• ABI guidance: Travelling to the EU in the case of a No-Deal Brexit

Whether you plan to take your family on a continental road trip in the coming months or work for a transport organisation that frequently enters the EU, the results of Brexit may alter your current travelling agenda.

In the event of a no-deal, several UK driving laws will change—for both UK citizens and commercial drivers. All drivers are being urged to contact their insurer to arrange a ‘Green Card’, which would be required under EU regulations as proof of insurance in the event of a no-deal. The Association of British Insurers is advising customers to contact their insurer for a green card about one month before they plan to drive their vehicle in the EU, or risk breaking the law. Don’t wait until it’s too late—use this guidance to ensure compliant driving practices post-Brexit.

Changes for UK Citizens

The government recently announced that—in the event of a no-deal—from 28th March 2019, UK citizens will need additional documentation to drive within the EU or EEA.

In terms of taking a holiday abroad, a no-deal will cause the type of international driving permit (IDP) that some countries accept to change. This means that UK citizens must possess both a UK driving licence and the correct IDP to drive in EU and EEA countries. For more guidance on finding the right IDP for your travels, click here.

If you are a UK driving licence holder that is currently living in the EU or EEA, it’s important to exchange your UK licence for a local EU licence before 29th March 2019. If you fail to do so, a no-deal may require you to pass a driving test within the EU country you reside in to continue driving there. You will be permitted to use your EU licence when visiting the UK, and you can exchange your EU licence for a UK licence (without taking another test) if you return to live in the UK. The government emphasises that you should exchange your licence as soon as possible to avoid longer processing times and delays.

Changes for Commercial Drivers

The government stated that commercial drivers will also need updated documentation to drive within the EU and EEA in the event of a no-deal. Although UK lorry drivers with international routes to and from the EU or EEA currently must have a standard international operator’s licence and a community licence, some countries may not recognise this documentation in a no-deal.

To prepare for this possibility, UK operators need to have an European Conference of Ministers of Transport (ECMT) international road haulage permit for international travel. The application period for ECMT permits closed on 18th January. If you applied for an ECMT permit, click here to find out what happens next. If you did not apply for an ECMT permit, consider investigating other options for transporting goods to the EU and EEA.

Lorry drivers should also consider exchanging their UK Driver Certificate of Professional Competence (CPC) for an EU Driver CPC, which they can do by applying to the relevant body in an EU or EEA country.

For insurance solutions to help weather uncertainty, contact Hamilton Leigh today.

In recent years, UK organisations have experienced a dramatic increase in the prevalence of cyber-attacks, increasing the need for cyber-security risk management. Recent industry research found that there were as many cyber-claims in 2018 as there were in the past four years combined.

While this alarming statistic emphasises the importance of implementing initiatives to protect your organisation’s data, doing so can also help limit your directors’ and officers’ (D&O) liability concerns.

Under the GDPR, directors and officers are largely responsible for prioritising cyber-security throughout their organisation. With this in mind, senior leadership could face serious consequences if our business suffers from a data breach. Consider the following tips to reduce cyber-risk and protect your senior leadership:

• More than IT—Many organisations fail to understand that cyber security should be considered a company wide risk management concern—not just something for IT to handle. Break this stigma among your directors by incorporating cyber-security into routine senior-level discussions. These conversations should pertain to your most critical data assets, including where data is located and who has access to it. In addition, discuss what security controls you have in place and how often they are tested.
• Legal concerns—Your leaders should know what is legally required of them in terms of establishing proper cyber-security measures. In addition, they must document evidence of compliance.
• Access to expertise—As well as discussing cyber security in senior meetings on a routine basis, directors should also receive input from cyber-security experts during these conversations.
• Company culture—Directors need to help generate a culture that prioritises cyber security by setting standards for management, training staff members and providing a proper budget.

Apart from risk management, protect your organisation with robust cyber and D&O cover. For more information, contact Hamilton Leigh today.

While the GDPR has been in place for several months, the ICO kicked off the new year by updating their data protection guidance with more details in the realm of encryption and password practices. Here are the highlights:

• All organisations should possess a proper encryption policy, detailing the use of encryption and outlining associated staff training protocol. The policy should include these standards:
  • Encryption must be included in company risk assessments.
  • The planned encryption method should meet standards such as FIPS 140-2 and FIPS 197.
  • Personal data should be transmitted within an encrypted communication channel over any untrusted networks.
• The ICO emphasises that businesses with an effective password system possess these qualities:
  • The system needs a proper hashing algorithm. Never store passwords in plaintext.
  • All login pages require HTTPS protection. Limit available login attempts.
  • Users must create a password with more than 10 characters.
  • Two-factor or multifactor authentication should be available as needed.

Time is limited for the UK and the EU to craft a proper withdrawal agreement before Brexit takes place on 29th March 2019, leaving room for a range of possible outcomes. Despite the uncertainty, however, it’s crucial for your business to be prepared for anything—especially in the realm of data and technology. No-deal or not, ensure your organisation remains successful and compliant during the Brexit process.

• Transferring data—Regardless of Brexit’s impact, the GDPR is here to stay. But in terms of data transfers, it’s important for your organisation to review its current export practices. Businesses that transfer data between the UK and EU should keep in mind that this could be considered an international practice post-Brexit. This means your organisation must comply with the GDPR’s restrictions on international data transfers by creating a contractual clause.
• Protecting your database—Currently, an EU right known as the Sui Generis right protects all EU databases. In a no-deal, UK businesses established by UK nationals may lose this right. Protect your database in this scenario by including developers with EU connections in your workforce.
• Securing your supply chain—In the event of a no-deal, any arrangements your business has involving the circulation of technology or hardware with the EU may suffer at the hands of customs delays and potential border regulations. Be sure to revisit your supply chain and develop methods to limit your risk.
•  Reviewing your workforce—Many UK organisations employ EU nationals within their workforce. This practice could be problematic if a no-deal takes place and changes current immigration requirements. Make sure all EU nationals have applied for ‘settled status’ to ensure they can continue working for your organisation post-Brexit.
• Updating agreements—Finally, your business should review all contracts and agreements for material technology with Brexit in mind. Pay close attention to elements such as the territorial scope of licences, the location of personal data, rights in databases and currency changes. In addition, ensure ultimate peace of mind during Brexit by securing proper cover, such as trade
  credit insurance. For more information, contact Hamilton Leigh today.

In 2018, testing autonomous vehicle technology did indeed pick up momentum. In Arizona, autonomous vehicle manufacturers and other stakeholders–including insurance companies–are now speeding up their road testing programmes, following a brief hiatus after the fatal self-driving Uber crash. They are driven by the introduction of rules, regulations and official law to makes roads safer. The UK leads the way in terms of legislation and codes of practice relating to autonomous vehicle operations. In July 2018, the UK Government adopted the Automated and Electric Vehicles Act 2018, laying down a regulatory framework that brings automated vehicle insurance into line with the long-standing practice of motor insurance.

The Act ensures that British drivers are covered both when they drive and when the driver legitimately gives the vehicle control. Legislative support was not so easily granted elsewhere. The US had to pass a bill that prevented individual states from blocking driverless car tests after some strict regulations citing public safety concerns. It can be argued that public confidence is exactly what autonomous vehicle technology currently lacks. This is mainly due to the large number of unanswered questions concerning issues such as safety (what criteria are used to define safety in the autonomous era?), liability (when something inevitably goes wrong, who is responsible?), accessibility (who can use a driverless car safely) and so on.

As autonomous vehicle technology continues to advance, and testing becomes more thorough, the insurance industry is really starting to engage. Not everyone can be an expert, but we take the time to learn about the risks. Hamilton Leigh, for example, keep up to date with the latest technological advances and the latest legal and regulatory decisions so that we can keep our clients informed as they continue to accelerate their interest in autonomous vehicle technology.