Posts tagged ‘Compliance’

by guest blogger, Nigel White. MD of Web2Market.

The Information Commissioner’s Office (ICO) has recently released new guidelines for Cookie Compliance which affects UK website owners and is based on a new EU directive.

I wonder how many of us even know if cookies are used on our website(s)?

What does the law say?

One little back door to HellSome of the points within the guidelines will mean as website owners, you will need to make changes to your website, to avoid the risk of prosecution.

I won’t go though all the guidelines here, you may well nod off, but the main point is that the responsibility for educating users about cookies and how they are used on your website has been devolved to.

This will include informing users about your and 3rd party cookies should your site be using them (e.g. Google Analytics).  This legislation is to be enforced from May 2012.  It is actually a legal requirement already but we are in a grace period.

Ashley Freidlein from Econsultancy summarises some key points in his article Cookie Compliance or you can read the full guidelines from the ICO here who you will see ask for cookie approval already.

365.121 - Anzac Biscuits

What is a cookie?

A cookie is a small text file that a website may put onto the visitor’s computer to “mark” that visitor.

The website may want to mark the visitor for a variety of reasons.

Examples may be to track a user’s basket as they shop or a retain a user’s website preferences.

How are other people complying with the legislation?

For an example of compliance, you can look at the Information Commissioner’s Office website.  At the top of the page you will see the Cookie notice that they have constructed and installed.

How do you know if your site uses cookies?

It is not immediately obvious if a website uses cookies to work effectively.

Cookies are very frequently used for a variety of situations including, but not limited to, remembering a log-in password and managing a shopping basket. I would recommend carrying out a cookie audit to answer this question.

What should you do now?

To get on the right side of the law, you should find out what cookies are being used on your website by carrying out an audit. We can do that for you – I would estimate an hour’s work.  Once you know what cookies are on the site (if any), we can help you formulate a plan for informing the user of their purpose and possibly allowing the user to opt out.

If there are no cookies on your website, we will not charge for the audit! If you’re still confused about cookies, please call me for a nice explanation 😉  If you would like to request an audit, please let me know.

Best Regards, Nigel White

01480 878510


The information provided in this blog illustrates my opinions and experiences, it does not constitute advice and I do not accept responsibility for any actions taken or refrained from as a result of reading this post.

If you found this post interesting/useful please share it with your social network and/or bookmark it.  Also, your comments are always valued and will help me to write new posts that are relevant to readers of this blog.

When working with charities, the question I get asked the most is “is our TAR detailed enough?” as they naturally do not want to expose all, yet they appreciate that this is a key document that is clearly defined by the SORP 2005 and is crucial in demonstrating compliance with the public benefit tests (see previous blog post ‘Public benefit – your best defence…’)

To answer the question directly the report should:

  • be about 4-6 pages of A4 print, font 11 for a small to medium sized organisation
  • clearly explain how the organisation fulfils it’s objects and adheres to it’s governing document
  • use plain English and refer to the accounts to which it is attached, but not regurgitate the accounting information
  • use the prescribed format set out in the SORP.  i.e. use the 7 key headings.

For those who are not familiar with the SORP 2005, these prescribed headings are:

  1. References and administrative details of the Charity, its Trustees and advisers
  2. Structure, Governance and Management
  3. Objectives and Activities
  4. Achievements and Performance
  5. Financial Review
  6. Plans for future periods
  7. Funds held as a Custodian Trustee (if appropriate)

Model reports are available on the Charity Commission Website

Some key points that are often missed

  • In paragraph 2 explain how trustees are recruited and outline the policies for induction/training of trustees.  Mapping the skills of the board and recruiting to fill skills gaps is a sign of great governance.  If your organisation has carried out this exercise, brag!
  • When explaining to the reader your objectives, paragraph 3, focus on the positive impact significant activities have had and explain how they have contributed to the achievement of the stated objectives.  If the organisation is grant making, ensure the policies are explained and if volunteers are utilised, readers need to understand their role and contribution.  If possible, quantify this in terms of hours, locations etcetera
  • bs00876aPerformance, paragraph 4, should identify milestones and KPI’s so that achievements can be benchmarked against objectives.  The public are keen to know the percentage of resources allocated to overheads, they need to understand the ROI i.e. impact per pound of funds raised.  This is obviously difficult to quantify as many of the aims are emotional, not financial, but trustees should not shy away from trying.  I have often seen larger, national charities measure their impact in terms of taxpayers money saved.
  • The financial review needs to look at each fund and state the principle financial policies adopted.  Take time to clearly explain the reserves policy in particular as the Charity Commission will be monitoring this.  Make comment on how the current years performance and the current activities effect reserves.  Also, outline any financial commitments such as borrowing or obligatory grants.

This list is not exhaustive, but I hope I have set out the key points, please call me if you would like to discuss your TAR or would like me to review your draft.  Please note however, that an auditor can not write this report for you so please don’t ask!

The information provided in this blog illustrates my opinions and experiences, it does not constitute advice and I do not accept responsibility for any actions taken or refrained from as a result of reading this post.