Deterring Ransomware; Encouraging Faster Payments: What Businesses Need To Know

Two separate developments herald the way for increasing protection against cyber criminals; and encouraging businesses to pay their invoices promptly.

Protection against cybercrime

According to the security minister, ransomware criminals pocketed around $1bn in 2023. It is a threat that is only increasing. And according to the Crime Survey for England and Wales, 952,000 computer misuse offences were committed against individuals in England and Wales in the year ending June 2024.

Ransomware is malicious software that infects a computer and demands a ransom from the victim before access and or data is restored. In some cases, the criminals threaten to publish victims’ data on the internet unless a ransom is paid.

Ransomware is proving highly lucrative to the criminals, but can be devastating to the victims and to wider society. While the most serious cases hit the headlines, most do not. Government says that for every case that has been in the news headlines, thousands of others have been targeted where private sector firms have been prevented from doing business.

The government is now consulting on what it calls “world-leading” ransomware proposals, with three wide-ranging proposals are under consideration:

  1. A targeted ban on payments for public services, hospitals and railways

  2. A payment prevention regime covering all potential payments from the UK (both businesses and individuals)

  3. A mandatory reporting regime. This would be accompanied by comprehensive information for the public, explaining the regime and its benefits. Businesses and individuals have until 8 April to respond to the consultation.

Faster payments

Late payments are another scourge for the business community, and can directly cause significant cash flow problems for small business. While there is the statutory right to charge late payment interest on invoices that are least 30 days overdue, in practice many small business are hesitant to take this route for fear of alienating and potentially losing a client.

The Office of the Small Business Commissioner has now launched The Fair Payment Code (replacing the Prompt Payment Code) which is characterised particularly by a new ‘award’ system. UK businesses can apply for an award ‘tier’ – Gold, Silver or Bronze – reflecting their payment practices as follows:

· Gold - for businesses paying at least 95% of invoices within 30 days

· Silver - at least 95% of invoices within 60 days (including at least 95% of invoices to small businesses within 30 days)

· Bronze – where at least 95% of all invoices are paid within 60 days

Applicants are expected to agree to the Code’s principles (of being ‘clear, fair and collaborative’ with suppliers). Businesses will be expected to demonstrate clear and understandable

contracts (including the payment terms) and they must also be committed to avoiding payment disputes – and resolving any disputes quickly.

Where an award is granted, it will last for two years and the business will be able to display the Code’s logo. There will also be opportunity to lodge a complaint about a business to whom an award has been granted.

Most businesses know what it means to act fairly and transparently. Demonstrating those principles in practice helps their suppliers and other businesses, and could now be formally recognised. That has to be good for business.

If you would like us to cover an issue in the next NGM Tax Law Newsletter, we would be delighted to hear from you