Ofcom, the independent regulator and competition authority for the U.K. communications industry, this month published updated penalty guidelines, which were last revised in 2011.
The new guidelines, announced on Dec. 3, give Ofcom greater flexibility to impose higher penalties for non-compliance. “Companies should therefore take immediate steps to assess and reduce such potential exposure based on the factors contained in the new guidelines,” Francesco Liberatore, an associate in the London office of Jones Day, said in a client alert.
Ofcom launched a consultation in September to discuss revising the guidelines, due to the increasing number of enforcement actions over the years and the overall concern that relatively low fines was contributing to ongoing non-compliance and lack of deterrence.
“[T]the level of the penalty must be sufficiently high to have the appropriate impact on the regulated body at an organizational level,” Ofcom said in the guidance. “It should incentivize the management, which is ultimately responsible for the conduct and culture of the regulated body, to change the conduct of the regulated body as a whole and bring it into compliance, achieving this, where necessary, by changing the conduct at different levels within the organization.”
“The level of the penalty should be high enough that the management recognizes that it is not more profitable for a business to break the law and pay the consequences than it is to comply with the law in the first instance, and that it should, therefore, discourage bad conduct and encourage good practices and a culture of compliance across the organization,” Ofcom added.
The new guidelines incorporate all of the changes proposed by Ofcom in its consultation document, with the central aim of imposing penalties that reflect the seriousness of the infringement and that will act as an effective incentive to comply. Ofcom said the factors it will take into account will vary in each case will vary, depending on what is relevant.
Some examples of potentially relevant factors, however, include:
The seriousness and duration of the contravention;
The degree of harm, whether actual or potential, caused by the contravention, including any increased cost incurred by consumers or other market participants;
Any gain (financial or otherwise) made by the regulated body in breach (or any connected body) as a result of the contravention;
Whether in all the circumstances appropriate steps had been taken by the regulated body to prevent the contravention;
The extent to which the contravention occurred deliberately or recklessly, including the extent to which senior management knew, or ought to have known, that a contravention was occurring or would occur;
Whether the contravention in question continued, or timely and effective steps were taken to end it, once the regulated body became aware of it;
Any steps taken for remedying the consequences of the contravention;
Whether the regulated body in breach has a history of contraventions (repeated contraventions may lead to significantly increased penalties); and
The extent to which the regulated body in breach has cooperated with our investigation.
Ofcam said in the new guidelines that it will adjust the penalty to take into account “the size and turnover” of the company under investigation, meaning Ofcam may impose a larger penalty on a larger company.
The new guidelines don’t clarify how Ofcom will apply the above factors when calculating a penalty for sector-specific regulation violations. Ofcom explicitly states, however, that those factors are “similar” to those it takes into account when setting a penalty under EU/UK competition law. Ofcom may use the same approach when calculating penalties for violations of sector specific regulation and competition law.
“The new guidelines are expected to result into higher fines for non-compliance with Ofcom regulatory requirements,” said Liberatore. “At the same time, technologies are converging, regulations are fast-changing, and the lines between regulated and unregulated activities are increasingly blurred.”
“The combination of these two factors—higher penalties and uncertainty as to the applicable regulatory requirements—creates increased enforcement risk for all regulated companies, particularly in the telecoms sector, caught in an Ofcom regulatory investigation,” Liberatore added. “Therefore, appropriate concrete compliance steps should be taken to try to reduce any such risk exposure.”