Check what guidance you need to follow

If you currently export services to the EU there will a number of changes you need to consider including the rights to establish in the EU, recognition of professional qualifications, data sharing and privacy, and the movement of people.  

For businesses that import services from the EU, there should not be significant immediate changes – except in the case of some sectors such as financial services. UK financial services firms will no longer be able to provide the full range of regulated activities from the UK into the EU after the transition period ends. In order to continue providing these services, UK financial services firms will have to modify their business models: they may move certain operations to existing presences within the EU; they may establish a branch or a subsidiary within the EU or they may rely on the individual European member states’ regimes to mitigate the impacts on their European customers.  

The UK has established the Temporary Permissions Regime (TPR) to enable EEA firms which currently operate within the UK (using the EEA passport) to continue to do so for a temporary period. This means that UK firms who use the services of EEA-based FS firms should have a temporary cover. 

If you are trading services with the EU you need to consider the following: 

1. Trade regulations

If you’re a UK business or professional providing services in the EU, Iceland, Liechtenstein, Norway or Switzerland, you’ll need to check the national regulations of the country you’re doing business in to understand how best to operate. See the selling services guides to each country for more information. 

2. VAT on sales of digital services

Businesses can use the UK’s VAT Mini One Stop Shop (MOSS) to declare sales of digital services to EU consumers made before 1 January 2021. If you wish to continue to use MOSS from 1 January 2021, you will need to register for MOSS in an EU member state. 

Find out more about paying VAT on sales of digital services. 

3. Establishing and structuring your business

If you have a UK business, you might face restrictions on your ability to own, manage or direct a company registered in an EEA country or Switzerland from 1 January 2021. You should be prepared for: 

• additional requirements on the nationality or residency of senior managers or directors
• limits on the amount of equity that can be held by non-nationals

UK companies and limited liability partnerships that have their central administration or principal place of business in certain EU member states may no longer have their limited liability recognised. 

Find out more about structuring your business from 1 January 2021. 

4. Sector-specific information

If you’re a UK citizen with questions about your legal position in any sector, you should: 

• get professional advice
• contact the government of the EEA country where you own, manage or direct a company for more information

5. Auditors

You may need to restructure the ownership and management of your audit firm if it is based in the European Economic Area. 

From 1 January 2021, for audit firms established and approved in EEA states under the Audit Directive, a majority of the ownership and management bodies must be ‘qualified persons’. 

From 1 January 2021, ‘qualified persons’ will not include UK-qualified auditors or UK-registered firms. The definition will continue to continue to include EEA-qualified auditors and EEA-registered audit firms. 

6. Business travel and entry requirements

You can read advice about travelling to specific countries, including travel entry requirements and how to stay safe while you’re there. To find out more about going abroad for work, check the guidance for travellers visiting the EU. 

7. Social security payments for employees

If you’re sending employees to the EEA, they may need to make social security contributions in both the UK and the country in which they are working. 

Find out when you will need to pay social security contributions in the UK, EU, EEA countries and Switzerland. 

8. Recognition of professional qualifications

You’ll need to have your UK professional qualification officially recognised if you want to work in a profession that is regulated in the EEA or Switzerland. It will need to be recognised by the appropriate regulator for your profession in each country where you intend to work. You’ll need to do this even if you’re providing temporary or occasional professional services. 

9. Professionals already working in an EEA country or Switzerland

You don’t have to do anything if your qualification has already been officially recognised by the relevant regulator in an EEA country or Switzerland. The regulator’s decision to recognise your qualification will remain valid after the transition period. 

10. Start working in an EEA country or Switzerland

Check the European Commission’s Regulated Professions Database (REGPROF) to find out if your profession is regulated. Then contact the single point of contact for each EEA country, to find out how to get your professional qualification recognised. 

You can find out more information about individual countries in the selling services country guides. 

11. Lawyers and auditors

There are different rules if you’re a lawyer or an auditor. 

Find out what to do if you’re an auditor 

Find out what to do if you’re a lawyer 

You can find out more information about individual countries in the selling services country guides. 

12. Data transfer and GDPR

UK businesses may need to make changes if they operate across the EEA or exchange personal data with partners in the EEA. You do not need to take action to keep sending personal data from the UK to the EEA (or the 13 countries deemed ‘adequate’ by the EU) from 1 January 2021. 

• Consider how to stay compliant with GDPR and flow of data or holding data.
• Do you need to review any current contracts and/or T&C’s to reflect different trading terms?
• Guidance from the ICO (Information Commissioners Office) suggests using standard contractual clauses to keep data flowing – see links below for more information. 

UK businesses and organisations who send or receive data to or from Europe 

If a business or organisation in the EEA is sending you personal data, then it will still need to comply with EU data protection laws. You will need to take action with them so the data can continue to flow. For most businesses and organisations, SCCs (Standard Contractual Clauses) are the best way to keep data flowing to the UK. Use the ICO SCC Interactive Guidance tool to help you. 

ICO standard contractual clauses  

If someone in the EEA sends personal data to someone else who is outside the EEA, they must comply with GDPR rules on international transfers of personal data. SCCs are one of a number of safeguards which can be used to comply, and the one most likely to be appropriate for small and medium-sized businesses.  

SCCs are standard sets of contractual terms and conditions which the sender and the receiver of the personal data both sign up to. They include contractual obligations which help to protect personal data when it leaves the EEA and the protection of GDPR. 

It is the EEA sender of the personal data which must comply with GDPR rules, but UK receivers may want to assist those senders in complying, to make sure data continues to flow if the transition period ends without adequacy. 

Handling and storing data between the UK and the EU – will we be GDPR compliant? 

This will depend on the outcome of the negotiations, at the moment there is limited guidance. If there is no mutual recognition equivalence between UK GDPR and EU GDPR it could mean that UK businesses hosting EU consumer data are in breach of EU regulation. See the ICO links above for standard contractual clauses, or consider the impact of hosting data in the EU. Consider where to host the data in the case of no deal. 

ICO guidance: https://ico.org.uk/for-organisations/data-protection-at-the-end-of-the-transition-period/ 

You should read the available guidance and consider what additional GDPR (General Data Protection Regulation) safeguards must be put in place if you receive personal data transfers in the UK from an EEA country. 

Read guidance on using personal data from 1 January 2021 to find out if you should take action. 

All companies should review privacy information and internal documentation to identify any details that will need updating from 1 January 2021. 

13. Lead supervisory authority

You may need to deal with a lead supervisory authority in the EEA from 1 January 2021. You should check which European data protection regulator will be your lead supervisory authority. Find details for each country. 

14. Appointing a European representative

You may need to appoint a suitable person to act as your local representative with individuals and data protection authorities in the EEA from 1 January 2021. This is to comply with EU data protection rules. 

Read guidance on European representatives on the ICO website to find out if you should take action. 

15. IP, Trade Marks, Patents & Copyright

After 1 January 2021, international design and trademark registrations designating the EU will no longer provide protection in the UK. Information on the protection of these rights after 1 January 2021 is available below: 

• Protecting your trademark abroad
• Changes to international trademark registrations after 1 January 2021
• International EU protected designs after 1 January 2021
• EU and international designs after 1 January 2021: legal issues for right holders
• Changes to unregistered designs from 1 January 2021
• Changes to SPC and patent law from 1 January 2021
• EU trademark protection and comparable UK trademarks from 1 January 2021
• Conformity assessment bodies: change of status from 1 January 2021

Changes to international trademark registrations after 1 January 2021 

International trademark registrations protected in the EU under the Madrid Protocol will no longer enjoy protection in the UK after 1 January 2021. To address this, on 1 January 2021 UK Government will create a comparable trademark (IR) in relation to each international (EU) trademark designation which has protected status immediately before 1 January 2021. If you own an existing right, you do not need to do anything at this stage. 

Find out more here. 

Changes to EU and international designs and trademark protection from 1 January 2021 

At the end of the transition period (1 January 2021), registered Community designs (RCDs), unregistered Community designs (UCDs), will no longer be valid in the UK. These rights will be immediately and automatically replaced by UK rights. If you own an existing right, you do not need to do anything at this stage. Design protection can currently be obtained via a registered right or an unregistered right in the following ways: 

• a national registered design granted by the IPO of the UK
• a registered Community design granted by the EUIPO
• an international registration designating either the UK or the EU, filed under the Hague Agreement at WIPO
• unregistered protection can be obtained in the UK through the UK design right and the EU unregistered Community design.

On 1 January 2021, any existing RCDs, UCDs, European Union Trade Marks (EUTM), and International (EU) designs and trade marks will only cover the remaining EU member states. For more information check here. 

EU trademark protection and comparable UK trademarks from 1 January 2021 

From 1 January 2021, EUTMs will no longer protect trademarks in the UK. Under the Withdrawal Agreement Act, on the 1 January 2021, the IPO will create a comparable UK trademark for all right holders with an existing EU trademark. Existing EUTMs will still protect trademarks in EU member states. UK businesses can still to apply the EU Intellectual Property Office for an EUTM. 

There will be no changes to UK-registered trademarks as a result of the UK leaving the EU. If you have a pending EUTM application, you’ll be able to apply to register a comparable UK trademark in the 9 months after 1 January 2021. You’ll keep the earlier filing date of the pending EUTM. 

You can apply to: 

• IPO to register a UK trademark
• EU Intellectual Property Office (EUIPO) to register an EU trademark (EUTM)

More information on this topic here. 

16. Changes for E-Commerce

At the end of the transition period, the eCommerce Directive will no longer apply to the UK. Rules relating to online activities in the European Economic Area (EEA) countries may newly apply to UK online service providers who operate in the EEA from 1 January 2021. You should begin to prepare for these changes now.  

The eCommerce Directive applies to ‘information society services’. This covers the vast majority of online service providers, for example, online retailers, video sharing sites, search tools, social media platforms and internet service providers. The Directive currently allows EEA online service providers to operate in any EEA country, while only following relevant rules in the country in which they are established. This framework will no longer apply to UK providers as the UK will have left the EEA. 

1. Check whether you are in scope

The eCommerce Directive applies to ‘information society services’. These are defined as any service that is normally provided: 

• for payment, including indirect payment such as advertising revenue
• ‘at a distance’ (where customers can use the service without the provider being present)
• by electronic means, and
• at the individual request of a recipient of the service

This covers the vast majority of online service providers, for example, online retailers, video sharing sites, search tools, social media platforms and internet service providers. 

2. Check where your service is based

The Directive refers to this as your ‘place of establishment’ and is the fixed establishment where you pursue your economic activity for an indefinite period of time. See paragraph (19) of the recitals to the Directive for further guidance. 

3. Check for new legal requirements

If you are established in the UK, you should check for any legal requirements in any EEA countries you operate in. The rules that you may need to start following are those that fall within the Directive’s ‘coordinated field’. This covers legal requirements in individual EEA states which apply to information society services, for example, rules relating to: 

• online information
• online advertising
• online shopping
• online contracting

UK online service providers may also become subject to ‘prior authorisation’ schemes, such as licensing requirements, in EEA countries where they operate. The Directive does not cover: 

• tax
• questions about agreements or practices governed by cartel law
• certain gambling activities
• personal data covered by the GDPR and e-Privacy Directive
• legal requirements relating to goods such as safety standards, labelling obligations or liability for goods
• requirements relating to delivering or transporting goods.

4. More steps you can take to prepare for changes

We also recommend that you: 

• ensure that you have processes in place for ongoing compliance if individual EEA states change their requirements governing online activities
• consider legal or other professional advice

17. Employing non-UK EU Nationals

Please read our guidance on Workforce.