesses, I do not consider that measures should be introduced just for businesses other than micro-businesses. It is for this reason that I am today announcing that the Government will not be seeking to introduce new legislative controls on pre-packs at this time. 

The Insolvency Service, an executive agency of BIS, already monitors compliance by insolvency practitioners with the professional standard Statement of Insolvency Practice 16 (Pre-packaged Sales in Administrations) which requires administrators to provide creditors with early post sale information on details of the sale and the justification for it.

I have asked BIS officials to now undertake an urgent review in conjunction with stakeholders of how the existing controls on pre-packs have been working and whether, in light of their experiences and the outcomes from the monitoring, more could be done within the existing regulatory framework to improve confidence and transparency.  The issues raised by pre-packs are important matters that affect a wide range of stakeholders including business interests, and I look forward to discussing the findings of the review with stakeholders in the spring. 

If you would like to discuss this statement further, please contact our Insolvency & Restructuring team.

Award winning law firm Pitmans LLP has acted on behalf of David Macrae, the Managing Director of Popshots Studios Limited, a distributor of 3D pop-up greetings cards, stationery and promotional and marketing materials in Henley-on-Thames, Oxfordshire. He has acquired Popshots Studios Limited in a management buy-out from the Up With Paper group of companies, based in Mason, Ohio, USA, for an undisclosed consideration.

The transaction was led by Pitmans’ Corporate Partner Philip Weaver, Corporate Partner Adam Dowdney, Corporate solicitor Carolyn Butler, and Banking solicitor Mark Metcalfe.

Commenting on the transaction, David Macrae said “We were referred to Pitmans by an associate and were delighted with the speed and thorough handling of our time-sensitive purchase.”

Adam Dowdney, Pitmans’ Corporate Partner said: “We were delighted to assist David in this management buy-out of a business in which he has been involved for some time. The deal was completed in a very short time-frame, which reflects the flexibility and strength in depth of the Corporate and Banking teams we have here at Pitmans. We wish David every success for the future.”

This article was published by Asset Finance International

The new Bribery Act (the “Act”), is a wholesale reform of the old bribery laws which were a complicated and confusing combination of statutory and common law offences from more than 100 years of legal development in this area.

The need for reform was widely acknowledged, however, the final result may have alarming consequences for corporate entities, including asset lenders and equipment leasing companies operating in and outside the UK, as many law abiding businesses could inadvertently break the new rules if they are not properly prepared. Therefore, it is important for organisations to consider now what the Act means for them and what actions they need to take as a result.

To read more, please click here.

The survey is now closed.

The results will be published in January 2012.

For your copy, please email poppy@pitmans.com

As many workers made their way home for their weekend, over 130 Reading based IT and Business professionals settled in to their makeshift camp for an evening in Forbury Gardens, all as part of the 13th annual Thames Valley Byte Night. Byte Night helps to raise money for the Action for Children charity which helps young homeless people get off the streets.

Sleeping bags were unrolled by many leading Thames Valley based firms, including Microsoft, Barclays Corporate, BDO, Volume and Pitmans LLP. They were joined across the UK by others taking part in similar events in London, Edinburgh and Cambridge.

The events have reportedly raised over £750,000 for the charity, an increase of £183,000 on 2010.

Pitmans Technology team, including Rustam Roy, Tim Clark, Andrew Peddie, Richard Devall and Philip James were pleased to participate in this night of fun, but with a very serious and important message.

Head of Technology, Tim Clark said “Thank heavens for a warm October evening, even though it did start to rain in the early hours of the morning! We’re really grateful to all our family, friends, colleagues and clients for supporting us in our night in the wild. We’ve seen sights in Reading that we didn’t know existed, and will be dining off for years to come. There was great spirit on the night, but thankfully we were in warm sleeping bags. We were very grateful to all those involved and look forward to participating in next year’s event.”

Pitmans next charity event is on the 24th November, when we are holding a charity pub quiz in aid of Combat Stress at the Sun Inn pub on Castle Street, Reading. If you would like to enter a team, please contact Jenny Littlewood.

City Cycle Style is a photographic exhibition of London’s most stylish cyclists by internationally renowned photographer Horst A. Friedrichs at The Royal Exchange, which aims to promote cycling as an enjoyable, stylish lifestyle choice.

Among the exhibition are photographs of Pitmans Partners, Sally Britton and David Archer.

The Lord Mayor hosted the launch event which included an auction of limited-edition fashion accessories including “The Original Boris Bike”, specially designed and engraved with Boris Johnson’s signature by Gunn & Co, to raise funds for the Lord Mayor’s Appeal 2011, Bear Necessities.

Click here to see the City Cycle Style event video.

Photographs courtesy of Jorgie Dieguez

This article was published by Workbooks.com

Philip James, Partner, and Carolyn Butler, Solicitor at Pitmans LLP examine some of the legal issues you should consider when moving to cloud computing and selecting a vendor.

1. Know the flight plan (negotiation and contract)

Carefully review the terms on which you are intending to contract with your cloud provider. Is the contract open to negotiation or are you expected to contract on the cloud provider’s standard terms? If the former, consider your specific requirements, and ensure your contract:
 
• adequately reflects your requirements in unambiguous language in a layout that’s easy to follow (in other words, don’t bury your specifications across numerous schedules);
• clearly delineates the roles and responsibilities of both the cloud provider and your organisation; and
• has quantifiable metrics or KPIs to verify the performance of your cloud provider.

If the latter, review the terms carefully to ensure, firstly, that they are fair and that there are no unpleasant surprises lurking and, secondly, that they cover everything you need them to. If not, seek to vary the standard terms with your cloud provider accordingly.

Look at the extent of the remedies available under the contract. The contract will probably contain limitations of liability, so if you are intending to outsource critical internal infrastructure, check whether those limitations adequately reflect the allocation of liability to your cloud provider.

• What limitation should apply?
• Are there risks for which liability should or should not be excluded? E.g. does the supplier exclude liability for loss of data (this is not much good if you are outsourcing your CRM database!)

In some cases, damages for breach of contract may not be a sufficient remedy if things go wrong, and you may wish to set out alternative, more appropriate remedies under the contract. Other key issues to look out for in your contract are explored in more detail below. In all cases, always seek specific legal advice if you are unsure about the effect of any element of your contract.

Before negotiating a contract with a cloud provider, the European Network and Information Security Agency’s Information Assurance Framework for Cloud Computing, which sets out questions that an organisation should ask a cloud provider, is essential reading¹.

2. First class, business class or economy class? (service levels)

Service levels need to be agreed upfront, and should be expressed in the service-level agreement in terms that are both clear and measurable, including maximum periods of downtime, the relative importance to the business of different elements of the service and processes for remedying defaults. While many businesses look to cloud providers as part of their business continuity strategy, it is also necessary to consider what would happen if the cloud provider’s operations become disrupted. How does your cloud provider manage its response to incidents such as natural disasters or security breaches to ensure disruption is kept to a minimum?

Before you sign up, ask your cloud provider about any extra costs and charges, work out which of these are relevant to your business and budget accordingly. You should also ensure your future as well as your present needs are taken into account: find out how quickly and by how much your cloud provider can scale up the services it provides, and, if you plan to expand your business abroad, whether your provider has the capabilities to meet your needs in other jurisdictions.

It is important that the ramifications of failing to meet the agreed service levels are clearly set out (often a service credits mechanism is used) and that the parties agree a process of escalating remedies in the event that problems supplementary to the agreed remedial mechanisms arise. The resolution of disputes can be a costly and time-consuming exercise, and it is in the interests of both parties to have workable and effective escalation processes in place to ensure problems are worked out amicably, the business relationship is preserved and any disruption is kept to a minimum.

3. Security checkpoints (security and data protection)

It is essential to verify with your cloud provider what responsibilities for security lie within the remit of your organisation and which are their responsibility.

While your cloud provider may be unable to give you precise details about the security measures it has in place (since a detailed disclosure of the systems in use could impair their integrity), a high-level description of those measures should be given, for example, the extent to which data encryption is used, whether anomaly detection systems are applied, the protocols in place to deal with the theft of user credentials and the physical security used to protect the locations where data is stored. Your cloud provider should also be able to tell you whether it meets any of the existing web standards² and give you details of the security features on offer for users, such as user authentication and authorisation/administration controls. Find out whether your cloud provider offers any guarantees that customer resources are fully isolated from one another, and to what degree data, metadata or other traces of use by your organisation is erased before machines are reallocated. You should request sufficient information to allow you to make a sensible judgement about the adequacy of the security measures offered by your cloud provider, whether additional measures are required and need to be agreed in your contract.

Further, your cloud provider may intend to outsource or subcontract any of the operations that it is contracted to supply to you, and, if they do, find out who those third parties are, where they are based, what procedures are used to verify and monitor the quality of services they provide, and the security controls in place to protect your data. For instance, it is not much use having contractual protections in your agreement with your provider if the ‘subbie’ to whom the service is sub-contracted is not subject to the same terms agreed with your supplier (you may also not have conducted due diligence in respect of that subbie).

4. Final destination (location)

Just as importantly, find out where your cloud provider will physically hold your data. Your data should be stored in a jurisdiction where an acceptable level of protection is mandated by law. Data protection standards vary from one jurisdiction to another and, although efforts are being made to harmonise the requirements across the EU as a whole, outside of the EU they may be non-existent. Nevertheless, if you are a business based in the UK, and the data in question is being processed in the context of that business, the full extent of the UK rules will most likely apply.

Further, if you are intending to store personal data in the cloud, such as HR records, take note that the transfer of personal data to a country or territory outside of the EEA is prohibited, unless equivalent protection in that country or territory is assured (and in this respect, if it is to be stored outside the EEA, seek specific legal advice on this issue as there are a number of compliance requirements which may need to be dealt with). Where this is concerned, it is always easier from a data privacy compliance perspective to engage a supplier whose data centre is located in the UK or Europe than enter into an arrangement with a supplier whose servers are in the US or China (or worse still, in a virtual data centre i.e. you don’t know where it is stored!).

Note also that, where HR data is concerned, it is also likely to contain sensitive personal data. As such, there are a number of more stringent restrictions as to how this type of data may be processed and specific consents may need to be obtained from the data subjects (i.e. the person to which such personal data relates). Ideally, find a cloud provider based in your jurisdiction that can provide assurances that data (and at the bare minimum, personal data) will not be transferred outside of the EEA.

It is important to ensure your contract with your cloud provider clearly states the choice of territorial jurisdiction (that is, the country in which any dispute in relation to the country will be heard) and the choice of law that the courts will apply in determining any dispute. Ideally, this should be a jurisdiction in which your organisation operates. If a dispute arises, and the choice of law and jurisdiction has not been specified, under EU law a defendant may be sued where they live, or where the contractual obligation was performed. The applicable law, however, will be the law with the closest connection to your contract. It is easy to see how this can create problems in a cloud computing environment where there are cloud providers all over the globe eager for your business, and where your data could potentially be stored anywhere in the world, so explicitly state in the contract what’s intended.

5. Take a moment to find the nearest exit (transitioning)

Although it may feel like a remote prospect, before you enter into a cloud contract it is necessary to anticipate how you intend to exit those arrangements. Care should be taken to ensure the portability of your data, including your metadata. Review your contract to determine what events could trigger a right to terminate the agreement by either you or your cloud provider. Ask what procedures are in place to export your data (in an orderly fashion) if you change cloud providers or in the event that the agreement is terminated. Find out whether those procedures are regularly tested to ensure that they work.

Also, if there is a specific format in which you expect to receive your ported data, you should try and specify that (to the extent that is possible) in your contract with your supplier. Please note: there may be additional costs associated with ensuring your data is in a format which is compatible with your systems. The ownership of intellectual property (IP) can be a particularly contentious issue in the cloud environment. Examine the IP provisions in the agreement with your cloud provider to determine how data ownership is dealt with, and whether those provisions are acceptable to you. IP is a technical area of law; as such, therefore, if in doubt, always seek specific legal advice to ensure you are adequately protected.

Once you have moved your data, you will no doubt be seeking assurances from your cloud provider that all traces of your data will be deleted as soon as possible. So, before you commit to a particular cloud provider, find out whether this is a realistic prospect: it may take a number of weeks for your data to be deleted if it is stored in more that one place (for example, if it is copied on to back-up tapes) and it may be impossible to destroy your data completely if your cloud provider allows you to share disk space with other customers. If that’s not good enough, give your cloud provider the opportunity to put satisfactory processes in place for you.

For further information in relation to the issues raised by this note, please contact:

Philip James
Partner
pjames@pitmans.com
+44 (0) 207 634 4655

Carolyn Butler
Solicitor
cbutler@pitmans.com
+44 (0) 118 957 0234

¹ http://www.enisa.europa.eu/act/rm/files/deliverables/cloud-computing-information-assurance-framework/?searchterm=assurance framework

² Such as ISO27001 (http://www.27001-online.com/), which implements OECD (Organisation for Economic Cooperation and Development) principles governing security of information and network systems, and the SAS70 auditing standard (http://sas70.com/)

PLEASE NOTE: This note has been prepared to provide general guidance on the benefits as well as some of the risks associated with cloud computing. As such, it should not be relied on. Always seek specific legal advice in relation to your specific circumstances in question.

Pitmans, Thames Valley’s leading law firm, are proudly sponsoring this years Thames Valley Business Magazine Awards, continuing their long-standing relationship with the largest business publication in the region.

The Thames Valley boasts some of the most dynamic and successful companies in the UK. It remains the cauldron of the country’s high technology industries, the home of many manufacturing companies and a base for a wide variety of excellent service and professional organisations. This Award is open to every company in the area and recognises not only profitability, innovation and employment but also the contribution made to the local economic community and the provision of support to culture and charities in the region.

Business of the Year Award – Sponsored by Pitmans LLP

This award is open to every company in the Thames Valley. We welcome applications from businesses demonstrating a true commitment to the entrepreneurial spirit that lies at the heart of the Thames Valley. Judges are looking for those showing a flair for identifying and developing growth markets, have a demonstrable track record of achievement and profitability, present strong employment credentials and display their contribution to the local economic community including support given to charities and the culture of the region.

Pitmans Managing Partner, Christopher Avery comments “winning this category will demonstrate your strength, dynamism and innovation, helping to promote your business to potential targets, boost staff morale and reinforce your reputation across the Thames Valley and beyond.”

We welcome your application for the Thames Valley Business Magazine’s, Business of the Year 2011 Award.

The deadline for all applications is 30th September 2011.

Please download your application form and return to:

Linda Morse
The Business Magazine
2 The Courtyard
The Old Dairy House
Maidenhatch
Pangbourne
Berkshire
RG8 8HP
T: 0118 974 5584
E: linda@elcot.co.uk

Our Technology lawyers are more than just advisers, they regard themselves as part of the industry they practice in. On Friday 7 October, five of our technology team will be sleeping out on the streets of Reading for Byte Night 2011.
 
Over 700 people from the IT and business community will be taking part this year. Byte Night raises valuable funds to help Action for Children tackle the root causes of youth homelessness. The event helps thousands of children and young people across the UK to build better lives with secure accommodation, education and training opportunities and family support.
 
Pitmans’ team consists of Tim Clark, Andrew Peddie, Richard Devall, Philip James and Rustam Roy. They hope to raise over £3000 for the cause and have set up an easy way to support them via Just Giving: http://www.justgiving.com/teams/pitmans/
 
The Pitmans team would be extremely grateful for any support you can offer. Why not contribute to Byte Night 2011? You will be helping fund innovative projects such as the Bayswater Families Centre and the Fostering Therapeutic Service.
 
Last year, Byte Night raised a record £567,000 and this year we need your support to ensure it continues to be the biggest single event benefiting Action for Children. Byte Night really does help change lives. You may find it changes your life too.
 
If you would like to hear about other ways in which your organisation could contribute to this very worthwhile event please get in touch with one of the Pitmans team.