In the latest budget announcement on February 16th, 2024, the Ministry of Finance (MOF) unveiled significant tax reforms set to reshape Singapore’s fiscal landscape. Notable among these changes is the adoption of BEPS 2.0 Pillar 2, slated for implementation starting January 2025. This initiative targets large Multinational Enterprises (MNEs), aiming to establish a minimum effective tax rate of 15%. Such measures reflect Singapore’s commitment to international tax standards and ensuring a fair and equitable tax environment for businesses operating within its jurisdiction.
Singapore Budget Highlights
Stay informed and prepared for the evolving tax landscape of Singapore. Download our comprehensive overview of the budget highlights for 2024 to gain insights into the latest reforms and their implications for your business.
Shift from CSR to ESG in Corporate India

For entities operating beyond the borders, it’s imperative to understand evolving corporate law in international business avenues. In the corporate business landscape in India, there’s a visible shift from CSR (Corporate Social Responsibilities) to ESG (Environmental, Social, and Governance) in recent years. This shift in paradigm redefines the way businesses operate in the country, besides reshaping regulatory frameworks and standards of accountability.

In this edition, let’s have a comprehensive look into the relationship between corporate law and the sustainability revolution in the country. Foreign companies investing in India presently find themselves at a crossroads as the focus shifts to ESG globally. To make room for new norms, corporate law in India is undergoing a profound transformation. This explains why companies need to fulfil their reporting obligations amidst the growing influence of shareholder activism.

Why is ESG a Cornerstone of Corporate Responsibility?

ESG has proven to be a key progression in corporate sustainability. These standards serve as a parameter to evaluate the commitment of a company to stakeholder engagement, protecting the environment, and effective governance. ESG standards ensure compliance with ethical business practices and enable investors to evaluate companies before investing in them.

Foreign companies operating in India need to understand that establishing and maintaining a comprehensive ESG framework involves certain initial costs. However, this returns a substantial benefit in the long run. Experts recommend against neglecting ESG factors since they can prove detrimental to the finances, reputation, and legal standing of firms expanding to India.

The Shift from CSR to ESG for Better Corporate Accountability

ESG practices in India define a departure from the traditional shareholder-centric approach that CSR initiatives carry. Unlike CSR, ESG comes up with a more holistic focus on all stakeholders. This marks a significant shift in corporate strategies.

Let’s understand this transition based on three key aspects.

1. Evidence-based Accountability

CSR initiatives are often based on marketing narratives and anecdotal evidence. On the other hand, ESG presents a new era of accountability backed by quantifiable metrics. Transparency and specificity in evaluating the performance of a company enhance the credibility of its efforts to maintain sustainability. This significantly addresses concerns of ‘greenwashing’.

2. Integrated Approach to Management

While CSR initiatives present a fragmented nature, ESG issues remain interconnected inherently. Environmental, social, and governance aspects often intersect and require a cohesive approach to management that involves the entire leadership team and board of directors.

3. Strategic Importance

Traditionally, CSR initiatives were often justified by their potential to reduce operational costs. On the other hand, ESG is a strategic approach that enhances performance and opens up new opportunities for growth. Goal-oriented companies with strong ESG profiles can outperform their peers. This demonstrates the strategic importance of integrating ESG.

Best Practices for Corporate Compliance with ESG Regulations

For corporations, it’s imperative to embrace the best ESG principles as they try to consolidate their footprint in India. Here, we have outlined the key steps to realize this goal.

Establishing ESG Committees

Specialized board-level committees go a long way in driving ESG integration within organizations. Establishing such a committee will help corporate entities create, implement, and monitor ESG initiatives, establish goals, ensure compliance, and monitor progress.

Evaluating ESG Risks

For any business, it’s crucial to identify and mitigate ESG risks. Businesses must carry out comprehensive risk assessments to identify risks, evaluate their impact, and come up with effective strategies for mitigation customized to the unique context of the organization.

Engaging Stakeholders

Effective ESG compliance requires an active engagement with stakeholders. Businesses should seek feedback and involve diverse stakeholders in their decision-making processes to boost transparency, trust, and accountability.

Compliance Requirements and Best Practices

With the ESG landscape evolving rapidly in India, businesses need to meet specific compliance requirements. Here’s an overview of the best practices to meet compliance requirements.
1. Mandatory CSR Spending
Companies that meet the necessary criteria are advised to allocate a part of their profits towards CSR activities. This demonstrates their commitment to social and environmental responsibility.
2. ESG Reporting
For top-listed companies, it’s imperative to publish Business Responsibility Reports to disclose their ESG performance as per the disclosure framework of SEBI. This will take them a step forward to promote accountability and transparency.
3. Adhering to Global Frameworks
Corporate firms must align ESG reporting with globally recognized frameworks like the Global Reporting Initiative (GRI). Besides boosting credibility, this facilitates global benchmarking.
It’s time to Pioneer Sustainable Corporate Practices

International brands striving to integrate themselves into the thriving corporate environment in India should adhere to the best ESG practices, respecting the standard regulations in the respective industries. This approach not only streamlines their path to contribute to a more sustainable future but also positions themselves for long-term success and gains the trust of stakeholders.

The IMC Group continues to be one of the most trusted global ESG Consulting firms. The professionals have been collaborating with foreign corporate firms expanding to India over the years, offering comprehensive assistance to ensure ESG compliance.

Mastering Due Diligence for Successful M&A Transactions

Merger and acquisition (M&A) transactions often turn out to be too complex, which justifies the need for due diligence. In this edition of our newsletter, we will explore why due diligence proves to be the cornerstone to mitigate business risks. Successful entities seek professional Mergers & Acquisitions Advisory in the UAE, discovering opportunities and fostering transparency between sellers and buyers.

Let’s find out how the transformative potential of due diligence can shape the trajectory of your M&A efforts.

What Makes Due Diligence Indispensible?

During mergers and acquisitions, due diligence serves as a compass for both the involved parties. It nurtures systematic investigation to identify potential risks, liabilities, and opportunities in the deal. A meticulous scrutiny of the different aspects of due diligence empowers stakeholders to make informed decisions. This fortifies the foundation of the newly configured business entity.

The Scope of Due Diligence during M&A Activities

The scope of due diligence is vast and calls for professional insights for a realistic assessment. The following parameters come within the ambit of due diligence.

1. Corporate

This involves evaluating the completeness, accuracy, and currency of filings, licenses, and registers. Often, the ultimate beneficial ownership and shareholders register necessary rectification pre-completion to prevent the buyer from inheriting any liabilities. In certain jurisdictions, evaluating corporate registries, including the onshore ones in the UAE may be challenging. However, ongoing efforts are being made to authenticate the accuracy of the records.

2. Related Party Contracts

The scope of due diligence involves examining the contracts with related parties. This helps in identifying undervalued agreements or cases where assets of profits may have been diverted from the target entity. Professional teams also consider director loans and discuss whether or not such agreements should persist post-completion.

3. Finance

Due diligence measures related to finance involve the evaluation of security over the target entity and indebtedness. This includes intra-group debt and any personal guarantees or related arrangements regarding debt facilities. This stringent scrutiny from experts helps in identifying repayments necessary to remove charges, where applicable. These are often identified through financial due diligence.

4. Commercial

Commercial due diligence involves an analysis of the key customer and supplier contracts of the target. This includes their terms and currency, with specific attention to agency or distributor arrangements in the UAE. This is due to the persisting challenges of termination due to the existence of local laws. Professionals also scrutinize contractual provisions that address risks related to change of control. Experts also provide necessary recommendations for the post-completion process.

5. Intellectual Property (IP)

This involves a comprehensive analysis of registered and unregistered intellectual properties and their ownership status. Due diligence teams also examine their dependency on third-party licenses. They make sure that employment contracts contain adequate IP provisions and measures for rectifying the same, like IP assignment documents.

6. Litigation

Due diligence for litigation scrutinizes the involvement of the target in recent litigation cases. Experts take a look at their status to evaluate associated risks. Accordingly, they recommend protective measures while dealing with transaction documents to mitigate the exposure of the buyer to latent liabilities arising from pre-acquisition litigation.

7. Employment

Employment is a crucial parameter of due diligence measures. It involves the assessment of contractual arrangements with employees and contractors. In the process, they examine compliance with statutory rights and obligations and identify potential loopholes. Professionals also provide recommendations for new employment contracts, particularly for senior management. They also examine whether key employees should continue working with the target company after the acquisition.
8. Property
This aspect of due diligence involves the scrutiny of properties leased or owned by the target entity. Scrutiny is carried out on lease expiration dates, terms, or any breach of contract.
9. Regulatory
Due diligence on regulatory norms includes the examination of the regulatory requirements of the target. This includes licenses and consents, which undergo thorough assessments. Due diligence teams also recommend necessary updates before or after the completion to fix potential issues.

Professional Due Diligence Services in the UAE

A robust legal counsel can significantly help business entities simplify the challenges during M&A transactions. Partnering with the IMC Group, known for its transaction advisory services in Dubai, brings professionalism and expertise to the table. This team of experts has a proven track record of facilitating cross-border and domestic corporate transactions.

Strategies for Holding Companies Amidst the Corporate Tax Landscape in the UAE

The UAE has set benchmarks in the global business environment, attracting global brands over the years. In the past, the absence of personal and corporate tax in the UAE made it a lucrative choice for investors. However, the Federal Tax Authority of the UAE has introduced Corporate Tax (CT) through Federal Decree-Law No. 47 of 2022, following which businesses and corporations need to shell out tax. This justifies why forward-thinking businesses are seeking professional support to understand 2024 UAE corporate tax guidelines and ensure compliance.

In this newsletter, let’s explore the prime aspects of the newly introduced corporate tax in the UAE and how it will affect Holding Companies.

What is a Holding Company?

A Holding Company may be a Limited Liability Company or a Joint Stock Company establishing its subsidiaries abroad or inside the State or controls existing entities by holding membership interests or shares. The company has control over the subsidiary firm’s management, thereby influencing their decisions.

Tax Implications for Holding Companies

The implications of the UAE Corporate Tax law on holding companies extend beyond compliance. They will impact the financial operations of Holding companies, from capital gains to dividend income. The CT law introduces new considerations for tax planning and optimization. For Holding Companies, it’s imperative to evaluate their streams of revenue and evaluate the impact of corporate tax on their bottom line.

Benefitting from Free Zones

For Holding Companies operating in the Free Zones in the UAE, there are unique strategies to reduce tax liabilities. Qualifying Free Zone Persons (QFZPs) may benefit from a 0% tax rate on their income. However, they need to fulfil certain criteria outlined by the Federal Tax Authority. In order to maximize tax efficiency, they should maintain adequate substance in the Free Zones and comply with regulations regarding transfer pricing.

Strategic Compliance with Participation Exemptions

Holding Companies should understand the conditions under which profits and dividends may be exempted from their taxation. With professional support, these companies can align their operations with the clauses mentioned in Article 22 of FD 47. This will significantly reduce their tax burden and boost their competitive advantage.

Enhancing Economic Substance

One of the prime determinants of tax compliance and efficiency for Holding Companies is to demonstrate adequate economic substance. For Free Zone entities, it is imperative to make sure that their core income-generating activities are conducted within the jurisdiction of the Free Zone. Thus, these businesses should employ adequate assets and staff to support their commercial operations. Adhering to Economic Substance Regulations (ESR) will help them maintain their tax residency status and avoid penalties.

Transfer Pricing Best Practices for Holding Companies

The Corporate Tax Law in the UAE comes with some provisions for transfer pricing. This involves a strategic approach to intragroup transactions for Holding Companies. Holding Companies should adhere to the arm’s length principles and document transfer pricing policies to mitigate the risk of audits. A proactive stance in reviewing their transactions is crucial, besides implementing robust pricing strategies to align with the regulatory norms.
Strategic Planning for Long-Term Success

The introduction of Corporate Tax in the UAE presents both challenges and opportunities for Holding Companies. With professional corporate tax advisory in Dubai from experienced teams, Holding Companies can position themselves for long-term success.

The IMC Group continues to be a trusted partner, specializing in corporate tax advisory. Foreign corporates and investors venturing into the UAE can seek personalized assistance and strategic advice tailored to their interests from this proficient group of experts.

Strengthening Indo-Singapore Bilateral Relations to Boost Trade

Singapore continues to be one of the sought-after international business destinations, attracting investments from all around the globe. In this edition, let’s take a look into the recent stride towards fostering robust trade ties and investments between the Indian government and Singapore.

Led by the Secretary of the Department for Promotion of Industry and Internal Trade (DPIIT), Rajesh Kumar Singh, the delegation was involved in a series of discussions and strategic engagements to strengthen bilateral cooperation.

The visit, which commenced on Monday, witnessed key government officials from India engaging in high-level dialogues with their Singaporean counterparts. This established the groundwork for better collaboration and investment inflows. The delegation was actively involved in investor roundtables, showcasing the vibrant economic landscape of India along with investment avenues across various industry verticals.

India-Singapore Trade Roundtable was one of the noteworthy events, focussing on the Food and Machinery Sector. It was jointly organized by the High Commission of India in Singapore and the Federation of Indian Chambers of Commerce & Industry (FICCI) in collaboration with the Singapore Business Federation. Besides facilitating dialogue, the involved parties discussed scopes of joint ventures, strategic partnerships between businesses in India and Singapore, and the transfer of technologies.

The primary objective of the delegation was to cordially invite investors and motivate them to explore the extensive investment potential in India. This is likely to mature into stronger trade relations between the two nations.

Discussions between Rajesh Kumar Singh and Beh Swan Gim, Singapore’s Trade and Industry Ministry Permanent Secretary revealed the mutual commitment to deepen cooperation across different sectors, thereby demonstrating the importance of bilateral ties.

The delegation also actively participated in Investors roundtable discussions focusing on Renewable Energy and Electronics and Semiconductors that were organized by Enterprise Singapore and Invest India. A session of constructive dialogues followed between the leaders representing both countries as they explored viable avenues to intensify investment collaborations. Thus, the potential for strategic ventures between Singapore and India is on the cards.

Currently, Singapore stands in the 8th position among the largest trade partners of India. In 2022-23, bilateral trade between these two countries reached a mammoth $35.59 billion. This marked a commendable growth of 18% over the previous fiscal year, as pointed out by the Indian High Commission in Singapore. The positive growth trajectory highlights the strong potential for further expansion and deepening of economic engagements between the two Asian countries.

With these developments, Singaporean entities would be looking for company formation in India and capitalize on the opportunities. The IMC Group continues to be a trusted partner for company formation for global businesses expanding across borders, offering professional counselling and assistance.

Boosting Compliance to Attract Investments in the UAE

The UAE has set benchmarks in the global business environment, being a preferred hub for investors. With a business-friendly regulatory framework, strategic location, progressive business strategies, and a thriving economy, the country attracts global investors. According to recent data, the UAE is placed in the third position among attractive emerging global economies. This speaks tons about its robust economic performance as the country recovered from post-pandemic challenges. Currently, hundreds of companies are seeking professional support for company formation in Dubai for foreign investors from established teams.

With a remarkable growth rate of 7.6% in 2022, the UAE stands out with its agility and resilience. This establishes its status as a dynamic economic hub in the Middle East. With a world-class infrastructure, including ports and airports, the country seamlessly facilitates business on a global scale.

The UAE revamped its company laws in 2020 as a strategic move to attract foreign investment. In most business sectors, the country allows 100% foreign ownership, although a few exceptions exist. These strategic reforms eliminated existing barriers for international investors, serving as a catalyst for market entry. The competitive business environment in the UAE now witnesses healthy competition between different sectors that were previously dominated by local entities.

Bilateral Trade Agreements to Foster Economic Diplomacy

The UAE has embraced a proactive stance towards global economic integration. It is carrying out a series of bilateral trade agreements with key partners worldwide. With these strategic partnerships, the country seeks to strengthen its investment inflow and trade volume. Eventually, this approach is laying the foundation for sustained economic collaboration.

Among noteworthy countries with which the UAE entered agreements are South Africa, Israel, India, and Turkey. Besides, it is participating in the CPTPP (Comprehensive and Progressive Agreement for Trans-Pacific Partnership), which marks its commitment to fostering mutually beneficial relationships on the international stage.

For instance, the Comprehensive Economic Partnership Agreement with India recorded a remarkable surge of 27.5% in bilateral trade within a year of its implementation. Besides, trade volume in the UAE soared to $599 billion (2.2 trillion dirhams) in 2022. This marks a robust 17% annual growth, spearheaded by strategic bilateral trade agreements across different sectors.

Economic Diversification and Technological Innovation

The UAE, in commemoration of its 50th anniversary, launched an ambitious agenda to foster economic diversification and innovation. Over the next decade, it has a targeted influx of $150 billion in foreign investments. The country has earmarked as many as 50 pioneering projects and initiatives in this context. These measures are diverse, ranging from streamlining visa regulations to fostering technological advancements and attracting talent in its key sectors.

Exploring Compliance Requirements and Regulatory in the UAE

While the UAE looks promising from a business perspective, organizations need to understand its regulatory norms for compliance. The dynamic regulatory landscape poses a challenge for investors as it undergoes legislative updates frequently. Particularly, SMEs with limited resources find themselves struggling due to the complex legal framework. In the end, every business aims to comply with the established norms to ensure transparency, and accountability, and to protect its stakeholders.

Particularly, the UAE has stringent norms under its Combating Financing of Terrorism (CFT) and Anti-Money Laundering (AML) laws. Therefore, foreign businesses expanding to the UAE need to adhere to mandates like meticulous record-keeping, comprehensive customer due diligence, and prompt reporting of suspicious transactions.

Empowering Labor Rights and Regulatory Oversight

In 2021, the UAE incorporated a number of reforms related to labor laws. Foreign businesses operating in the country need to adhere to the prescribed norms to combat issues like forced labor, discrimination, and harassment at worksites. These laws also secure certain privileges for employees such as maternity benefits, thereby fostering a more inclusive workforce. Notably, the Labor Market Regulatory Authority has been established in the UAE, which demonstrates the commitment of the country to empowering labor laws.
Balancing Innovation and Compliance to Attract Investors

As the UAE transforms into a focal point of innovation and entrepreneurship, businesses look forward to capitalizing on their growth opportunities. For foreign businesses expanding to the UAE, embracing a futuristic economic model is the need of the hour.

Thus, companies need to gain a comprehensive understanding of regulatory norms in the UAE and seek professional guidance to navigate the complex norms. Investing in local expertise is crucial along with strategic planning and execution of compliance strategies.

The IMC Group continues to be one of the leading business setup consultants in Dubai UAE. As businesses cruise along their path to growth and expansion, this team of experts remains steadfast in its commitment to empowering enterprises with strategic insights and tailored solutions.

This Is Why Due Diligence Matters during Mergers and Acquisitions

Do you know why forward-thinking businesses in the UAE seek professional due diligence services during mergers and acquisitions? Beyond a formal procedure, due diligence continues to be a vital step that determines the integrity of the merged business entity. This explains why successful businesses seek professional due diligence support, revealing the strengths and downsides of the company under consideration.

A stringent due diligence process points out the opportunities and risks, thereby facilitating negotiations for the best terms and pricing. Eventually, it fosters confidence and trust, both of which are vital for the involved parties. It creates a positive business environment that strengthens the bottom line of the company.

How To Identify Red Flags in The Due Diligence Process?

Identifying the common red flags is worth it when it comes to something as crucial as due diligence.

1. Financial Inconsistencies

Discrepancies between financial records or incomplete documentation may indicate poor accounting practices or even potential fraud. Unless addressed on time, it can jeopardise the accuracy of financial records. Professional due diligence service providers stringently scrutinize missing invoices, tax returns, and receipts. They might also detect inconsistencies between unaudited and audited accounts. All these point to poor accounting practices, misinterpretation, or fraud.

For instance, target companies tend to inflate their revenue or refrain from disclosing all their expenses. They might also hide debts and or portray themselves as more solvent or profitable than they really are.

2. Legal Issues

The target company may have legal liabilities like pending lawsuits, unresolved intellectual property disputes, or regulatory violations against its name. Unless due diligence is carried out before the merger or acquisition, it can tarnish its reputation and financial stability.

3. Operational Challenges

With professional due diligence services, issues like high employee turnover, low customer satisfaction, or outdated technology may come to the surface. All these issues indicate operational inefficiency that may hinder the long-term sustainability or competitiveness of the company.

4. Quality of Earnings

The actual financial performance of the company may be distorted by aggressive revenue recognition practices, non-recurring revenue, or improper accounting policies. This leads to misinformed valuation assessments.

5. Unstable Markets

In unstable markets, due diligence is crucial to identify pressing issues like declining market share, sales, stiff competition, or changing preferences of customers. This points to market disruption, saturation, erosion, or reduced opportunities for growth.

6. Dependency Issues

With due diligence services, companies can identify dependency issues like heavy reliance on a few supplies or customers. Particularly, if these relations are unfavourable or unstable, business continuity may be disrupted.

7. Stability of Management

Changes in management or key personnel after acquisition may disrupt operational continuity. This calls for a comprehensive assessment process of succession plans and the leadership pipeline.

8. Cultural Issues

Cultural discord may arise from mismatched goals and visions within the organization. During the merger or acquisition, this can lead to discord, which can be detected through professional due diligence services at the outset.

Professional Due Diligence Services for Successful Deals

Now that you know the red flags, let’s check out how due diligence from professional teams can help you take proactive measures for successful deals.
1. Thorough Examination
Working with a professional team for due diligence, it’s imperative to gain expert insights and evaluate the target company comprehensively. This fosters a realistic undersigning of its strengths and weaknesses.
2. Transparent Communication
Clear and transparent communication fosters trust and transparency. With the underlying information fully disclosed, the involved parties can mitigate the risk of conflicts and unpleasant surprises down the line.
3. Alignment of Interests
Once both parties carry out due diligence to identify their common objectives, they can negotiate beneficial terms mutually. This lays the foundation for a fair and equitable deal. Both the stakeholders involved enjoy optimal benefits.
4. Preparing for the Integration

Finally, professionals can guide you through the post-deal integration process. This allows the firms to consolidate their resources, processes, and cultures.

The IMC Group continues to be a trusted partner, offering professional vendor due diligence services. Having a competent team of experts on your side can streamline your M&A process significantly.

The Next Phase in GRC and Regulatory Risks: 10 Principal Areas of Focus for 2024

According to Thomson Reuters, in 2022, there were over 230 daily alerts for regulatory updates. This figure is unsurprising given the increasing regulatory focus on Operational Resilience, Artificial Intelligence (AI), Cyber Security, Data Privacy, and Environmental, Social, and Governance (ESG) criteria.

In 2023, significant cyber security and digital operational resilience policies took shape in the U.S. and the European Union, establishing a benchmark for other areas. This trend of regulatory development observed in 2023 is expected to persist and intensify in 2024.

What can we anticipate for 2024, and what preparations are necessary? Below are ten critical regulations and areas of emphasis on our radar.

1. Regulatory Attention on AI

The recent increased regulatory analysis on artificial intelligence (AI) is understandable, given the rapid expansion of AI and generative AI (GenAI) use across multiple sectors. This focus is anticipated to persist into 2024 and onwards.

In January 2023, the National Institute of Standards and Technology (NIST) unveiled the NIST AI Risk Management Framework (AI RMF 1.0). Its goal is to enhance the integration of trustworthiness in the design, development, deployment, and assessment of AI products, services, and systems. Furthermore, a significant move by the White House involved issuing an Executive Order to ensure the safe and trustworthy creation and application of AI.

The European Union is actively working towards AI regulation as well. In December 2023, EU representatives agreed provisionally on extensive rules for the secure and reliable application of AI. A BBC report indicates that the EU Parliament is slated to vote on these AI Act proposals within the year, with the laws expected to be implemented by 2025. Other countries, including China, Canada, Brazil, South Korea, Singapore, the UK, and the UAE, are at different stages of implementing AI-specific regulations, poised for adoption shortly.

As AI technology advances and finds new applications within the Governance, Risk Management, and Compliance (GRC) sector, these regulations are also anticipated to advance and adapt with technological progress.

2. SEC Cyber Security Regulations

In today’s digital age, cyber threats pose one of the most significant risks to organizations, with the advent of AI technology further escalating the potential for cybercrimes through its availability for executing large-scale attacks. Regulatory bodies are diligently working to ensure that companies adopt adequate security measures to safeguard their assets and the interests of stakeholders.

In July 2023, the U.S. Securities and Exchange Commission (SEC) introduced the Cyber Security Risk Management, Strategy, Governance, and Incident Disclosure rules for public companies. These regulations mandate that:

Companies establish a comprehensive incident response mechanism, including immediate reporting to the SEC. Companies regularly disclose the cyber security expertise of their board members and senior management and the cyber security risk management practices they have adopted. For risk management, strategy, and governance disclosures, public companies must start including this information in their annual reports for fiscal years ending after December 15, 2023.

3. Cyber Security Maturity Model Certification (CMMC)

The Cyber Security Maturity Model Certification (CMMC), created by the U.S. Department of Defense, represents another significant cyber security standard and certification framework. It aims to ensure the secure handling of sensitive, yet unclassified information shared between the Department and its contractors and subcontractors.

This year, anticipation grows for the final rule of CMMC. In 2023, the proposed revision, CMMC 2.0, was forwarded to the Office of Information and Regulatory Affairs (OIRA) at the White House for evaluation. This updated version offers a robust scheme to safeguard the defense industrial base’s (DIB) critical unclassified data against sophisticated cyber threats. Expected modifications in the final rule are set to streamline the compliance process, lower the costs associated with assessments, and boost accountability, among other improvements.

4. NIST Cyber Security Framework (NIST CSF)

Beyond regulatory mandates, standard-setting entities also provide guidelines and frameworks to aid organizations in effectively managing cyber security threats. The NIST Cyber Security Framework stands out as a tool that organizations highly adopt. Initially released in 2014, this framework offers “a framework that can be utilized by organizations, regulatory authorities, and customers to establish, guide, evaluate, or enhance comprehensive cyber security strategies.”

The National Institute of Standards and Technology (NIST) unveiled a revised version of the framework for public feedback in the second half of 2023. This updated draft, or Framework 2.0, is designed to “mirror the evolving cyber security environment and streamline the application of the CSF across various organizations.” The NIST has announced that the definitive edition of CSF 2.0 is slated for release in early 2024.

5. Cyber Security Mandates for the Financial Industry

The financial industry, a prime target for cyber threats due to its significant data and monetary assets, is under increased regulatory scrutiny.

The New York Department of Financial Services (NYDFS) has updated its pioneering Cyber Security Regulation as of November 2023, initially established in 2017. This regulation mandates that entities under its jurisdiction, such as banks, insurance firms, and various financial services providers, implement robust cyber risk management and governance practices. This includes establishing a comprehensive cyber security program to safeguard consumer data, drafting detailed policies, appointing a Chief Information Security Officer (CISO) for data and system security, and enforcing strong controls.

The revised regulations introduce stricter governance protocols, more frequent risk evaluations, enhanced safeguards against unauthorized system access, improved incident reporting procedures, and more. These changes underscore the importance for organizations to closely monitor the evolving NYDFS Cyber Security Regulation, which is likely to influence similar standards across other regions.

Entities governed by these regulations must ensure compliance by April 29, 2024.

6. Data Protection

The safeguarding of Personally Identifiable Information (PII) remains a critical concern for regulatory bodies around the globe.

In the United States, the implementation of the new California Consumer Privacy Act (CCPA) regulations has been postponed to March 29, 2024. The California Privacy Rights Act (CPRA), approved by California voters in 2020, has revised the CCPA, introducing enhanced privacy measures. It sets new benchmarks for collecting, storing, and utilising consumer data and introduces “additional responsibilities for handling personal information, including enabling consumers to opt out of their data being shared.”

The CPRA also led to the formation of the California Privacy Protection Agency (CPPA), tasked with the law’s implementation and enforcement starting July 1, 2022. However, enforcement was scheduled to begin on July 1, 2023. Nevertheless, the agency only finalized its initial regulations under the CPRA by March 29, 2023.

Following this delay, a California court extended the deadline for enforcing these new rules by a year. However, legislative amendments under the CCPA were activated on January 1, 2023, and are currently effective.

In November 2023, the CPPA proposed a novel regulatory scheme for “automated decision-making technology” (ADMT), establishing necessary safeguards for how businesses employ these technologies. Additionally, the agency has released updated draft regulations concerning risk assessments and cyber security audits.

7. Focus on Operational Resilience

The attention and measures regarding operational resilience in the financial industry continue to escalate. In the United Kingdom, the Bank of England, the Financial Conduct Authority, and the Prudential Regulation Authority have collaboratively issued a consultation document titled “Operational resilience: Critical third parties to the UK financial sector (PRA CP26/23 and FCA CP23/30)” in the previous month. The final date for submitting feedback is set for March 15, 2024. Furthermore, these regulatory bodies plan to propose a joint policy statement on applying their enforcement powers on essential third-party service providers.

In the EU, the Digital Operational Resilience Act (DORA) is designed to bolster the management of information and communications technology (ICT) and digital risks, especially regarding third-party involvements, thereby enhancing digital operational resilience within the region’s financial sector. It mandates a comprehensive set of requirements covering areas such as a risk management framework, handling and reporting incidents, and implementing a digital operational resilience testing program, among other aspects. Passed by the European Parliament in November 2022, the act sets a compliance deadline of January 17, 2025, for regulated bodies. This initiates a critical one-year period for financial sector entities to align with DORA’s stipulations.

As operational resilience becomes increasingly crucial across various sectors, DORA is a pivotal regulation, signalling a potential trend for similar initiatives to be adopted by other sectoral and federal regulatory bodies. In September 2023, the UK’s Department for Science, Innovation and Technology issued a legal document to modify the term ‘fundamental rights and freedoms’ in the data protection laws. This revision aims to align the language with rights acknowledged by UK legislation, moving away from the rights preserved under EU law. Should the UK Parliament endorse this change, it is anticipated to be enacted at the beginning of 2024.

8. The Gramm-Leach-Bliley Act

The Gramm-Leach-Bliley Act (GLBA) is a crucial regulation aimed at safeguarding consumer financial privacy by mandating that financial institutions disclose their practices regarding information sharing with their customers and protect sensitive information.

In a significant update in October 2023, two decades following the initial implementation of the GLBA Safeguards Rule, the Federal Trade Commission (FTC) revised this rule. The revision stipulates that non-bank financial companies must inform the FTC about data breaches impacting at least 500 consumers. These notifications must be made to the agency as swiftly as possible, 30 days after the breach is discovered.

This updated regulation is scheduled to be enforced 180 days following its announcement in the Federal Register, with expectations pointing towards a 2024 enactment.

9. Payment Card Industry Data Security Standard (PCI DSS) Compliance

The Payment Card Industry Data Security Standard (PCI DSS) is a crucial benchmark for safeguarding cardholder information. This internationally acknowledged framework is essential for entities that handle, process, or transmit cardholder information, offering detailed technical and procedural guidelines to ensure data protection.

The newest iteration, PCI DSS version 4.0, is set to be enforced starting March 31, 2024. This version, released by the PCI Security Standards Council in March 2022, provides a two-year window for organizations to adapt to and incorporate the revisions.

As stated in the official announcement, the update to version 4.0 from 3.2.1 is designed to counteract evolving security threats and leverage new technologies for enhanced threat mitigation.

Discover the journey with Corporater to achieve and maintain PCI DSS compliance.

10. Equity and Environmental Sustainability

The commitment to diversity, equity, inclusion (DEI), and environmental sustainability is becoming increasingly critical for businesses and regulatory bodies worldwide. Notably, 22 states adjusted their minimum wage rates in the United States at the start of 2024. Moreover, anticipated in April is the Department of Labor’s (DOL) finalisation of amendments to regulations concerning exemptions from the Fair Labor Standards Act’s (FLSA) overtime and minimum wage mandates for certain salaried employees.

Additionally, a new DOL rule came into effect at the beginning of 2024, mandating businesses with 100 or more workers in specific high-risk sectors to electronically report incidents of injury and illness to the Occupational Safety and Health Administration (OSHA).

In Europe, the European Parliament endorsed the Corporate Sustainability Reporting Directive (CSRD) in November 2022. This directive mandates member states to adopt enhanced sustainability reporting standards within 18 months, aiming to improve transparency and decision-making regarding sustainability for investors and stakeholders. This directive emphasizes the need for large corporations and publicly traded small and medium-sized enterprises (SMEs) to disclose information on various sustainability aspects, including environmental, social, human rights, and governance issues, as noted by the European Council.

The directive’s enforcement will be phased in from 2024 to 2028, starting with entities already under the non-financial reporting directive (NFRD) reporting in 2025 for the 2024 fiscal year.

Here are a few important rules businesses should keep an eye on this year. Companies need a simple, smart, and tech-based way to handle compliance to keep up with the quick changes in rules and regulations. This method helps them stay updated with new regulations, cut down costs, and have a clearer view of their compliance situation. IMC Compliance Management makes it easier for companies to start and stick to their compliance plans, making sure they follow the necessary rules and standards.

Thus, IMC, an implementation partner of Corporater, helps assist in GRC solutions. Corporater is a global software company that enables medium and large organizations worldwide to manage their business with integrated solutions for GRC built on a single platform. Find out how IMC can make your compliance efforts better – book a demo tailored just for you today!

The Art of Building a Thriving Company Culture
We recognize the paramount importance of cultivating a vibrant company culture that not only supports but also nurtures our employees. We firmly believe that a thriving culture is the cornerstone of our success—a distinct and enduring competitive advantage. Throughout our journey, we have witnessed firsthand how investments in our employees’ well-being translate into overall organizational prosperity. Leveraging our years of experience in shaping and enhancing company culture, we are excited to share our insights with you through this eBook.
The Art of Building Company Culture

The Art of Building Company Culture” is designed to equip you with key strategies and insights for creating a positive workplace environment. It underscores the pivotal role of HR in fostering a culture that drives success. To access the eBook and embark on your journey toward building a thriving company culture, simply fill out the form below. We look forward to supporting you every step of the way.

Please complete your details below to download:

UAE Corporate Tax

The Cabinet Decision No.10 of 2024, which came into effect on March 1, 2024, has been announced. The Federal Tax Authority (FTA) has outlined important dates for corporate tax registration, and it’s crucial to act swiftly. If you miss the deadline, you could be facing an AED 10,000 ($2700.00) fine.

The first deadline for juridical persons is May 31, 2024. This is part of the new tax rules from the FTA, reflecting the Corporate Taxation Law that kicked in last June, affecting all financial periods starting from then.

For any businesses commenced before March 1, 2024, you need to register for corporate tax by the dates mentioned below. And if you’re a new business by March 1, 2024, you have three months to register.

Staying on top of these rules is key.
Month of Licence issuance irrespective of year of issuance Deadline to apply for Corporate Tax Registration
1 January – 31 January 31 May 2024
1 February – 28/29 February 31 May 2024
1 March – 31 March 30 June 2024
1 April – 30 April 30 June 2024
1 May – 31 May 31 July 2024
1 June – 30 June 31 August 2024
1 July – 31 July 30 September 2024
1 August – 31 August 31 October 2024
1 September – 30 September 31 October 2024
1 October – 31 October 30 November 2024
1 November – 30 November 30 November 2024
1 December – 31 December 31 December 2024
Companies often struggle to keep up with changing tax regulations. At IMC, our experienced team is committed to helping in-house tax departments smoothly navigate the new corporate tax (CT) landscape with our Corporate Tax Advisory in UAE. Our tax experts conduct tax impact assessments, examine transfer pricing, review cross-border transactions, and develop operational strategies for businesses throughout the UAE.
Ready for Tax Success?

IMC is your go-to expert for Corporate Tax in the U.A.E. We’re dedicated to assisting you in keeping up with tax regulations so you can focus on growing your business. IMC Group believes in empowering businesses with the knowledge and tools they need for complete tax compliance.

Trust us to guide you through these changes with ease and confidence.

Remember, it’s not just about avoiding fines – it’s about ensuring your business thrives under the new tax laws. Let IMC help you get there.

Your Vision, Our Mission.
Let's Discuss.

A Member Firm of Andersen Global