About Risk & Compliance
Lexis+ Risk & Compliance is an online practical guidance product for in-house legal and compliance teams dealing with the ever-increasing and ever-shifting burden of risk and compliance.
Risk management guides
Each guide identifies five key priorities for the area of risk, and gives a heads-up on why each is a priority area. The priority is explained in further detail, with a series of mini-checklists and action points.
Competition & antitrust law compliance
Having a clear understanding of the nature of competition law compliance and the associated risks/challenges for businesses is the first step to setting effective compliance arrangements. We help organisations with this.
GDPR compliance
Practical guidance tools, registers, training aids and other templates to help you comply with data protection law and manage privacy risks
Regulation
Helping in-house counsel, privacy and compliance professionals manage the regulatory burden. GDPR, BA, MLR and plenty more, we've got it covered.
Topics We Cover
Latest Risk & Compliance News
The Office of Financial Sanctions Implementation (OFSI) has updated its UK financial sanctions general guidance. Section 6 of the guidance, which...
The Information Commissioner’s Office (ICO) has released a report containing data about the prevalence of data breaches. The report has practical...
The Foreign, Commonwealth and Development Office (FCDO) has published a joint statement from the UK Department of State and UK FCDO following the...
MLex: Guidance for companies on the UK's new offence of failure to prevent fraud should be issued in summer 2024, the country's home affairs ministry...
The Law Society of England and Wales has made recommendations in response to the Treasury Select Committee’s inquiry on Russian Financial Sanctions....
Latest Risk & Compliance Practice Notes
The EU AML/CTF package—AMLA, AML/CTF single rulebook, MLD6 and Recast EU WTR2The European Commission’s 2020 Action Plan for a Comprehensive EU policy...
Responding to a UK GDPR compensation claim—a practical guideSTOP PRESS—Impact of the Retained EU Law (Revocation and Reform) Act 2023: This Practice...
Children and data protection law—the age appropriate design code (children’s code)The UK data protection authority, the Information Commissioner’s...
Doing business in: IrelandUpdated in September 2020IntroductionIreland is consistently ranked as one of the most attractive locations globally in...
Appointing a European representative—data protectionThis Practice Note is intended for commercial organisations in the UK. It sets out the obligation...
Latest Risk & Compliance Precedents
Records retention schedule (employment)STOP PRESS: The Information Commissioner’s Office (ICO) has published draft guidance on keeping employment...
Data protection privacy notice (recruitment)FORTHCOMING CHANGE: The ICO has published draft guidance on recruitment and selection, which is out for...
Policy—bring your own device (BYOD)This material considers the UK GDPR regime, and legislative links are to Assimilated Regulation (EU) 2016/679, UK...
External data protection officer (DPO) appointment terms—company to individual—pro-clientDelete clause 3.6 of Precedent: Consultancy agreement—company...
Policy—health and safetyCoronavirus (COVID-19): For guidance on health and safety issues in the relation to coronavirus (COVID-19), see Practice Note:...
Latest Risk & Compliance Q&As
Featured Risk & Compliance content
How to manage legal risk
How to manage legal riskIt is often said that running a business means taking risks and that the biggest risk an entrepreneur can take is not to think...
Can a limited company make a subject access request? Can a director of a limited company ask for recordings of calls with us? If yes, what personal data must we provide?
Can I charge a fee for dealing with a data subject access request?
Tipping-off and prejudicing an investigation
Tipping-off and prejudicing an investigationThere are several offences of tipping-off and prejudicing an investigation that apply to the regulated...
Dawn raid—who can raid my organisation and why?
Dawn raid—who can raid my organisation and why?The UK Government has legislated to permit a number of UK authorities to obtain search warrants to...
Contract management risk management guide
Contract management risk management guideWhy you need to manage this riskContract management is often seen by the business as an activity which is...
Confidentiality risk management guide
Confidentiality risk management guideWhy you need to manage this riskConfidential information is one of the most valuable assets of any business....
Money Laundering Regulations 2017—simplified due diligence
Money Laundering Regulations 2017—simplified due diligenceYou may apply simplified customer due diligence (SDD) measures in relation to particular...
SRA Code of Conduct for Solicitors, RELs and RFLs—for in-house lawyers
SRA Code of Conduct for Solicitors, RELs and RFLs—for in-house lawyersThis Practice Note provides guidance for in-house solicitors on the SRA Code of...
Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017—key information for businesses
Money Laundering, Terrorist Financing and Transfer of Funds (Information on the Payer) Regulations 2017—key information for businessesThe Money...
Dealing with the National Crime Agency
Dealing with the National Crime AgencyThis Practice Note provides high-level guidance on dealing with the National Crime Agency. It sets out the role,...
Public statement on data breach
Public statement on data breachStatement by [insert name of organisation] concerning a significant [cyber attack OR data protection breach] on [insert...
Money Laundering Regulations 2017—nominated officer
Money Laundering Regulations 2017—nominated officerThis Practice Note sets out when organisations must appoint a nominated officer (sometimes referred...
Dealing with the Serious Fraud Office
Dealing with the Serious Fraud OfficeSFO—role and powersRoleThe Serious Fraud Office (SFO) is the authority in England, Wales and Northern Ireland...
How to conduct a legitimate interest assessment (LIA)
How to conduct a legitimate interest assessment (LIA)The UK General Data Protection Regulation (UK GDPR) permits processing of personal data where...
Refusing a data subject request—what is ‘manifestly unfounded or excessive’?
If a multinational company with entities in a number of EU states has registered a data protection officer (DPO) with the Information Commissioner’s Office (ICO), does it need to register a DPO in the other EU states where it has entities or is registration in one country sufficient?
Dealing with dawn raids by the Information Commissioner’s Office
Dealing with dawn raids by the Information Commissioner’s OfficeThis document reflects the UK GDPR regime. References and links to the GDPR refer to...
Associated legal terms
Head-end
The control centre for a cable system where signals such as terrestrial and satellite TV channels are received, processed and sent for distribution down the cable system.
Notifiable events
Introduced by Pensions Act 2004, s 69 this regime requires trustees and sponsoring employers of certain defined benefit schemes to report independently in writing to the Pensions Regulator specified events.
Technical analysis
The analysis of historical price movements and trends to predict future price action.
CONTACT US
