Legal & Compliance

An asbestos survey identifies asbestos-containing materials (ACMs) in non-domestic premises and common parts of leasehold residential blocks. The Control of Asbestos Regulations 2012 require dutyholders to manage asbestos by surveying, recording and assessing risk. Management surveys cover routine occupation; refurbishment/demolition surveys are intrusive and required before works. Surveyors should be UKAS-accredited.

An Assured Shorthold Tenancy is the standard form of private residential tenancy in England since 1997. Most new private lettings are ASTs by default and run for an initial fixed term (commonly 6 or 12 months) before becoming a statutory periodic tenancy. Landlord obligations include deposit protection, gas safety, EPC and electrical inspection. ASTs are being reformed by the Renters' Rights Bill.

The Department for Business, Innovation and Skills (BIS) was a UK government department from 2009 to 2016, responsible for business policy, higher education, science and trade. In July 2016 BIS merged with the Department for Energy and Climate Change to become the Department for Business, Energy and Industrial Strategy (BEIS); since 2023 its functions sit within DSIT, DBT and DESNZ. Older guidance documents are still often cited under the BIS name.

Boiler Plus is the 2018 update to Part L of the Building Regulations for England, raising minimum efficiency and control requirements for gas-boiler installations. All new gas boilers in homes must be at least 92% ErP efficient and gas combination boilers must be installed with one of four additional efficiency measures (e.g. weather compensation, flue-gas heat recovery). The rules are enforced through Gas Safe registration.

Companies House is the UK government agency responsible for incorporating and dissolving limited companies, and for maintaining a public register of company information. Every limited company and limited liability partnership must register with Companies House before trading, and must file annual accounts, a confirmation statement and any changes to directors or share structure. The register is publicly searchable, allowing consumers and businesses to verify a company's legal status, registered address and financial history — a useful tool when vetting a contractor or supplier.

CRB and DBS refer to the same type of criminal record check at different times. The Criminal Records Bureau (CRB) was the body that issued checks in England and Wales until December 2012, when it merged with the Independent Safeguarding Authority to form the Disclosure and Barring Service (DBS). Old "CRB checks" are now "DBS checks", available at basic, standard and enhanced levels. A reference to a CRB check today simply means a DBS check.

A Data Processing Agreement (DPA) is a legally required contract between a data controller and a data processor under UK GDPR Article 28. It must be in place whenever a controller instructs a third party — such as a cloud software provider, marketing agency or payroll bureau — to process personal data on its behalf. The agreement must specify the subject matter, duration, nature and purpose of processing, the type of personal data and categories of data subjects, and the processor's obligations regarding security, sub-processors, data subject rights and assistance with breach notification. Controllers are responsible for selecting processors with appropriate technical and organisational security measures.

A Disclosure and Barring Service (DBS) check reveals an individual's criminal record history for employers and licensing bodies. There are three levels: Basic (any unspent conviction), Standard (spent and unspent for regulated roles), and Enhanced (with barred-list check for work with children or vulnerable adults). DBS is the England and Wales equivalent of Disclosure Scotland and AccessNI. Enhanced DBS subscriptions to the Update Service let workers reuse a check across employers.

The Disclosure and Barring Service (DBS) offers three levels of criminal record check. A Basic check (£18) is available to anyone and shows only unspent convictions. A Standard check (£38) reveals spent and unspent convictions, cautions, reprimands and warnings and is available for certain roles specified in the Rehabilitation of Offenders Act 1974 (Exceptions) Order. An Enhanced check (£38) adds any relevant information held by local police and, where the role requires it, a check against the Children's and/or Adults' Barred Lists. Subscribing to the DBS Update Service (£16 per year) keeps a Standard or Enhanced certificate current and portable between employers.

The Financial Conduct Authority Register is the public list of firms and individuals authorised to provide regulated financial services in the UK. Any business offering insurance broking, mortgages, investments or consumer credit must be authorised or appointed-representative. The Register shows permissions, status and any restrictions. Consumers can also check the FCA Warning List for unauthorised firms.

The Green Deal was a UK government scheme launched in 2013 to finance energy-efficiency improvements through repayments attached to the electricity bill. Although the central government funding stopped in 2015, a private-sector Green Deal Finance Company continues to administer existing plans. Properties with Green Deal charges must disclose them on the EPC. The scheme has largely been superseded by ECO and the Boiler Upgrade Scheme.

Most UK organisations that process personal data must register with the Information Commissioner's Office (ICO) and pay an annual data protection fee. The fee is tiered: £40 for micro-organisations (turnover under £632,000 or fewer than 10 staff), £60 for small and medium businesses and £2,900 for large organisations and public authorities. Certain categories of organisation — including some not-for-profits and businesses processing data solely for personal use — are exempt. Failure to register when required is a civil offence; the ICO can issue a maximum fine of £4,350. Registration appears on the public ICO register, which clients and procurement teams increasingly check.

The Late Payment of Commercial Debts (Interest) Act 1998 gives businesses the statutory right to charge interest on overdue B2B invoices at 8% above the Bank of England base rate (approximately 13% in mid-2024). In addition, the creditor is entitled to a fixed debt compensation charge of £40 per debt below £1,000, £70 per debt between £1,000 and £9,999, or £100 per debt of £10,000 or above. The Act applies automatically unless the contract substitutes a substantial remedy. Businesses cannot fully contract out of the Act in standard terms — any attempt to reduce the statutory rate must offer a substantial remedy instead.

Legitimate interests is one of the six lawful bases for processing personal data under Article 6 of the UK GDPR. To rely on it, the organisation must carry out a three-part Legitimate Interests Assessment (LIA): identify a legitimate interest (commercial, social or legal), show the processing is necessary for that purpose, and demonstrate the interest is not overridden by the rights and freedoms of data subjects — the so-called balance test. It cannot be used for processing special category data (health, biometric, race, religion) which requires a separate condition under Article 9. The LIA should be documented and included or referenced in the privacy notice.

The Mental Capacity Act 2005 provides the legal framework for decisions made on behalf of adults in England and Wales who lack capacity to decide for themselves. Five statutory principles include the presumption of capacity and the requirement to act in the person's best interests. The Act underpins Lasting Powers of Attorney and Deprivation of Liberty Safeguards. Equivalent regimes exist in Scotland (Adults with Incapacity Act 2000) and Northern Ireland.

An MOT is the annual roadworthiness test required for most UK vehicles over three years old (four in Northern Ireland). The test covers brakes, lighting, tyres, exhaust emissions and structural condition against DVSA standards. MOTs can only be issued by approved test centres displaying the blue triangle sign. The MOT status of any vehicle can be checked free using the registration number on gov.uk.

Ofcom is the UK regulator for communications services — telecoms, broadcasting, postal services and, since 2023, online safety. It licenses spectrum, regulates BT Openreach, enforces broadcasting standards on TV and radio, and from 2025 enforces the Online Safety Act duties on user-to-user platforms and search engines. Consumers can also escalate unresolved complaints about telecoms or broadband to Ofcom-approved ADR schemes.

A partnership agreement is the contract between business partners setting out capital contributions, profit-sharing, decision-making, dispute resolution and exit terms. In the absence of a written agreement, the default Partnership Act 1890 rules apply — which often produce unintended outcomes such as equal profit shares regardless of contribution. LLP members typically sign an analogous LLP Members' Agreement.

The Party Wall etc. Act 1996 governs works affecting a shared boundary in England and Wales — typically a party wall, party fence wall or excavation within 3-6 metres of a neighbour. The Building Owner must serve formal notice on adjoining owners at least one or two months before starting work. If consent is not given, surveyors draw up a Party Wall Award. The Act does not apply in Scotland.

The Privacy and Electronic Communications Regulations 2003 (PECR) govern electronic marketing — email, SMS, automated calls and faxes — and cookie consent in the UK. Marketing emails and texts to individuals (not sole traders) require prior opt-in consent; B2B marketing to corporate subscribers can be sent on an opt-out basis provided a means to object is included and there is an existing business relationship. Cookies (other than strictly necessary ones) require informed, freely given consent from users before being set. The ICO enforces PECR and can issue fines of up to £500,000 for serious breaches — distinct from UK GDPR fines.

A PSC is an individual or entity holding more than 25% of shares or voting rights in a UK company or LLP, or otherwise exercising significant influence. The PSC Register has been a mandatory part of corporate transparency since 2016 and is publicly visible on Companies House. Changes must be filed within 14 days. The regime applies to almost all UK companies and most LLPs.

The Renewable Heat Incentive (RHI) was the UK government subsidy paying owners of eligible renewable-heat installations (heat pumps, biomass, solar thermal) over seven years. The Domestic RHI closed to new applications in March 2022 and was replaced by the Boiler Upgrade Scheme. The Non-Domestic RHI closed earlier in 2021. Existing accredited participants continue to receive payments until their seven-year term ends.

The right to erasure (also called the right to be forgotten) under UK GDPR Article 17 allows individuals to request that an organisation deletes their personal data in certain circumstances — for example, when the data is no longer necessary for the original purpose, consent has been withdrawn, or the data was unlawfully processed. Organisations must respond within one month, either complying or explaining a valid reason for refusal. The right is not absolute: legitimate exceptions include where processing is necessary for legal claims, public interest tasks or compliance with a legal obligation. Refusing a valid erasure request can lead to an ICO investigation and fine.

A Right to Work check is the legal duty on every UK employer to verify, before employment begins, that a worker is permitted to work in the UK. Checks are done by examining original documents, via the Home Office online checking service, or through an Identity Service Provider (IDSP) for British and Irish citizens. A compliant check gives the employer a statutory excuse against a civil penalty of up to £60,000 per illegal worker.

A Section 21 notice is the no-fault eviction route under the Housing Act 1988 for landlords ending an Assured Shorthold Tenancy in England. Strict procedural requirements — deposit protection, gas safety, EPC, How to Rent guide — must be met for the notice to be valid. The Renters' Rights Bill 2024 proposes to abolish Section 21 in favour of expanded Section 8 grounds.

A shareholders' agreement is a private contract between the shareholders of a company governing matters not fully covered by the Companies Act 2006 or the company's articles of association. Typical clauses cover board composition, reserved matters, pre-emption rights, drag-along and tag-along, deadlock and exit mechanics. Unlike the articles, it is confidential and not filed at Companies House.

A Standard Industrial Classification (SIC) code is a five-digit number that describes the nature of a business's activities. In the UK, Companies House uses SIC codes to categorise the work a company does; directors must provide at least one code when incorporating a company or filing a confirmation statement. HMRC also uses SIC codes for statistical and administrative purposes. The codes are based on the ONS 2007 SIC list, which groups all economic activity into sections, divisions, groups and classes — for example, 47710 covers retail sale of clothing in specialised stores.

Strike-off is the process by which a company is removed from the Companies House register and dissolved. Voluntary strike-off (form DS01) is open to companies that have not traded for three months and have no live charges. Compulsory strike-off is initiated by the Registrar for non-filing. Any remaining assets at strike-off pass to the Crown as bona vacantia.

Tenancy deposit protection requires landlords of Assured Shorthold Tenancies in England and Wales to lodge any deposit in one of three government-approved schemes (DPS, mydeposits, TDS) within 30 days and serve prescribed information on the tenant. Failure to protect blocks the landlord from serving a Section 21 notice and exposes them to penalties of 1-3 times the deposit.

Under Part 2 of the Consumer Rights Act 2015, any term in a B2C contract is unfair — and therefore not binding on the consumer — if it creates a significant imbalance in the parties' rights and obligations to the detriment of the consumer, contrary to the requirement of good faith. All consumer-facing terms must be written in plain and intelligible language; if there is doubt about the meaning of a term, the interpretation most favourable to the consumer prevails. Terms most commonly challenged as unfair include automatic renewal clauses, unilateral price variation after contract formation and disproportionate cancellation penalties. The CMA and Trading Standards can take enforcement action against businesses using unfair terms.