Data regulator will ‘replace liquidators to pursue fines’
30 November 2023
By Matt Jukes
The Information Commissioner’s Office has revealed that it is willing to replace appointed liquidators with one from its own panel of IPs when chasing fine payments.
The data regulator handles around 40,000 complaints each year and has the power to fine an organisation or its directors up to £500,000 for unlawful marketing calls or texts. It issued £3.3 million in fines between April 2022 and October 2023, enforcing the Privacy and Electronic Communications Regulations 2003 (PECR). The ICO says that when it identifies an organisation with the means to pay, but is not doing so, it will seek formal recovery action.
Writing in the Winter edition of Recovery magazine, Kerry Smith, financial recovery unit manager at the ICO, said: “We have seen cases where directors seek to avoid payment by liquidating their businesses. In these cases, we exercise our full rights as a creditor, and where it is feasible will seek to remove and replace the appointed liquidator with one from our panel.
“Our panel of insolvency practitioners has extensive experience of contentious insolvencies and have built up extensive knowledge of the PECR, legislation and telecoms industry, particularly around how direct marketing works in practice.”
It comes as a study by UK compliance training company Skillscast has suggested that a quarter of micro and small businesses issued a fine by the ICO or FCA over the last three years are now in liquidation, with a third of these being compulsory liquidation. This is in stark contrast to large companies where only 6% of those fined were in liquidation, and in all large-company cases these were voluntary liquidations. The average fine for companies over the three-year period was £130,000.
Vivek Dodd, CEO of Skillcast commented: “Businesses of all sizes can fall short when it comes to compliance issues, many unintentionally, and in turn rack up some hefty fines. These fines are most crippling to smaller businesses, many of whom can sadly end in liquidation because of it.
“Even companies with well-trained staff and thorough compliance processes may get caught off guard. Compliance is an ongoing process, and proactive measures can significantly reduce the risk of fines and legal issues.”
Provisions in the proposed data protection and digital information bill, currently at the reports stage in the Commons, and amendments to the Data Protection Act 2018 could see the fines raised in line with the current penalty for breaches of GDPR (up to £17.5 million).
In her article for Recovery magazine, Smith explains what the ICO can provide in terms of assistance to IPs when the regulator is a creditor and sets out its “expectations” from practitioners in return.
Stephen Hunt, licensed IP and partner at Griffins said: “I’ve seen the ICO be very effective in committee and creditor meetings. It’s helpful to insolvency practitioners to work with creditors who have taken the time to understand insolvency and are consistent in their approach over the lifetime of a case.”
