Slateford Skip to site navigation

Insights

UK security proposals highlight risk of gaps in reputation

Proposed new powers to call in transactions for approval on national security grounds are another example of how data is being used to assess reputation from afar. Understanding how those rough judgments work enables businesses to avoid their freedom to operate being disrupted.

CCTV cameras attached to a wall. Lots of them

The UK’s proposals for new national security laws on acquisitions bring focus to how assessments of reputation are being made that impact the ability of businesses and individuals to operate freely.

Inspired at least in part by the UK’s agonising over how to deal with Huawei in the creation of 5G infrastructure, but bringing it in line with its Five Eyes and EU allies, the National Security and Investment Bill proposes how an assessment of potential acquirers including ultimate control of an entity, its performance in other businesses and affiliations with wrongdoing will interact with a power to call in transactions for approval.

It has always been the case that in order to achieve their aims businesses have needed to have the right reputation to succeed. What recent years have shown is that analysis is increasingly augmented by processes for accumulating data to form an assessment of what that reputation is. With that comes risk if a gap is allowed to open between what a business thinks it is known for and what an outside observer would conclude from data, or lack of it.

At the most basic level, for all of us our search results have become a curious mix of biography and CV. Show me a person recruiting who doesn’t Google the candidate and I’ll show you someone whose wi-fi is broken. It’s a phenomenon we see regularly in our work – from challenging errors in due diligence databases, to vetting incoming senior executives for reputation and privacy flags for large corporations.

In business this is more to the fore: professional compliance databases mingle with informal searches to inform due diligence across a spectrum of supply chain and ESG risks. Most prominently, it arises in assessing source of funds and – with regulators across the world happy to take on challenges to compliance as a lucrative way of topping up budgets – tracking who banks should be onboarding as clients in the first place and proving where the money is from.

Does the proposed change to UK law make a big difference? On one hand no – most jurisdictions have something similar in effect, and blocking significant transactions will not be done liberally in a post transition period UK. At the same time it is a useful policy statement of what has been developing across business in recent years: the notion that a more proactive understanding of the profile you are creating, an active engagement with erroneous information and willingness to identify what reputation is needed to achieve strategic aims and then deliver it is vital to the ability to operate freely.

For businesses and potential investors it is a timely reminder to check back in on what reputation they need to achieve their aims, and put to the test whether the evidence that will be collated by banks, regulators, counterparties and – it is proposed – UK government ministers backs that up.

What to do

Get started