With the implementation date for GDPR imminent, most offshore trust and corporate service providers will be firmly on top of ensuring that their businesses are compliant.
However, those same providers have in many cases overlooked the serious implications that GDPR could have for specific structures, particularly where there is a need to restrict the information available to particular individuals.
This could be for a number of reasons such as business succession, preventing family members from knowing their own or each other’s entitlement to distributions, disinheriting individuals and many others.
Trusts law has traditionally provided strong protection for settlors and trustees wanting to restrict information rights. Where this has been an express purpose for creating a trust, significant thought has often gone into the design of the structure, sometimes at huge expense, to further reinforce the position.
GDPR potentially runs a coach and horses through this by granting access rights to individuals outside the scope of those permitted by trusts law. Trusts litigators have a major new weapon in their armoury.
Trustees would be naive to assume that exemptions built into local data protection regulations offer complete protection, particularly in relation to big, international structures with assets or beneficiaries based in many different parts of the world.
Therefore, as well as considering GDPR and related initiatives from their own businesses perspective, trustees should now be immediately turning their attention to those structures which are particularly sensitive and where restriction of information access to certain individuals is of particular importance.
Steps can be taken to significantly reinforce the position but it requires experts with a deep understanding in both trusts and data protection. We have significant experience in both areas and can help.