Featured documents
This Practice Note outlines the law concerning criminal recklessness. The subjective test for recklessness Certain statutory and common law offences allow the prosecution to prove mens rea through ‘recklessness’. Put simply, recklessness is where the accused takes an unjustified risk that results in unlawful harm or damage. The House of Lords in R v G reaffirmed the subjective approach to recklessness. Before R v G, two distinct tests were used, depending on the offence charged: Subjective recklessness from R v Cunningham: the prosecution had to establish that the accused personally foresaw the risk. Objective recklessness from R v Caldwell: the prosecution only needed to show that the risk would have been obvious to a reasonable person, without proving the accused themselves foresaw it. In R v G, the House of Lords concluded that the objective test could operate unfairly where a defendant did not foresee the
This Practice Note examines the remedy of rescission, explaining when and in what manner a contract can be unwound (at common law, in equity and under statute) and thereby terminated and brought to an end. It covers the consequences and effects of rescission, the principal grounds for setting aside an agreement (misrepresentation, mistake, undue influence, duress, non‑disclosure, fiduciary misdealing and bribery) and the main obstacles to claiming rescission—affirmation, the intervention of third‑party rights and the impossibility of restitution. For further guidance on rescission in the context of misrepresentation, see Practice Note: Misrepresentation—rescission as a remedy. There are many ways in which a contract may reach its end; see: Terminating contracts—how and when a contract ends—overview for a brief and accessible summary, with links to the related further practical guidance, including Practice Note: Termination and expiry of contracts. For a table
What is a res judicata? A res judicata is a determination by a court or tribunal with jurisdiction over the cause of action and the parties, which finally disposes of the issues decided so they cannot be litigated again by those bound, save on appeal. Final judgments entered by default or by consent fall within this concept, whereas rulings on purely procedural points and any decision lacking finality do not. The doctrine’s aim is to bring litigation to an end and shield parties from being harassed by the same dispute twice. in personam—binds the parties and their privies in rem—binds all persons, privy or otherwise (ie a judgment binding the whole world) A party may rely on res judicata: as an estoppel to defeat an opponent’s claim or defence; and/or as the basis of their own claim or
The offence of causing grievous bodily harm with intent Wounding or causing grievous bodily harm (GBH) with intent can be tried solely in the Crown Court on indictment. Elements of the offence Under the Offences against the Person Act 1861 (OATPA 1861), the prosecution must establish that the defendant unlawfully and maliciously: wounded with the intention of causing GBH, or caused GBH with that intention, or wounded intending to resist or prevent the lawful arrest or detention of any person, or caused GBH intending to resist or prevent the lawful arrest or detention of any person ‘Unlawfully’ and ‘maliciously’ Unlawfully The wounding or causing of GBH must be unlawful. Such conduct may be lawful if used: in self-defence in defence of another in defence of property for the prevention of crime where the victim gave express or implied consent For further information on these defences, see below:
Most recent Practice notes
The UK’s fourth National risk assessment of money laundering and terrorist financing 2025 ( NRA) outlines the principal money laundering and terrorist financing risks for the UK and explains how these have evolved over recent years since the government’s previous NRA in 2020. This Practice Note sets out the context for the NRA, highlights its principal findings (particularly regarding legal services) and clarifies what the NRA’s publication means for you. Background Under the Money Laundering, Terrorist Financing and Transfer of Funds ( Information on the Payer) Regulations 2017 ( MLR 2017), SI 2017/692, as amended, the Treasury and the Home Office must arrange for a risk assessment to be carried out to identify, assess, understand and mitigate the risks of money laundering and terrorist financing affecting the UK......
Practice Note This Practice Note sets out guidance on the obligation to report material discrepancies in beneficial ownership information. It is aimed at organisations within scope of the Money Laundering, Terrorist Financing and Transfer of Funds ( Information on the Payer) Regulations 2017 ( MLR 2017), SI 2017/692, as amended, when engaging with clients or customers that are corporate bodies and trusts, including overseas entities. It is not a guide for corporate bodies or trusts on their own obligations concerning beneficial ownership information and registration. The Money Laundering and Terrorist Financing ( Amendment) ( No 2) Regulations 2022, SI 2022/860, in force from 1 April 2023, expanded the scope of discrepancy reporting so that it applies: throughout the life of the business relationship, rather than being confined to client inception only to entities recorded on the Register of Overseas Entities (a public register of the beneficial owners of...
Section 54 of the Modern Slavery Act 2015 ( MSA 2015) It obliges certain commercial organisations operating in the UK to publish an annual transparency statement that outlines the actions taken during the financial year to make sure slavery and human trafficking are not occurring in any supply chains or any part of the business. The statement may set out details of the organisation's structure, policies, due diligence, the assessment and management of risk, training, and how effective these measures are in ensuring the business's supply chain is free from modern slavery and human trafficking. MSA 2015, s 54 applies to all commercial organisations that: carry on a business, or part of a business, in the UK ......
AML, CTF and counter-proliferation financing record keeping As UK businesses regulated by the SRA, law firms carry baseline professional and regulatory duties around record keeping by virtue of their status. On top of this, they face additional, standalone record keeping requirements under the anti‑money laundering ( AML), counter‑terrorist financing ( CTF) and counter‑proliferation financing regime. This Practice Note sets out the regulatory requirements on AML, CTF and counter‑proliferation financing record keeping and retention derived from the Money Laundering, Terrorist Financing and Transfer of Funds ( Information on the Payer) Regulations 2017 ( MLR 2017), SI 2017/692, as amended. A separate subtopic— Information management and security—covers broader record keeping obligations. If you are subject to the MLR 2017, you must put in place, and maintain, proportionate and risk‑sensitive record keeping policies and procedures; see Practice Note: Money Laundering Regulations 2017—scope and...
This Practice Note outlines what money laundering is and the legal framework that governs it. The Proceeds of Crime Act 2002 ( POCA 2002), the Terrorism Act 2000 ( TA 2000) and the Money Laundering, Terrorist Financing and Transfer of Funds ( Information on the Payer) Regulations 2017 ( MLR 2017), SI 2017/692, as amended, have significant implications for legal professionals. Breaches can attract serious criminal, administrative and professional sanctions. Definitions of money laundering Money laundering is the method by which criminal proceeds, and their real source and ownership, are altered so they appear lawful. The statutory definitions, however, are considerably wider. Under POCA 2002, money laundering covers: concealing, disguising, converting, transferring or removing criminal property from the jurisdiction entering into, or becoming concerned in, an arrangement that facilitates the acquisition, retention, use or control of criminal property acquiring, using or...
Why you need to manage this risk Information is a valuable asset, and safeguarding it underpins an organisation’s commercial success. It cannot be addressed in a vacuum, as it overlaps with cyber security, data protection, records management and the control of physical spaces. Although every business relies on technology to store and process information, deploying advanced IT will not make your company invulnerable. Criminals online are just as, if not more, sophisticated, and the human element must not be overlooked—your own people can, accidentally or deliberately, expose the organisation to data loss or a cyber attack. This guide recognises that most in-house lawyers and compliance professionals are not information security experts, nor are they typically accountable for it within their organisation; that duty commonly sits with the IT department. Nevertheless, when an information security breach arises, it is usually the in-house legal team and/or...
STOP PRESS: On 19 June 2025, the Data ( Use and Access) Bill attained Royal Assent, becoming the Data ( Use and Access) Act 2025 ( DUAA 2025) and partly commencing that same day. Provisions addressing matters such as handling data subject access requests and granting powers to make further regulations took effect immediately on 19 June 2025. Other elements, including notices from the Information Commissioner and certain aspects of law enforcement processing, commenced on 19 August 2025 (two months after Royal Assent). Most of DUAA 2025’s measures require additional regulations, in the form of statutory instruments, before they can be brought into force. Parts 5 and 6 modify aspects of UK data protection and e Privacy law, including the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 ( UK GDPR), the Data Protection Act 2018 and the Privacy and...
On 6 July 2020, the UK unveiled its first autonomous sanctions regime under the Sanctions and Anti- Money Laundering Act 2018 ( SAMLA 2018). The Global Human Rights Sanctions Regulations 2020 (the human rights sanctions regime), SI 2020/680, empower the UK to establish sanctions regimes designed to ensure accountability for, or to deter, ‘gross violations of human rights’. These measures are commonly known as ‘ Magnitsky sanctions’. This Practice Note sets out the scope of the UK’s global human rights sanctions regime. It details the activities the regime targets, the sanctions available, who is within scope, and the guidance issued by the Office of Financial Sanctions Implementation ( OFSI). It also addresses practical considerations for businesses. For material on the statutory purposes for creating sanctions regimes under SAMLA 2018, the obligations to publish guidance on those regimes, and how...
Financial sanctions seek to shape conduct. The UK runs a global anti-corruption sanctions regime to prevent and combat serious corruption. This Practice Note outlines the scope of that regime under the Global Anti- Corruption Sanctions Regulations 2021, SI 2021/488. It sets out the targeted activities, the sanctions available, who falls within scope, and guidance from the Office of Financial Sanctions Implementation ( OFSI). It also highlights practical issues for businesses. For the statutory purposes for sanctions under the Sanctions and Anti- Money Laundering Act 2018 ( SAMLA 2018), the duty to publish guidance, and how designations are made, varied and enforced, see Practice Note: The UK sanctions framework under SAMLA 2018. Key information The Global Anti- Corruption Sanctions Regulations 2021, SI 2021/488 permit financial measures and travel bans on persons involved in serious corruption. They replace the...
This Practice Note is aimed at law firms, though it may equally assist in-house lawyers. It examines the potential lawful bases under the UK General Data Protection Regulation ( UK GDPR) for processing special category personal data relating to third parties that is received in the provision of legal services. It reflects the UK GDPR and guidance from the Information Commissioner’s Office ( ICO) on the scope of the condition allowing processing where it is necessary for the establishment, exercise or defence of legal claims. For guidance on processing clients’ special category personal data, see Practice Note: Processing special category personal data of clients—law firms. For broader guidance on special category personal data, see Practice Note: How to identify and manage special category personal data. Special category personal data is: personal data revealing racial or ethnic origin, political opinions, religious or...
This Practice Note examines issues, considerations, and recommended approaches for sharing personal data among controllers—covering both joint controllers and independent controllers—in general, commonly encountered business-to-business commercial situations, in line with the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 ( UK GDPR). It presumes a level of reader familiarity with the principal data protection concepts and terms, as well as the role and remit of the Information Commissioner’s Office ( ICO). For a high-level introduction to this topic and related issues, see: Data sharing and transactions—overview. For a higher-level introduction to UK data protection laws more generally, see Practice Note: Data protection law—new starter guide. The UK data protection law collection brings together further general guidance, including guidance on key terms used in the legislation and their meaning, and is a recommended starting point for data protection...
This Practice Note is specifically aimed at private sector commercial organisations in the UK. It delivers practical, day to day guidance on managing data subject requests under the UK General Data Protection Regulation ( UK GDPR). It sets out typical elements shared by all such requests and the issues that can occur when receiving and responding to a data subject request. This Note also explores compliance strategies designed to best equip your organisation to manage, end‑to‑end, the process for dealing with data subject requests. Under the UK GDPR, individuals have several rights relating to their personal data: a right of access the rights to rectification, erasure and restriction of processing a right to data portability a right to object to processing For further guidance, see Practice Note: Rights of data subjects. A data subject can ask a data controller to exercise any one, or more than one, of these rights at any...
Data security sits at the heart of the UK General Data Protection Regulation ( UK GDPR). The sixth data protection principle — integrity and confidentiality — obliges you to implement suitable technical and organisational steps so that personal data is handled with appropriate safeguards and security when processed, including: protection against unauthorised or unlawful processing accidental loss, destruction or damage This Practice Note draws on ICO guidance regarding personal data breaches under the UK GDPR. It also incorporates further practical pointers and information drawn from ICO guidance on managing data security breaches issued under the previous data protection regime; that guidance has now been withdrawn. The Practice Note additionally aligns with materials from the European Data Protection Board ( EDPB). According to the ICO, although the UK has left the EU, these guidelines continue to be...
STOP PRESS: This document is currently being revised to incorporate the Data ( Use and Access) Act 2025 ( DUAA 2025), which amends the UK GDPR and the Data Protection Act 2018. For further guidance on the compliance implications of DUAA 2025, see Practice Note: Data ( Use and Access) Act 2025—compliance implications. This Practice Note sets out the circumstances in which legitimate interests can be used as a lawful basis for processing personal data under the UK General Data Protection Regulation ( UK GDPR). Its approach is grounded in the UK GDPR and informed by: Information Commissioner’s Office ( ICO) guidance— Legitimate interests under the UK GDPR; European Data Protection Board ( EDPB) Guidelines 1/2024 on processing personal data under Article 6(1)(f) GDPR—per the ICO, EDPB materials are no longer directly relevant or binding in the UK regime, though they may still offer...
This Practice Note offers additional guidance on the principal definitions found in the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 (the UK GDPR). For a high-level overview of UK data protection legislation, see Practice Notes: The UK General Data Protection Regulation ( UK GDPR) and Data protection law—new starter guide. The UK data protection law collection brings together further general guidance and is a recommended first point of reference for research. Scope of this Practice Note Given the significant volume of data moving between the UK and the EEA, corresponding EEA data protection rules remain particularly relevant to UK practitioners. There continues to be substantial similarity between: the EU GDPR (which was applicable under UK laws until the close of the Brexit implementation period at 11 pm UK time on 31 December 2020 and still applies within the EEA) the UK GDPR...
You need to implement suitable safeguards to stop personal data being exposed, whether by accident or on purpose. Information security goes beyond cyber security (the protection of your networks and information systems from attack), because it also includes physical and organisational controls. This Practice Note aligns with the UK General Data Protection Regulation ( UK GDPR) and the ICO’s expectations, as described in the ICO’s A guide to data security. The CIA triad The ICO’s guidance explicitly cites the ‘ CIA triad’: confidentiality, integrity and availability. If any of these three pillars is undermined, the consequences can be serious—for you as a data controller and for the individuals whose data you handle. You must also ensure the resilience of your processing systems and services. Resilience means: whether your systems can keep operating during adverse conditions, eg a physical or technical incident, and your...
This Practice Note is designed for law firms, though it may equally be of direct use to in-house lawyers. It examines the possible lawful bases under the UK General Data Protection Regulation ( UK GDPR) for handling clients’ special category personal data specifically. It mirrors the UK GDPR and the Information Commissioner’s Office ( ICO) current guidance on the reach of the condition that permits processing of special category personal data, ‘processing necessary for the establishment, exercise or defence of legal claims’. For further direction on processing special category personal data relating to third parties, see Practice Note: Processing special category personal data of third parties—law firms. For broader practical advice on special category personal data, see Practice Note: How to identify and manage special category personal data. What is special category personal data? Special category personal data is: personal data disclosing racial or ethnic origin,...
This Practice Note outlines, in straightforward terms, the principal features of the UK General Data Protection Regulation ( UK GDPR). See also: Precedent: Data protection quick reference guide—for staff. Aimed at non-privacy specialists, it is complemented by separate, more comprehensive, Practice Notes on the UK GDPR, for example: How to manage data protection compliance How to process personal data lawfully How to identify and manage special category personal data How to manage consent—personal data Data protection officer (or for law firms: Data protection officer—law firms) How to carry out data mapping How to handle data subject requests How to manage international personal data transfers How to handle data protection complaints How to develop a privacy risk register How to handle personal data for direct marketing How to implement data...
This Practice Note provides practical guidance on how to undertake data mapping Drawing on an article by Nicola Fulford of Hogan Lovells and Krysia Oastler of Kemp Little, first published in the Privacy and Data Protection Journal, this note explains how to approach data mapping. Data mapping—working out which personal data your organisation processes—is commonly identified as one of the first priorities in a data protection compliance programme. Data controllers must maintain a written record of processing activities, which must be produced to the supervisory authority on request. See Precedent: Data processing register... As set out in ICO Guidance: How do we document our processing activities?, a sensible first step is an information audit or data‑mapping exercise to confirm what personal data your organisation holds and where it resides. The guidance highlights the need to engage colleagues across the organisation so nothing is...
This Practice Note sets out the requirements of the United Kingdom General Data Protection Regulation, Assimilated Regulation ( EU) 2016/679 ( UK GDPR), where a processor handles personal data for a controller in a commercial setting. It proceeds on the basis that readers are already familiar with core data protection concepts, terminology, and the functions of key regulators. For an initial overview of data protection law, consult the ‘key principles and concepts’ tab in the UK Data Protection toolkit, which is a recommended starting point for research. For a higher-level primer on this topic and connected matters, see: Data sharing and transactions—overview. This Practice Note also sits within the Data protection negotiation guide—controller: processor—collection, which practitioners drafting or negotiating data protection clauses between a controller and a processor may find helpful. In brief UK data protection legislation aims to ensure information about living people (within the scope of...
Popular documents
When evaluating a general damages claim, the practitioner ought initially to refer to the Judicial College Guidelines (JCG)...
This Practice Note This Practice Note reviews mechanisms used in settling litigation. A Tomlin order consists of a consent order paired with a schedule. It operates to stay proceedings on terms that have been agreed. The provisions contained in the schedule may remain confidential. This Practice Note describes the scope of confidentiality attaching to the schedule and sets out how it differs from a standard consent order. Sample wording for a Tomlin order is included, alongside links to precedents, as well as guidance on court approval. It also addresses varying, setting aside and enforcing a Tomlin order, including the considerations the court will take into account when handling applications for each. Further guidance is provided on interpreting and applying the relevant provisions of the CPR; however, some courts and divisions impose very specific requirements for both drafting and approval, and for approaching the schedule and confidentiality issues. Accordingly, you must consider the particular rules and court guide provisions in the forum where your claim is proceeding when drawing up the Tomlin order...
Date [ date ] Parties [ name of Landlord ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Landlord) [ name of Tenant ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Tenant) [ [ name of Guarantor ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Guarantor) ] [ [ name of Mortgagee ] [ of OR incorporated in England and Wales (company registration number [ number ]) with its registered office at ] [ address ] (Mortgagee) ] Definitions Within this Deed, the terms below shall be interpreted as follows: [ Annual Rent • the annual sum reserved under the Lease; ] [ Insurance Rent • the Tenant’s share of the Landlord’s costs of insuring the Property (as set out in the Lease); ] Lease • the lease of the Property dated [ date ], entered into between (1) [ the Landlord OR [ name ...
I, [ name ], of [ address ], solemnly and sincerely state that: [ Matters to be verified, set out in numbered paragraphs ] I make this solemn statement in good conscience, believing it to be true, and pursuant to the provisions of the Statutory Declarations Act 1835. DECLARED at [ details ] this [ day ] day of [ month and year ] Before me ................................................................................ [ signature of the person before whom the declaration is made ] A [ commissioner for oaths OR [ solicitor OR [ insert other qualification ] ] authorised to administer oaths ]...
Discover more from LexisNexis
