I know this sounds patronising. After all, who knows your
business better than you?
I can assure you it isn’t meant to be. The point I’m making
is that, as well as giving an overview of your business, you have to be able to
articulate things like the main idea behind it, your mission and objectives,
and who your main competitors are.
Think about what the market is like, and where it is going
So, what’s the current condition of the market?
Is it growing, fairly stable, or declining?
Are there any notable underlying trends?
What is the demand in the market, and how do your products
or services meet that demand?
What’s your Unique Selling Proposition, and are there any
gaps in the market which you intend to fill?
Know the audience you are selling to
Which segment of the market have you designed your products
and services for?
Women, or men, or both?
Working women, or stay-at-home mothers?
People within a certain age range?
Are they based in cities, suburban or rural areas?
Are they early adopters or technophobes?
What are their problems, and which of these will you solve
with your products and services?
These are some of the questions which will frame your
offering. And they are crucial, because sometimes it’s easy to forget that our products
and services are NOT for us.
They must meet the needs of your target market. Give the people
what they want, as they say!
Brainstorm some ideas about how you will price, market and sell your
products and services
Take some time to think about your pricing strategy.
Most of the time, people think this involves plucking a
price out of the air, but there’s more to it than that!
How much does each unit cost to produce, and what margin
will the market tolerate on top of that?
How does that then match your expectations for income and
profit?
Then, you need to think about how you want to market and
sell products and services. Social media makes advertising and marketing more
accessible, but bear in mind that what works for a similar business may not
work for yours.
So, do a bit of research, and have some intentions for how
you will conduct your sales and marketing campaigns.
How will you measure your success?
“Measure your success” sounds boring, I know!
But if you don’t work out in advance how you’ll do this, how
will you know what you’re working towards?
And more importantly, how will you know when it happens?
Take some time to think through the finances
This part is easy to skip, but is probably the most important
of all.
You need a certain amount of cash to run your business every
month. Sum up your expenses (and don’t forget to include your salary).
What does the total come to?
That’s what the amount you need to have available. Not invoiced
and waiting to be paid; actual cash in the bank. Anything less, and you
immediately have a cash flow problem.
Many a business has been successful on paper and in terms of
invoiced amounts, but ended up filing for bankruptcy because it simply couldn’t
meet its obligations when they were due.
Another key point to address is the length of time you think
it will take to make a profit.
It’s not unusual for some businesses not to make a profit
for some months, or even years. As long as you know that upfront and are
prepared for it, that’s fine!
But if that’s the case, do you have an idea of what the losses
will come to each month? How will this be funded, and how long can you sustain
that?
In my experience, people either don’t plan for these
scenarios, or are far too optimistic with their figures.
P.S. Where I’ve recommended doing research, please don’t think
it has to be onerous.
Ask your family and friends. Use the internet. Create a poll
using Surveymonkey or Google Polls. Some professional bodies – such as the Institute
of Directors – offer research sessions which you can access as part of their
membership. Check with your professional body and see if they can help you do
some, maybe they’ve even done something similar already and have some
statistics they can share with you!
The deadline to submit your self-assessment tax return is 31
January. With just over two weeks to go, it’s a good time to go over the 5
steps you need to follow to complete your self-assessment tax return.
The purpose of the return is to tell Her Majesty’s Revenue
and Customs (HMRC) how much you earned in the last tax year and based on the
information you provide, the appropriate income tax you need to pay is
calculated.
If you are self-employed – so you don’t earn a salary from
which your tax is automatically deducted – or have more than one source of
income, this applies to you!
You can either do the return yourself, or hire an accountant
to do it for you (check out the ICAEW or ACCA websites to find an accredited
professional near you).
If you do decide to do it yourself, there are 5 steps I
suggest you follow. Before I tell you what those are, there are a few things
you need to know:
·
Tax years in the UK run from 6 April to 5 April,
e.g. from 6 April 2016 to 5 April 2017.
·
The deadline to submit your return and pay the
tax due is 31 January after the end of the tax year*. Using the example above,
the deadline is 31 January 2018.
·
Act NOW if you haven’t already, because late
payments attracts a penalty! If you suffered from a serious illness, family
bereavement or a natural disaster you’ll be given a pass, but forgetting or
being away on holiday do not count as reasonable excuses. So don’t put this off
any longer!
Check to see if you qualify
You have to complete and submit a tax return if you were
self-employed in the last tax year, or earned more than £2,500 in untaxed
income.
For example, for landlords with rental properties, or people
who rent out rooms in their homes, if the income after expenses is more than
£2,500, a tax return must be submitted.
Some of the other criteria to consider are earned interest
or dividends more than £10,000.
There’s a full list of these criteria here https://www.gov.uk/self-assessment-tax-returns/who-must-send-a-tax-return,
and there’s also an online tool where you can confirm if you need to do this https://www.gov.uk/check-if-you-need-a-tax-return
Register with HMRC
If you haven’t filled in a self-assessment tax return
before, you’ll need to register with HMRC before beginning the process of
filling in the return.
You can do that here https://www.gov.uk/log-in-file-self-assessment-tax-return/register-if-youre-self-employed
HMRC will send you a Unique Taxpayer Reference – or UTR –
which you’ll need when completing the return online.
Collate all the information you’ll need
Before you start filling in the return, I’d recommend you
get all your records and information ready.
You’ll be asked to provide details for a whole raft of
things which I’ve listed below:
·
The total of what you earned in the year. That
includes income from your business and any employment.
·
Any income earned from dividends.
·
Any income earned from rent.
·
Any income earned from business interests you
may have outside the UK.
·
Any interest earned on your savings.
·
Any interest you paid on borrowings.
·
Any contributions you made to a pension.
·
Any benefits you received, such as state
pension, Child Benefit or unemployment benefit.
·
Any perks you received, such as private
healthcare or a car allowance.
·
Any income earned from the sale of property or
shares.
·
The sum of any valid business expenses.
Complete the return online
Now, you need to fill in all this information online.
Log into the HMRC system here, and input the relevant
information when prompted https://www.gov.uk/log-in-file-self-assessment-tax-return/sign-in/prove-identity
You can fill sections in, save, and come back at a later
time to complete it, if you need to.
Organise your records
Haven’t been that prepared this year? You can always start
now to organise your records, so next year’s return isn’t so tedious! These are
some of the documents I’d recommend you start filing.
·
Invoices
·
Payslips
·
Receipts
·
Bank statements
·
Pension statements
·
Benefit documentation
·
P11D expenses and benefits form.
HMRC requires that you keep records for up to 5 years after
the deadline.
So even though you’ve completed this year’s return, it’s
never too early to get your digital or physical filing in place for next year.
I do both for a catch-all approach – you can never be too careful with the
taxman!
There is a range of online accounting software you can use
to keep track of all these items, and you can also file away hard copies.
And if you get stuck?
HMRC has lots of resources online https://www.gov.uk/topic/personal-tax/self-assessment
which you can look through.
And remember, you can appoint a qualified accountant to do
this for you.
*The 31 January deadline applies if you do your returns
online. You can go old school with your returns if you prefer, but the deadline
for paper returns is 3 months earlier in the October.
The second Payment Services Directive – also known as PSD2 –
becomes UK law on 13 january 2018.
From the name, it’s easy to think it only affects banks.
But hold on! It has implications for you too.
Here’s a summary of what it’s about, and the main ways it
will affect you.
So, what’s PSD2?
The first Payment
Services Directive (PSD) from 2009 put in place a legal framework for payments
and related services across Europe.
It covered the rights and responsibilities of consumers,
users and providers of payment services, and ensured that European countries
implemented, and were held to, a uniform set of standards.
PSD2 builds on the success of PSD, and at its core wants to increase
competition in the industry while reducing the dominance of banks.
Big banks have traditionally held all the aces when it comes
to the business of payments, and when you consider the amount of information
they hold on their customers – data is big business, just ask Facebook! – there’s
been little incentive for them to innovate what they have on offer. Save for a
few companies such as PayPal, Apple and Stripe, few have been able to make even
the tiniest dent in the banks’ market share.
Why is this a problem, you ask? It means that you as a
consumer don’t have much of a choice. When you look at the UK, there are 4 big
banks, with VISA and MasterCard being the two dominant payment card schemes. So
where do you go for a truly different sort of service?
Why was PSD2 introduced?
PSD2 is set to become law in the European Economic Area
(comprising the 28 EU member states, as well as Norway, Iceland and
Liechtenstein) on 13 January 2018, and here are some of the reasons the wheels were
set in motion:
1.
To encourage new players, especially those that
are NOT banks, to get into the business of payments.
2.
To encourage the introduction of new,
cutting-edge technology which will revolutionise the way payments happen in
Europe.
3.
As a result of increased competition and
technology, the expectation is that the cost of payments will fall. A bonus for
consumers!
4.
To improve security around payment processes,
and the way consumer data is handled.
Who is responsible for
PSD2?
PSD2 is a directive issued by the European Commission, which
becomes national law on 13 January.
How does PSD2 affect you?
You already have many rights when it comes to protection
against misuse of your data, and any potential fraud.
PSD2 takes these even further, by mandating that banks and
businesses that process payments use what is referred to as strong customer
authentication (SCA) for payments.
This means they have to take significant steps to make sure
any payment you make is actually coming from – and authorised by – you.
So if you find you’re asked to verify your identity or
payment in a different way, don’t be alarmed. It’s all PSD2-related.
Talking about your data though, in a bid to promote
competition and open it up to new organisations, banks could potentially share
what they know about you with these new players to the market, who will fall
into 2 categories:
Payment Initiation Service Providers, and Account
Information Service Providers.
Agreeing to use these services could make your online
payments simpler and more seamless, and you’ll be better placed to compare
what’s available in the marketplace. It also means you could make a payment
directly from your bank account without using a debit or credit card, which
could save you any card charges and fees.
Don’t worry, your data won’t be shared without your
permission! Banks – who as well as being dominant forces in the landscape, are
also the largest repositories of consumer data – are required by PSD2 to share
this data when you give your permission, as a way of levelling the playing
field.
In preparation for PSD2, your bank will have sent the last
few years developing technical integrations to make the data sharing process
easier. There’s a whole initiative around this within UK banking called Open
Banking, and your bank will have already sent you something that looks like
this:
PSD2 is also meant to end a practice that’s been a pain for
consumers for a long time.
You know when you go into a shop, or book theatre tickets
online, and you’re charged an additional percentage for using your credit card?
That practice – known as surcharging – ends with PSD2.
That’s not to say that shops and retailers will take this
lying down; it’s hard to know how they will respond. They might swallow the
costs, put their prices up across the board (which would affect ALL buyers, not
just those using cards), or offer shoppers an incentive to use different ways
to pay.
The jury is still out on this one, so keep your eyes peeled
to see what happen when you shop after 13 January!
How does PSD2 affect your business?
PSD2 only affects payment institutions, credit institutions,
and electronic money institutions.
If this is not your core business, there is no impact.
The only thing to note is that, if you add a surcharge for credit
cards when collecting payments, this practice will no longer be allowed.
Will Brexit affect PSD2?
The UK government has confirmed that PSD2 implementation
will not be affected by the process of leaving the European Union.
Since that only takes effect in 2019, PSD2 will be fully
implemented and transposed into UK law.
So much content has been produced about GDPR, it can be difficult for readers to make out the wood from the trees.
One of the things about legislation like this, is that it isn’t written in a way that’s clear and easy to understand.
I sometimes wonder if that’s deliberate; the language is intentionally ambiguous, businesses interpret it how they see fit, and then the regulator claims the interpretation isn’t the right one!
There are several terms relating to GDPR which regularly appear whenever it is discussed. To support your understanding of the subject, it helps to get familiar with these terms and what they mean.
To help you do that, here’s a glossary of GDPR terms you should know:
Anonymisation
This occurs when Personal Data (see definition below) is changed so that individuals cannot be identified.
That makes it safer for the Data Subject (see definition below)and means the information can be used more widely since the risk of a breach has been reduced.
Consent
This refers to the permission which must be sought – and given– to collect and process data.
With GDPR, there must be clear proof of consent provided by a Data Subject.
Data Breach
The common misconception is that data breaches involve the loss of data only.
In reality data breaches happen when a failure in security results in the unintentional or deliberate destruction, loss, alteration, unauthorised disclosure of, or access to, personal data.
Under GDPR, Data Processors have to report the breach to their Data Controller as soon as they find out about it, and Data Controllers then have obligations to report this to the Lead Supervisory Authority (see definition below)no later than 72 hours after becoming aware.
Data Controller
This is the organisation that determines the purpose and means for processing Personal Data (see definition below). So if your business collects any sort of data, you’re a Data Controller.
It means you will have to instruct any third party you ask to process data on your behalf, such as a cloud computing provider, and you need to ensure that your contractual arrangements with that third party cover how they process data in a manner that is compliant.
Note that a Data Controller can also be a Data Processor.
Data Processor
This is the organisation responsible for processing data on behalf of a controller.
For example if you use an application like Stripe to accept credit card payments, that application is functioning as a Data Processor on your behalf.
Data Processors have to maintain records of the personal data they hold, and how it is processed.
Data Subject
A Data Subject is the individual or customer whose Personal Data has been collected and processed.
The Data Subject has to provide consent for this to happen, and has Individual Rights pertaining to how his / her data is handled and kept.
Extraterritorial Applicability
You may hear this mentioned about the wider reach of the new regulations.
It refers to the fact that the GDPR is not restricted to businesses which operate within the borders of EU.
As well as all businesses in the EU, it applies to any businesses that serve or monitor customers resident in the EU, regardless of where those businesses are headquartered or located in the world.
For example, GDPR will apply to companies like Facebook, Amazon Web Services, Microsoft, Salesforce, Trello, Twitter and InfusionSoft, as long as they have EU residents as customers and hold their data.
Supervisory Authority
Each EU country has a regulator overseeing the new GDPR.
In the UK, that is the Information Commissioner’s Office (ICO).
Individual Rights
Data Subjects have 8 Individual Rights, which are:
1. Right to be Informed
Refers to the processing information to be provided by businesses as part of their privacy notification. Encourages Data Controllers to be transparent about how they use the data in their care, and here are details of the information that must be supplied.
2. Right of Access
Refers to the rights individuals have to access their personal data.
This will be requested via a Subject Access Request, and the data is to be provided free of charge.
The data must be provided within a month of receiving the request; there is scope to extend this by a further two months if the requests are many and complex.
3. Right to Rectification
Where personal data is wrong or incomplete, individuals can ask for them to be rectified.
The data must be rectified within a month of receiving the request; there is scope to extend this by a further two months if the request is complex.
4. Right to Erasure
Also known as the Right to be Forgotten, this refers to an individual’s right to ask for their personal data to be deleted.
5. Right to Restrict Processing
Refers to an individual’s right to stop their personal data being processed.
There could be a number of reasons for such a request, such as when the accuracy of the data is in question.
6. Right to Data Portability
Refers to an individual’s right to have their data moved, copied or transferred, typically from one technical system or environment to another.
7. Right to Object
Refers to an individual’s right to object to their personal data being processed and used for direct marketing or research.
Data processing must be stopped once such an objection is received.
8. Rights related to Automated Decision Making
Refers to the provisions for profiling and automated decision-making, such as in the case of loan and credit card applications.
Personal Data
Any data that can be used to identify a Data Subject.
Includes – and is not limited to – information about name, date of birth, address, email address, bank details, medical information, social media posts, and IP addresses.
Privacy by Design
This is an approach that puts data privacy and protection front and centre of a business’s projects, systems and processes. Instead of being an afterthought, which is usually the case, Privacy by Design means organisations make data privacy and protection a priority when designing and planning projects, products, systems and processes.
Special Category Data
This includes details of race, ethnic origin, politics, religion, trade union membership, genetics, biometrics, health, sex life or sexual orientation.
Special Category Data contains details which are more sensitive than Personal Data, and can only be requested in certain circumstances since they present significant risks to fundamental rights and freedoms.
*Please note that this blog post does not constitute advice on the legalities of GDPR or data protection. It is for awareness and information purposes only; you remain responsible for getting independent advice and ensuring your business complies with the regulation.