February marks the start of the second month after Brexit materializing. The Member States have finally understood that the United Kingdom (UK) is no longer in the European Union (EU) so that the fairy-tale of the Single Market that has lasted for decades is now over. Although many businesses resolved various legal or regulatory issues before 1st January, new challenges inevitably keep arising now, when Brexit is a reality.
What has changed in law? This year, EU law no longer applies to the UK, and the Trade and Cooperation Agreement (TCA) governs relations between the parties reached after lengthy negotiations. Due to the broad scope of EU law, Brexit’s impact has been felt by companies across various sectors – having a business link with the UK means challenges in adapting to the changed regulations and new rules set out in the TCA and domestic law of the UK and EU member states.
We invite you to look at the changes that have taken place in finance, taxation, customs, and data protection.
Fintech
Access to the EU single market and the free movement of the capital provide significant benefits to the EU-based financial market participants. I.e., a single license issued in one Member State allows the financial market participant to operate freely in the whole EU market.
By taking advantage of such a benefit, many fintech players were enabled to provide financial services across the whole EU from their establishment in the UK.
However, the UK’s exit from the EU cut off access of the UK licensed market participants to the EU Single Market. Unfortunately, the TCA does little to facilitate the UK-based financial market participants’ access to the EU market. Therefore, from 1st January 2021 all financial market participants licensed in the UK lost their rights to offer their services to EU customers.
The UK and the EU have agreed to issue the Memorandum of Understanding regarding financial services regulation, financial stability, and equivalence by the end of March 2021 that will give further clarity on the equivalence rules.
Equivalence refers to a decision by one state to recognise another state’s legal requirements for regulating a good or service. In practice, this means that a financial market participant would need only to comply with one set of requirements in both states and could access that state’s market under the scope given by that equivalence decision. Therefore, an equivalence decision made by the EU would allow the UK to retain certain rights to access the EU market.
However, it should also be noted that equivalence is not a substitute for the passporting rights created for the EU based financial market participants. Equivalence covers fewer services and allows operation in fewer areas. Consequently, it will not allow full access to the EU market for the UK-based financial market participants.
Until today, the European Commission has only granted time-limited equivalence decisions allowing UK central counterparties and central securities depositories market access in the EU.
Taking into account the uncertainty of the future equivalence decision and limited scope of operational rights granted with an equivalence, the UK-based financial market participants wishing to continue the provision of financial services in the EU have to consider other market access measures, including:
- setting-up a branch in a member state – although this will limit the right to provide financial services only in the market of that particular member state; or
- establishing a fully authorised subsidiary in the member state and passport its license across the EU.
Taxes and customs
Even before 1st January 2021, the amendments to the tax legislation were adopted in Lithuania. These amendments established that after the withdrawal of the UK from the EU the transitional period of 2 years was set. During this transitional period, the provisions of the laws on corporate income tax, personal income tax, state fees and charges, and charity and sponsorship will continue to apply to the UK to the same extent as to the EU member states. I.e., during 2 years (from 1st February 2020 to 31st January 2022) all exceptions and reliefs enjoyed by the EU member states are applicable, to the same extent, to the UK companies too.
Meanwhile, the law on the Value Added Tax does not provide for such a transitional period. Thus transactions with the UK-based companies are subject to the provisions of the law on the Value Added Tax that are applicable to third countries. It should be noted that a UK company registered in Lithuania as a VAT payer until 28th February 2021, is not under the obligation to have a fiscal agent in Lithuania. If the Trade and Cooperation Agreement Between the EU and UK will enter into force in full scope, there will be no obligation to have a fiscal agent in Lithuania. Otherwise, the STI will inform all the companies about a new obligation regarding a fiscal agent.
Starting from 1st January 2021, import/export procedures have been and will continue to be applied to the transportation of goods from Lithuania to the UK or vice versa. Most importantly, Lithuanian importers applying for the preferential regime (not to apply import duties) need to ensure that the UK exporters can prove that goods comply with the requirements of preferential origin (i.e. the importer needs to have a statement on the origin of goods issued by the exporter).
Data Protection and GDPR
The Brexit transition period came to an end, and a new UK data protection regime came into effect before midnight of 31st December 2020. As of 1st January 2021, the EU General Data Protection Regulation (GDPR) ceased to apply to the UK directly, but effectively with certain amendments, became part of UK domestic law.
This amended version of the EU GDPR is now commonly known as the “UK GDPR”. It contains provisions similar to those enshrined in the original EU GDPR but stands separate from EU GDPR as part of UK domestic law. Alongside the creation of the UK GDPR, various consequential amendments were also made to the UK Data Protection Act (DPA). This new UK data protection regime, together with the UK’s departure from the EU, requires UK, EU and international businesses to take the steps necessary of ensuring that they remain compliant with the two separate data protection regimes in place: EU GDPR and UK GDPR.
In essence, organisations with pan-European operations are likely to have to comply with two separate but similar legislative regimes, with the consequential risk of dual enforcement action (by EU Data Protection Authorities in the EU and the ICO in the UK) in the event of any breach. This also means that organisations need to consider carefully, whether they are within just one or both regimes and take the appropriate actions accordingly. Currently, businesses acting both in the UK and the EU need to consider a number of issues, including data transfers between the EU and UK, records of processing, contracts, policies and procedures, and requirements to appoint EU data protection representatives.