The Amending WIC Act: Upcoming regulatory changes for water infrastructure in New South Wales (including recycled water, stormwater and wastewater)

The Amending WIC Act: Upcoming regulatory changes for water infrastructure in New South Wales (including recycled water, stormwater and wastewater)

Uncategorized

Last week we talked about the Independent Pricing and Regulatory Tribunal NSW (IPART) Review of Compliance and Enforcement Policy (read the full story here). We mentioned there that a key compliance and enforcement responsibility of IPART relates to Water Industry Competition Act 2006 (WIC Act) licensing.

WIC Act
WIC Act

Today, we look at the upcoming reform of WIC Act licensing contained in the Water Industry Competition Amendment (Review) Act 2014 No 57 (the ‘Amending WIC Act’). This amending Act, while passed into law in 2014, does not come into effect until an associated regulatory framework is ready to be enforced. Last month IPART gave an information session on progress to date, with the scheme intended to come in to effect in 2019.

Today we summarise the key changes introduced in the Amending WIC Act and how its associated framework will impact on water infrastructure providers in New South Wales.

The Amending WIC Act

The Amending WIC Act was introduced as a result of a mandatory five-year review of the WIC Act captured in the ‘Urban Water Regulation Review’ This review pushed for the development of a “regulatory framework that imposes appropriate risk-based requirements, capable of effectively and efficiently protecting public health, the environment and consumers, while minimising regulatory burden on water sector participants.”

The review emphasised the importance of:

  • ensuring that recycling schemes include appropriate treatment standards and adequate end-use controls;
  • increasing consumer protection, including compulsory assessment of scheme viability from the outset, and providing last resort arrangements in the case of failure;
  • better integration of public health, environmental and consumer protection issues in an efficient and effective way;
  • reducing red-tape through narrowing the licensing regime to focus on entities providing utility like services and those operating higher risk schemes.

In line with these proposals the Amending WIC Act introduced:

  • A narrower scope licensing regime. Specifically, there will be four situations where operators of water industry infrastructure will need a licence:

(1) if providing water or sewerage services to 30 or more small retail customer premises (known as a Category A scheme);
(2) if operating large drinking water facilities (>500 kL/day);
(3) if operating large sewage treatment facilities (>750 kL/day);
(4) if providing other infrastructure as declared by the regulations.

  • Bringing metropolitan councils’ operating schemes into the overall framework;
  • A new licensing and approvals framework;
  • A new compliance framework;
  • New operator of last resort provisions.

Next steps

The NSW Government is currently considering amendments to the Water Industry Competition (General) Regulation 2008 to reflect changes to the Amending WIC Act.

IPART is engaging in ongoing consultation and preparing processes in relation to:

  • design approvals
  • operational approvals
  • new licences
  • transitional arrangements for existing WIC Act licence holders, and
  • last resort arrangements.

For more information go to https://www.ipart.nsw.gov.au/Home/Industries/Water/Alternate-water-utilities-WICA/Regulatory-framework/Changes-to-WICA.

If you think we could be of any assistance in relation to existing, transitional or future licensing processes and exemptions for water infrastructure, please don’t hesitate to get in contact.

How minority shareholders might take action against corporation wrongdoing

How minority shareholders might take action against corporation wrongdoing

Uncategorized

In the past, we have looked at some of the existing powers and proposed powers that the Australian Securities & Investments Commission (ASIC) has with respect to corporate wrongdoing (see our previous article here). Today we take a look at a remedy which can be taken by minority shareholders and members of a company when the company’s affairs have been conducted in an “oppressive, unfairly prejudicial or unfairly discriminatory manner” against members of the company. The so-called ‘oppression remedy’. This provides an option for redress for minority shareholders even where some conduct is approved or instigated by majority shareholders.

minority-shareholders
minority shareholders

Note, these introductory notes do not constitute legal advice. For advice on your particular situation, please get in touch with us and we can refer you to the right expertise.

Sections 232 and 233 of the Corporations Act 2001

Section 232 of the Corporations Act 2001 sets out the requirements of this remedy. This remedy applies where the conduct of a company’s affairs; an act or proposed act or omission on behalf of a company or a resolution, or proposed resolution of members of a company, is

  • contrary to the interests of the members as a whole; or
  • oppressive to, unfairly prejudicial to, or unfairly discriminatory against, a member or members whether in that capacity or in any other capacity.

Section 233 provides that, in these cases, the court may make orders:

  • that the company be wound up
  • that the company’s constitution be modified or repealed
  • regulating the conduct of the company’s affairs in the future
  • for the purchase of any shares by any member or person to whom a share in the company has been transmitted by will or by operation of law;
  • for the purchase of shares with an appropriate reduction of the company’s share capital;
  • for the company to institute, prosecute, defend or discontinue specified proceedings;
  • authorising a member, or a person to whom a share in the company has been transmitted by will or by operation of law, to institute,
  • prosecute, defend or discontinue specified proceedings in the name and on behalf of the company;
  • appointing a receiver or a receiver and manager of any or all of the company’s property;
  • restraining a person from engaging in specified conduct or from doing a specified act;
  • requiring a person to do a specified act.

Section 234 specifies that action may be brought by a member of the company (and those dropped from the register in certain special circumstances), and by ASIC.

Was the conduct towards minority shareholders “oppressive, unfairly prejudicial, or unfairly discriminatory”?

This is the test that has usually been used under section 232. The general approach for tests like this (whether in the existing law, in predecessor provisions or in foreign jurisdictions), has been to interpret the three phrases not as separate alternative bases for the remedy, but as matters to be taken together, each phrase colouring the others.

Whether or not some particular conduct falls within the scope of this provision depends on the facts of the case, but some examples of conduct that have been considered to have fallen under the scope of section 232 include:

  • Conduct of board meetings. Such as where a director who may be a majority shareholder, acts as if they ‘are’ the company;
  • Conduct by directors or members which acts to exclude people from management in a company, where they have a right to be involved;
  • Excessive payments to directors;
  • Share issue with the intent of decreasing a minority shareholding.

For further information on the ‘oppression remedy’, the Victorian Law Reform Commission provides a useful resource at http://www.lawreform.vic.gov.au/content/3-oppression-remedy-corporations-act.
*As well as some other individuals listed in section 234 of the Corporations Act 2001.

The Australia/NZ FinTech collaboration: Three things to bear in mind if offering FinTech services across the Tasman

The Australia/NZ FinTech collaboration: Three things to bear in mind if offering FinTech services across the Tasman

Uncategorized

On 19 October, the Australian Securities & Investments Commission (ASIC) and New Zealand’s Financial Markets Authority (FMA) “re-affirmed” a commitment to collaboration and cooperation on the expanding opportunities in FinTech collaboration and innovation.

fintech-collaboration
fintech-collaboration

However, in that media release, there is little detail on what practical opportunities this may provide for Australian business. In today’s article, we describe how this announcement might present a change for Australian businesses and point out three things that an Australian business needs to take into account when considering whether to offer a FinTech service in New Zealand.

Fintech collaboration – What’s changed?

The ASIC/FMA announcement is more than just a “re-affirmation” of the existing relationship between the two regulators. The existing Memorandum of Understanding between the regulators in both countries is general in nature (rather than fintech-specific) signals an intent to “consult, co-operate and exchange information in relation to the laws and regulations of each authority”.

With their latest announcement, the two regulators suggest a move towards the active assistance of FinTech businesses in each respective jurisdiction:

“Regulators will assist innovative businesses hoping to make ventures into each other’s markets by providing referrals for advice and support.”

The relationship between the two regulators will now be equivalent to the relationships that exist between ASIC in Australia and regulators in, Hong Kong, the United Kingdom, Ontario and Singapore (see our previous post on this topic here).

Given that there will now be this assistance for Australian FinTech businesses that seek to operate in New Zealand, what matters do they need to consider before expanding into this market? Below we list three considerations for fintech collaboration.

The trans-Tasman mutual recognition Scheme

The trans-Tasman mutual recognition scheme is a framework involving ASIC, FMA and the New Zealand Companies Office that allows an issuer to offer specified financial products in both countries, while being exempt from many of the requirements that they would otherwise need to meet.

For example, an Australian issuer in the New Zealand market is still subject to all the relevant Australian regulatory requirements, but is not subject to the disclosure and financial product governance requirements under New Zealand’s Financial Markets Conduct Act 2013 (the FMCA). Those eligible financial products include equity or debt securities, interests in an Australian registered scheme, and any interest in, or option to acquire, these financial products.

New Zealand does not have a FinTech regulatory sandbox

We recently discussed the expansion of the Australian regulatory sandbox which allows a range of fintech and credit technology services to be trialled without meeting the need for an Australian Financial Services Licence or an Australian Credit Licence (see our previous post on the subject).

There is no regulatory sandbox in New Zealand which means that there is no general exemption to licensing and compliance requirements for businesses trialling FinTech products.

There are, however, tailored exemptions depending on the type of service and product you wish to provide. For example, the FMCA introduced a bespoke regulatory regime for equity-based crowd-funding. By obtaining a crowdfunding licence, a provider is exempted from some of the regulatory requirements that would otherwise apply, such as the requirement to provide a product disclosure statement (see FMCA, s6 of schedule 1).

Upcoming robo-advice exemption

On 18 October 2017, the FMA announced that it has decided to grant an exemption from the Financial Advisors Act 2008 to enable the provision of personalised robo-advice services in New Zealand. This is necessary as that Act requires that advice be provided by a “natural person” (see s5).

Under this new policy, prospective providers will need to apply to the FMA to rely on this exemption and meet a range of conditions, including consumer protections.

This is intended as a temporary solution until the Financial Services Legislation Bill is passed by the New Zealand Parliament. That Bill would remove from legislation the requirement that such advice be provided by a natural person. Note, however, that with a new Government just appointed in New Zealand, the passage of that bill is now uncertain.

If you think that we could be of any assistance in complying with FinTech collaboration or regulation in other jurisdictions, please get in contact with us and we will either be able to advise you or refer you to the appropriate expertise.

 

Innovative demand response programs being trialled for the upcoming summer

Innovative demand response programs being trialled for the upcoming summer

AU Energy Compliance, Uncategorized

On 11 October, the Australian Renewable Energy Agency (ARENA) and the Australian Energy Market Operator (AEMO) jointly announced that 10 pilot projects have been awarded funding under the new ‘demand response initiative’. This is an initiative designed to manage electricity supply during times of intense pressure on the system.

Demand Response Initiative
Demand Response Initiative

Today we take a look at some of the innovative and varied response programs that are being trialled through this initiative including programs offered being provided by energy distributors, retailers and customers.

Background to the demand response initiative

The Independent Review into the Future Security of the National Electricity Market (the ‘Finkel Report’), released earlier this year, emphasised that the continuing retirement of older energy generators will place increasing pressure on the National Energy Market. This was made particularly evident in the 28 September 2016 state-wide blackout in South Australia, as well as load shedding during the February 2017 heatwave in South Australia and New South Wales (see Finkel Report p29).

To increase the reliability of the network, under pressure, a range of mechanisms are being introduced by both state and federal government including the recently announced National Energy Guarantee (which we discussed here).

Another such mechanism, the ‘demand response initiative’ is a three-year pilot project which involves paying energy users to reduce their energy consumption or free up stored supply on request when reserve capacity falls to critically low levels (see here). Such situations are called ‘demand response events’.

The demand response initiative programs

Listed below are some of the different programs that are being funded and trialled through the demand response initiative:

Innovative distribution procedures

United Energy, a Victorian distribution network provider will initiate a program that remotely reduces the voltage at 47 substations without compromising the effective quality of supply to customers. Each customer will have their voltage reduced by an average of 3 per cent during a demand response event. Appliances will still work as normal and customers will not notice the change. This utilises an ability inherent in distribution networks to reduce voltage temporarily without endangering supply.

‘Virtual power plants’

EnerNOC will develop and operate a 50 MW demand response resource to support the National Electricity Market (NEM). At the time of a demand response event, through an agreement with customers, EnerNOC’s equipment will take a portion of usage from each industrial participant (including paper manufacturers, metalworkers and glass manufacturers).

Customer innovation

Most demand response programs being trialled will be operated by NEM participants such as energy retailers and distributors. But not all. Adelaide company, Intercast & Forge, a manufacturer of metal casings, will install energy systems allowing it to provide demand response energy through powering down furnaces during a demand response event.

Smart thermostats

Zen Ecosystems will deploy a network of “smart” connected thermostats which will aggregate and control heating and cooling within buildings at the time of a demand response event.

Intelligent controllers

Flow power will introduce the ‘kWatch Intelligent Controller’ which will allow for customers to switch off their supply from the network and use their own generators at times of peak demand.

Incentive programs

Powershop and EnergyAustralia will introduce, among other mechanisms, customer incentive programs which will reward customers for reducing their consumption at the time of a demand response event.

Adding supply to the network

AGL’s program will, among other things, allow customers to connect up their own device such as home battery storage and rooftop solar, to supply new energy in the case of a demand response event.

For more information on these programs go to the ARENA website https://arena.gov.au/funding/programs/advancing-renewables-program/demand-response/.

 

AER seeking feedback on revised Draft Retail Exempt Selling Guideline

Uncategorized

pds

By Anne Wardell, Compliance Quarter. 

 

On 6 November 2017 the Australian Energy Regulator (AER) released a revised Draft Retail Exempt Selling Guideline version 5 (Draft Guideline).

The proposed changes to the Guideline are to:

  • improve dispute resolution options for residential exempt customers by requiring exempt sellers with residential customers to be members of, or subject to, a relevant energy ombudsman scheme where they can be accommodated by the scheme,
  • place a clear obligation on exempt sellers to have complaints and dispute handling procedures, and
  • align a number of customer protections within the Guideline with the National Energy Retail Law.

The AER has invited submissions to be lodged by 19 December 2017. There is also a stakeholder forum due to be held on 14 December 2017. To attend the forum you need to email  AERExemptions@aer.gov.au with details of your organisation, name and people attending. It will take place at the AER offices in Sydney, Melbourne, Adelaide, Brisbane, Canberra, Hobart and Townsville.

The Notice of Draft Instrument sets out details of the context in which the draft Guideline has been prepared, the issues involved, and the effects of the proposed changes.

At page 5 of the Notice the AER provides a useful summary of the proposed changes:

‘We propose a number of important Guideline amendments to facilitate access to energy ombudsman schemes for residential customers of exempt sellers in all jurisdictions and provide clear exempt seller obligations regarding complaints and disputes handling processes. We explain the proposed changes and their rationale in section 3.

Other amendments we propose will clarify aspects of the Guideline and conditions and better align key customer protections with those that apply to customers of authorised retailers, for example, those relating to:

  • obligation to supply
  • reconnection or re-energisation
  • payment plans
  • planned and unplanned outages’.

The amendments proposed are:

‘We propose amending the Guideline to give effect to two key changes to improve exempt customers’ dispute resolution options. These are to:

(i)           require exempt sellers that sell energy to residential customers to be members of, or subject to, the relevant energy ombudsman scheme/s where they are able to be accommodated by the relevant ombudsman scheme, and

(ii)          explicitly place obligations on exempt sellers to have in place appropriate complaints and dispute handing processes’ (see Section 3 at p 7).

This follows the consultation conducted In June and July 2017 in relation to their Issues Paper: Access to dispute resolution services for exempt customers. A number of submissions were lodged including from the major energy retailers, Caravan Parks Association of Queensland, Caravan and Camping Industry Association NSW, Manufactured Housing Industry Association of NSW, the state Ombudsman schemes, Tenants Union NSW, Shopping Centre Council and PIAC. All of the submissions are available at Access to dispute resolution services for exempt customers – June 2017.

Further information and copies of the Draft Retail Exempt Selling Guideline and the Notice of Draft Instrument are available on the AER website at Draft Retail Exempt Selling Guideline – November 2017.

ASIC Enforcement Review: Strengthening Penalties for Corporate and Financial Sector Misconduct

ASIC Enforcement Review: Strengthening Penalties for Corporate and Financial Sector Misconduct

Financial Services

The Australian Securities & Investments Commission ASIC Enforcement Review Taskforce (the taskforce) recently released a positions paper ‘Strengthening Penalties for Corporate and Financial Sector Misconduct‘ (the positions paper) which it seeks public comment on. Today we summarise that report, setting out the positions that ASIC seeks feedback on.

ASIC Corporate & Financial Misconduct
ASIC Corporate & Financial Misconduct

Background to ASIC Enforcement

Concerns have been raised in a number of quarters that the penalties regime in legislation administered by ASIC is not fit-for-purpose, does not reflect the seriousness of some offending, and is inconsistent with the penalties for offending of similar seriousness in other financial contexts (such as penalties for insider trading). For further elaboration on these concerns see our previous piece Financial crime doesn’t pay – three ways in which wrongdoers may soon be hit in the pocket

In response to such concerns, the task force was established, charged with looking at the adequacy of civil and criminal penalties for serious misconduct and the possibility of alternative enforcement mechanisms.

The positions paper

In the positions paper, the task force has come up with seven positions that it seeks comment on. We consider each in turn.

Position 1:

The maximum term of imprisonment for criminal offences in ASIC-administered legislation should be increased

ASIC lists a whole raft of offences in Annexure B of the report that could have their penalties increased. Many have a suggested increase from five to ten years. Many others have a suggested increased from two years to five (see positions paper, p85).

Position 2:

The maximum fines for all criminal offences (other than the most serious class of offences) in ASIC-administered legislation should be calculated by using the following formula:

Maximum term of imprisonment in months multiplied by 10 = penalty units for individuals, multiplied by a further 10 for corporations (see positions paper, p30)

A penalty unit is used to describe the amount of a fine under Commonwealth laws (see section 4AA of the Crimes Act 1914). Currently, one penalty unit is $210. The amount is reviewed every three years.

Position 3:

The maximum penalty for a breach of section 184 should be increased to reflect the seriousness of the offence

Section 184 of the Corporations Act 2001 sets out offences applicable to the directors and officers of a corporation based on dishonesty, recklessness and/or bad faith in carrying out their duties. For example, section 184(2) sets out the offence of a director or officer using their position dishonestly with the intention of directly or indirectly gaining an advantage for themselves.

Increasing the penalty from a maximum term of imprisonment of five years to ten years or a fine would better reflect the seriousness of the offending and align the penalty with comparable State-based offences (see positions paper, p34)

It would also align the penalty better with the maximum penalties for offences of similar seriousness in the Corporations Act 2001 such as dishonest conduct in the financial services context (s1041G) and “cheating” in a markets context (such as. section 1041A market manipulation and section 1043A insider trading).

Position 4:

The ‘Peters test’ should be used for all dishonesty offences under the Corporations Act (see positions paper, p34)

Currently, there is no consistent definition of dishonesty for offences under commonwealth law. The ‘Peters test’ applies an objective definition of “dishonest according to the standards of ordinary, decent people”.

Position 5:

Remove imprisonment as a penalty for strict and absolute liability offences

Strict and absolute liability offences are offences which can be committed inadvertently (see positions paper, p37). In general, it is considered inappropriate for offences without a fault element to be subject to possible sanctions of imprisonment.

Position 6:

Introduce an ordinary offence to accompany a range of strict and absolute liability offences as outlined in Annexure C of the positions paper

In line with the justification for position 5 above, it is arguable that some existing strict and absolute liability offences should be subject to significant penalties, where the offender is acting deliberately, or otherwise at fault (see positions paper, p38). Suggested ordinary offences subject to significant penalties would include deliberate offending against certain financial reporting and auditing obligations (sections 286, 307A and 989CA).

Position 7:

Maximum fines for strict and absolute liability offences should be a minimum of 20 penalty units for individuals and 200 penalty units for corporations
Currently, some strict and absolute liability offences have fines which are below this threshold. The taskforce considers these penalties too low and that they do not represent an adequate level of deterrence to would-be offenders (see positions paper, p38).

The positions paper is available on the Treasury website. Submissions for the consultation close on 17 November 2017.

ASIC Annual Report: Current and future directions for compliance

ASIC Annual Report: Current and future directions for compliance

Uncategorized

On Thursday, 26 October, the Annual Report of the Australian Securities & Investments Commission (ASIC) was tabled in the House of Representatives. As one of the chief compliance authorities for business in Australia, it is worth taking a look at ASIC’s report with a focus on ASIC’s current and future compliance activities. We look at four areas identified in that report which will be most relevant to business compliance: regulatory reform, enforcement activities, supporting innovation and ASIC technology and processes.

ASIC Innovation

Regulatory Reform

ASIC notes several areas of regulatory change that ASIC has implemented or been actively involved (see Annual Report, p3). Some of these we have commented on over the last six months including:

  1. Client money reforms (see An update on the OTC derivative client money reforms: be ready for 4 April 2018)
  2. Expansion of the fintech regulatory sandbox (October FinTech update: The new FinTech services and products to be trialled through the regulatory sandbox)
  3. An ongoing review of ASIC’s enforcement powers (Financial crime doesn’t pay – three ways in which wrongdoers may soon be hit in the pocket).

Enforcement Activities

ASIC tallies up its enforcement, investigation and review activities over the 2016-2017 year, including (see Annual Report, p48):

  • conducting approximately 1,440 high-intensity surveillances and 160 investigations
  • a total of $837.7 million in compensation and remediation paid, or ordered to be paid, for investors and consumers.
  • continued progress in legal action against three of Australia’s four largest banks. ASIC alleges that these banks traded in an unconscionable manner and attempted to create an artificial price for bank bills to affect the bank bill swap rate (BBSW),
  • prosecution of 409 directors of failed companies for 723 offences for failing to assist liquidators
  • reviewing more than 320 financial reports of listed entities and other public interest entities
  • reviewing about 9,000 reports of misconduct from the public.

Innovation

In the Innovation space, ASIC has continued its operation of the Innovation Hub to support financial technology (fintech) businesses and has managed the fintech regulatory sandbox. Other activities include:

  • publishing a report setting out the proposed future approach to regulatory technology (regtech) (see our From fintech to regtech: a new area for innovation focus).
  • the first regtech roundtable discussion was held in February 2017 on the application of regtech in Australia, and future opportunities (see Annual Report, p80).

ASIC technology and processes

ASIC has a ‘Regulatory Transformation Program’ in place, to improve how it manages IT systems, big data and analytics and fosters regtech (see Annual Report, p2). This program aims to:

  1. implement one IT platform for internal and external regulatory data, reducing red-tape in the collection of data
  2. explore options for receiving and accessing data, including through the use of regulatory nodes in a distributed ledger.
  3. introduce portals to make compliance and interaction between ASIC and stakeholders easier and faster
  4. implement a single technology strategy to, among other things, provide easier access to ASIC’s data.

To read the full report go to http://asic.gov.au/about-asic/media-centre/find-a-media-release/2017-releases/17-359mr-asic-s-2016-17-annual-report-tabled/

Interested to read other published content around ASIC? Check out ASIC news articles here.

Data Protection Officer – Which Businesses Need One & What do they do?

Data Protection Officer – Which Businesses Need One & What do they do?

Uncategorized

We have previously looked at the sweeping changes to privacy laws coming into effect in the EU. These laws will have an impact on a number of Australian businesses. One of the first steps towards GDPR compliance is to identify whether your business is captured under Article 37 and requires the appointment of a Data Protection Officer (‘DPO‘).

Reading this article will give you the option of downloading our free report on DPO, written by Dr. Drew Donnelly, Compliance Quarter. Download our free report for further details on the DPO by following the instructions in the popup box.

Alternatively, you can complete our FREE GDPR Readiness Questionnaire so that we can help you assess where you stand with GDPR and the work required. Our initial assessment and response is free of charge.

data protection officer

Application to Australian Businesses

While the GDPR is a European regulation it applies to an Australian organisation that controls or processes data (and, indeed, any organisation in the world that controls or processes data), where one of three conditions set out in Article 3 are met:

  • it has a physical establishment in the EU;
  • it offers goods or services to people in the EU; or
  • it monitors the behaviour of people in the EU.

In appointing a DPO, the organisation (whether a controller or a processor), needs to consider hiring or contracting an individual capable of carrying out all the specified tasks. The DPO can be internal or external to the organisation.

Tasks of the Data Protection Officer (DPO)

Article 39(1) sets out the tasks that a DPO is required to perform including:

  • Informing and advising the organisation of compliance requirements under the GDPR
  • Monitoring compliance
  • Supporting Data Protection Impact Assessment (DPIA)
  • Acting as the contact point with the supervisory authority.

Unless it is obvious that your organisation does not require a DPO, WP29 recommends that you document the internal analysis carried out to determine whether or not a DPO is required to be appointed (Guidelines, 2). Note, even if you are not required to appoint a DPO, it may be a good idea to do so, but keep in mind that if you do so you the role and obligations of the DPO will apply as if the appointment had been mandatory (Guidelines, 2).

For the WP29 Guidance see http://ec.europa.eu/newsroom/just/item-detail.cfm?item_id=50083.

Unsure of your requirements under GDPR? Then talk to us for a GDPR review, we’ll set out your requirements, determine if a DPO is required, and offer our ongoing help to ensure you are ready and compliant.