Search and find what you need faster.

Dominic Holden explores the Home Office consultation on ransomware payments, in Law360

Posted on: April 10th, 2025 by Natasha Cox

Director Dominic Holden examines the recent Home Office consultation on cyber attacks and banning ransom payments by public bodies and critical infrastructure operators, and discusses the potential impact of such reforms on SMEs, in Law360.

Dominic’s article was published in Law360, 9 April 2025. 

On 14 January 2025, the Home Office opened a consultation on proposals to ban ransom payments by publicly owned bodies and operators of critical national infrastructure that have or may have suffered a ransomware attack[1]. The consultation runs until 8 April 2025, and the government seeks input from potential compliance stakeholders, industry, research, and the public.

The overall aim is to tackle the multi-billion-pound cybercrime industry, and the specific objective is potentially to make vital infrastructure like hospitals and the National Grid an unattractive prospect for hackers.

Yet, these proposals are not without their flaws.

The below article examines these plans, explores the development of the ransomware industry, and discusses how such reforms could impact UK businesses.

What is ransomware?

Ransomware is a type of malware that attempts to unlawfully encrypt files on a host computer system. Once infected, critical IT networks can become crippled and inoperable. The hacker then promises to provide the key to unlock the files in return for money, typically in cryptocurrency.

These attacks can be particularly harmful due to the associated financial losses, theft of potentially sensitive data and intellectual property, as well as significant business/service disruption and reputational damage.

Growing threats

One of the key triggers for this consultation exercise appears to have been the Synovis ransomware attack in June last year, which caused severe damage to the NHS with the postponement of over 10,000 outpatient appointments and around 1,700 elective procedures in London.[2]

Ransomware attacks are a growing threat. Over a period of twelve months which ended in August 2024, the UK’s National Cyber Security Centre’s (NCSC) became involved in managing 430 cyber incidents including 13 separate ransomware incidents which were “deemed to be nationally significant and posed serious harm to essential services or the wider economy”. According to the National Crime Agency, the number of UK victims appearing on ransomware data leak sites has also doubled since 2022[3].

As a result, ransomware is viewed by the National Crime Agency as one of the most serious organised cybercrime threats to the UK’s national security.

These attacks have now become highly profitable. In 2024, one study revealed that UK respondents paid an average of £870,000 with two organisations admitting to paying £10m-£20m in ransoms[4]. According to Sophos (which specialises in endpoint security), the median global ransomware payment made by victims over the past couple of years has also increased by 400% up from $400,000 to $2 million. Meanwhile the recovery costs to victims of a ransomware attack have also increased from $1.82 million to $2.73 million – a rise of around 50%[5].

Whether the ransom is paid or not, regulators and customers will very likely need to be notified of the attack under existing legislation, leading to the threat of an investigation, fines, claims and significant damage to an organisation’s reputation as their customers and suppliers learn of the attack.

The question of how to meet this threat faces governments across the globe.

Exploring the Home Office proposals

Banning ransomware payments

The idea of banning ransomware payment by certain organisations could be an effective deterrent to reduce ransomware attacks, with hackers looking elsewhere – hopefully overseas – for easier pickings that are permitted to pay out. The policy would follow the long-standing principle of the UK Government not to pay ransoms for its citizens taken hostage by terrorists.

However, a ban could be damaging to businesses. Paying a ransom can often be the fastest and most cost-effective way for an organisation to recover from these attacks.

The alternative to non-payment is trying to reset and restore an organisation’s system from backup (assuming regular backups exist) and a potentially catastrophic data loss. The business disruption that follows can be ruinous, both financially and reputationally.

According to Veeam’s 2024 Ransomware Trends Report, 96% of security professionals surveyed said that their backup repositories had been targeted, while a mere 15% were able to recover their data without paying a ransom[6].

That said, paying a ransom can be a risky business. The same report found that 27% of those organisations who had paid the ransom, were still unable to recover their data. In other words, while paying up might seem to offer a quick solution, there is no guarantee that it will resolve the problem.

‘Double dipping’ poses a further risk for victims. In such cases, a ransom is paid only for a further attack to follow a few days later. Or, even worse, an additional ransom is demanded to avoid the hacker publishing the compromised data or selling the information to the highest bidder.

This poses the question of whether the Government’s proposed limited ban goes far enough.

The focus on publicly owned bodies and operators of critical national infrastructure is a good start, given the obvious disruption that stems from the paralysis of these organisations. However, the policy risks hackers moving their attention away from these organisations, focusing their efforts on private companies who would still be permitted to pay a ransom. This could be particularly devastating for SMEs – which make up around 99.9% of the UK economy, but who lack the resources to mount an effective defence against, and response to, a ransomware attack[7].

A limited ban is not the only measure under consideration.

Reporting of all ransomware attacks

The mandatory reporting of all ransomware attacks by companies that meet a certain threshold is also proposed. This proposal is similar to that which has already been proposed in the Cyber Security and Resilience Bill, which is due to be put to Parliament this year.

The purpose of the reporting is to assist law enforcement agencies by giving them a better understanding of the scale and nature of attacks, in order to identify patterns and improve responses to such attacks, and stop them from spreading.

This would appear to be an obvious ‘win’. The more up-to-date information available, the better the future decision-making on how to combat the threat.

The question which then arises, however, is whether the Government will properly resource the authorities who will receive this data, to allow them to take effective steps to respond.

Decision to pay a ransom

Finally, the Home Office proposes that the decision to pay a ransom could be left to the authorities.

The idea of the authorities needing to approve (or not) the payment of ransoms, is likely to be unworkable. It assumes a level of dynamism and responsiveness from Government authorities that is unlikely to be achieved in practice. Taking this decision out of the hands of those who know the organisation and the data at risk best, would seem to be ill-advised.

It also remains to be seen how the Government proposes to enforce legislation against the payment of ransoms. Criminalising the victims of a ransomware attack for making a ransom payment would seem to be unduly punitive given that these organisations are the innocent parties in this situation.

The Government may consider substantial fines to be a more appropriate sanction in line with current legislation around data, such as the UK General Data Protection Regulation/Data Protection Act 2018.

Conclusion

It is clear that the time has come for decisive action to be taken in the battle against ransomware attacks, and the Home Office’s initial focus on critical infrastructure and the public sector is a welcome first step.

However, the consultation is light on detail as to the how the Government intends to enforce compliance, and around the resources that will be available to ensure the reporting of ransomware attacks informs an effective strategy to prevent these attacks from occurring and spreading.

If a limited ban on ransom payments is introduced, it is incumbent on the Government to ensure that support will be provided to soften the increased business interruption that will invariably follow in the private sector.

While these proposals rumble throughout Westminster, there are still steps businesses can take to improve their chances of avoiding an attack, or ensure they are able effectively to deal with one when it comes.

Training staff to identify potential ransomware and other cyber-attacks along with regular system checks, backups and patching, can be essential in mitigating against these threats. Cyber insurance can also provide valuable support and resources to deal with the consequences of an attack, along with a robust incident response plan which deals with how the business can operate in the face of a ransomware event.

For more information on our services relating to technology disputes, please see here

[1]                 https://www.gov.uk/government/news/world-leading-proposals-to-protect-businesses-from-cybercrime

[2]                  https://www.england.nhs.uk/london/synnovis-ransomware-cyber-attack/latest-media-statement-on-synnovis-cyber-attack/#:~:text=As%20a%20result%20of%20the,St%20Thomas’%20NHS%20Foundation%20Trust.

[3]                  https://www.gov.uk/government/news/world-leading-proposals-to-protect-businesses-from-cybercrime#:~:text=The%20NCSC%20managed%20430%20cyber,services%20or%20the%20wider%20economy.

[4]                 Over Half of Breached UK Firms Pay Ransom – Infosecurity Magazine

[5]                  https://assets.sophos.com/X24WTUEQ/at/9brgj5n44hqvgsp5f5bqcps/sophos-state-of-ransomware-2024-wp.pdf

[6]                  https://www.primesys.co.uk/wp-content/uploads/2024/10/Veeam-2024-ransomware-trends-report.pdf

[7]                  https://www.gov.uk/government/statistics/business-population-estimates-2023/business-population-estimates-for-the-uk-and-regions-2023-statistical-release

Dominic Holden discusses encryption in The Times

Posted on: March 6th, 2025 by Natasha Cox

Director Dominic Holden explores the recent dispute between Apple and the Home Office over the use of end-to-end encryption and potential backdoors into user data, in The Times.

Dominic’s article was published in The Times, 6 March 2025, and can be found here. 

Apple refuses to open the backdoor, but at what cost?

The Home Office’s demand for Apple to provide them with a ‘backdoor’, allowing access to users’ encrypted data, has been met by simple refusal by Apple. In protest, the tech giant instead opted to entirely withdraw from UK users the ability to protect their data using Apple’s most advanced encryption feature.

End-to-end encryption is double-edged – and the arguments on both sides are compelling.

On the one hand, it allows users to better protect their private data from hackers and other prying eyes. On the other, it can allow criminals to avoid law enforcement’s digital surveillance. It can also be a minefield for prosecution lawyers hampering their ability to obtain disclosure of the documents they need to build a case against terrorists and others who have threatened national security.

Like many tech companies, Apple faces a dilemma. It must respect the laws of the jurisdiction in which it operates. However, security and privacy are at the heart of its offering. Kowtowing to the UK government, risks opening the floodgates to other governments making similar demands in spite of Apple’s privacy commitments to its customers.

As this debate rages on, it remains to be seen whether Apple’s solution sufficiently placates the UK Government, or whether the next round will involve a demand that a backdoor is provided for all data.

The creation of a backdoor is, by its very nature, a risk. It creates a vulnerability which could be exploited by hackers. It is perhaps for this reason that Apple has made this decision – either you have encryption (with no backdoor), or you don’t have encryption at all.

This approach, however, misses a nuance.

Permitting users to encrypt their data is an effective tool against hackers and will ward off the vast majority of opportunistic hackers. Although creating a backdoor may create a vulnerability for the most sophisticated of hackers to exploit, this must surely be a better option than a blanket removal of such a powerful weapon users have at their disposal?

Understandably, many will bristle at the idea of the Government being able to gain access to their encrypted data. However, given that we do not live in a police state and the vast majority of us are not up to no good, a backdoor could help to keep the public safe – provided that there is robust, considered legislation and supervision from the English Courts.

For now, Apple users should take stock of their data and consider that which they would most regret falling into the hands of a hacker. There are still, after all, many (non-Apple) services available that allow for the secure storage and transmission of your data.

For more information on our data privacy and data protection services, please click here

 

Dominic Holden comments on Apple’s end-to-end encryption in TechRound

Posted on: February 27th, 2025 by Natasha Cox

Director Dominic Holden comments on the news that Apple is set to withdraw its Advanced Data Protection feature from the UK, following a dispute with the Home Office over end-to-end encryption and enabling government access to user data. 

Dominic’s comments were published in TechRound, 26 February 2025, and can be found here.

Dominic’s comments are replicated below:

“Balancing privacy rights with the needs of national security is a tightrope that tech companies walk daily. In this case, it appears Apple have begun to teeter.

“End-to-end encryption allows users to more effectively secure their data and better protect it from hackers and other bad actors. However, it can also allow criminals to plot and conduct illicit activity.

“Aside from whether the public trust that a back door such as this will not be misused by the government, the danger of a back door is that it also creates a vulnerability which a hacker may be able to exploit.

“Apple’s decision to withdraw UK user’s ability to encrypt data removes an effective weapon to protect against hacking, whilst hackers and other bad actors will likely migrate to alternative encrypted services that the government cannot access.”

For more information on our cyber security services, please click here.

 

Dominic Holden explores cybersecurity for SMEs in Thomson Reuters Regulatory Intelligence

Posted on: February 24th, 2025 by Hugh Dineen-Lees

Director Dominic Holden explores the increasingly important role of cyber insurance for SMEs, and discusses how businesses can best ensure they are protected from cyberattacks, data breaches and hacking.

Dominic’s article was published in Thomson Reuters Regulatory Intelligence, 21 February 2025, and can be found here:

Cybersecurity_ a blind spot for SMEs – [regintel-content.thomsonreute

 

 

Dominic Holden comments on DeepSeek and data protection in The Lawyer

Posted on: January 29th, 2025 by Hugh Dineen-Lees

With Chinese AI platform DeepSeek rapidly becoming the most downloaded free app in the UK and the US, Director Dominic Holden comments on the potential cybersecurity and data protection concerns, in The Lawyer.

Dominic’s comments were published in The Lawyer, 28 January 2025, and can be found here.

“DeepSeek’s privacy policy makes clear that they will collect your personal data, use it for a broad range of purposes and store it in China. This data is very valuable especially when provided at scale by thousands of users. The same concerns which gave rise to the proposed TikTok ban seem to apply here.

“With China’s national security laws obliging Chinese firms to share data with government agencies, users cannot know what will ultimately become of their data or how it might be used. Great care should be taken by users in deciding what to share with the platform.”

Dominic Holden comments on the potential cybersecurity risks surrounding RedNote and TikTok, in Yahoo! News

Posted on: January 15th, 2025 by Natasha Cox

Director Dominic Holden comments on the potential cybersecurity and data protection risks of downloading RedNote, the social media platform which users are downloading before the potential US TikTok ban, in Yahoo! News.

Dominic’s comments were published in Yahoo! News, 14 January 2025, and can be found here

“Like TikTok, RedNote is owned by a Chinese company which potentially raises the same privacy and data concerns that led to TikTok’s possible ban. 

“Whilst the app itself does not appear to be dangerous, users concerned about their data privacy and how their data is to be used by RedNote, may be slow to adopt it until more is known

“There is also the further risk that as RedNote gains popularity, as a Chinese-owned company, it too may need to deal with the same regulatory issues TikTok has faced. Failure to do so could result in a future ban or legal action against RedNote.”

For more information on our technology disputes practice please click here

Abtin Yeganeh comments on the Renters’ Rights Bill capping up-front payments for renters

Posted on: January 13th, 2025 by Natasha Cox

Director and Head of Property Litigation Abtin Yeganeh comments on a new provision of the Renters’ Rights Bill making it illegal to ask tenants to pay more than one month’s rent plus a six-week deposit up front.

Abtin’s comments were published in Metro, 10 January 2025, and can be found here.

Will the new legislation work?

So, why have landlords been allowed to ask for such vast amounts upfront until now?

As Abtin Yeganeh, Director and Head of Real Estate Disputes at Lawrence Stephens tells Metro, landlords often use these hefty deposits for peace of mind when, for example, tenants might not have a UK-based guarantor.

‘In order to tackle issues of bad credit and/or renting to overseas individuals, landlords often seek rent in advance as additional financial security. This can amount to six months’ rent in advance,’ Abtin details.

But as he believes, we’ll have to wait and see how it pans out – and whether landlords listen to the details of enforcement.

‘The outcome of these reforms is that tenants should, in theory, have more options when it comes to securing rental properties as they will not have to compete with prospective tenants who can pay a lump sum in advance. 

‘However, given that landlords have a choice as to who they want to take on as a tenant, it remains to be seen whether the proposed changes have the desired effect.’

For more information on our Real Estate Disputes services, please click here

Lawrence Stephens expands its Real Estate Disputes team with appointment of Senior Associate Roberto Francis

Posted on: January 6th, 2025 by Natasha Cox

Leading dispute resolution firm, Lawrence Stephens, is pleased to announce the appointment of Roberto Francis as Senior Associate to its Real Estate Disputes team.

Roberto joins the firm with extensive experience acting for bridging and alternative lenders with a primary focus on secured and unsecured recoveries, which includes but is not limited to possession claims, receivership, insolvency and professional negligence.

Head of Real Estate Disputes, Abtin Yeganeh said “We’re delighted to welcome Roberto to our team. We’re certain that the breadth of his experience will enhance our service offering and enable us to continue delivering commercially focused, marketing-leading legal advice.”

Lawrence Stephens prepares source of funds reports for property bought at auction using crypto assets

Posted on: December 16th, 2024 by Natasha Cox

Despite cyptocurrencies becoming more mainstream, recent commentary suggests that investors are still finding it hard to utilise these to purchase property in the UK. A recent Financial Times article highlighted the low appetite for sellers to accept cryptocurrencies. As a result, if purchasers want to use their crypto investments towards a property purchase, this usually involves converting the cryptocurrency into traditional or fiat currency – legal tender established by government regulation.

Much of the reluctance to accept funds derived from  the disposal of cryptocurrency comes from its well-publicised association with criminal activity, in particular money laundering. Law firms have obligations imposed by the SRA in relation to checking sources of wealth and sources of funds for anti-money laundering (AML) purposes. Solicitors have a legal duty to ensure that any, and all, funds used within a property transaction have come from a legitimate source. They must therefore establish the original source of the funds, not the mere availability of funds in a bank account.

Establishing the legitimacy of funds generated through cryptoasset activity requires the instruction of an expert who is able to carry out a full report on the crypto proceeds being used. The content of this report includes documenting and reporting of the cryptoasset activity, including the initial ‘on-ramp’ into crypto (i.e. the exchange of traditional fiat money into cryptoassets), the purchase of cryptoassets, and the subsequent cryptoasset activity to the ultimate liquidation and ‘off-ramp’ from cryptoassets back into traditional fiat money which was then being used to make the purchase. This report can then form the basis on which the conveyancer can make a judgment as to whether it is safe to proceed with the proposed transaction.

There are currently few law firms with the required expertise to produce such reports. Buyers wishing to use crypto assets for property purchases should be especially aware of the need to establish legal source of funds when buying property at auction.

The Lawrence Stephens’ team was recently called in at short notice to assist a client who had purchased a property for £210,000 at auction. He had intended to fund the purchase by utilising proceeds mainly generated through investing and trading on cryptoassets. Our client had instructed solicitors in relation to the purchase. However, just two days before the notice to complete was due to expire, the client was informed that they did not have the necessary expertise and could not provide the required report on the source of funds coming by way of crypto. At this late stage, he was at risk of losing his 10% deposit.

The Lawrence Stephens’ team – comprised of Asim Arshad and Gunduz Misiri – were able to take on the instructions and were able to extend the notice to complete by three days. This gave the team enough time to complete a full crypto source of funds report to verify the funds coming by way of crypto and intended to be utilised for the purchase. We were pleased to effect the completion of the purchase within the agreed upon extended time.

 

Lawrence Stephens appoints litigation and commercial fraud specialist Dominic Holden

Posted on: November 12th, 2024 by Natasha Cox

Leading full-service law firm Lawrence Stephens is pleased to announce the appointment of dispute resolution specialist Dominic Holden, who joins as a Director in its Dispute Resolution department.

News of Dominic’s appointment was published in Commercial Dispute Resolution here and The Legal Diary here

Dominic specialises in substantial civil fraud claims, as well as complex data and hacking claims and multi-national, investigatory, enforcement and asset tracing work.

Prior to joining Lawrence Stephens, Dominic was Head of Litigation at Burlingtons in Mayfair.

Dominic advises on a broad range of commercial disputes and has particular expertise in matters involving complex and cross-border elements. Notable highlights include acting for aviation magnate Farhad Azima in his long-running and high-profile litigation against Ras-Al Khaimah’s sovereign wealth fund and its advisers, international law firm Dechert LLP and former partner Neil Gerrard.

Dominic also advises on breach of trust, professional negligence, contentious insolvency and director, shareholder and/or partnership disputes.

With a wealth of experience in litigation and disputes, Dominic’s appointment reflects the continued and exciting growth of Lawrence Stephens in recent years, while bolstering both the firm’s existing Dispute Resolution offering and cross-practice expertise.

Commenting on his appointment, Dominic said: “I am excited to begin the next chapter of my career with Lawrence Stephens. It is a pleasure to be working alongside a dynamic team of leading practitioners across a range of sectors, helping clients to navigate a range of high-profile and complex international disputes.”

Lawrence Kelly, Director in the Dispute Resolution department at Lawrence Stephens, commented: “We are delighted to welcome Dominic to the Lawrence Stephens team. His experience and tenacity complement our Dispute Resolution offering and broaden our cross-departmental expertise – allowing us to continue to offer our clients bespoke and integrated legal advice.”

Matt Green, Director and Head of Blockchain and Digital Assets and Technology Disputes at Lawrence Stephens, commented: “Dominic is a truly first-class litigator with a wealth of experience in technology disputes including litigation relating to hacking and data issues, I look forward to working with Dominic closely on a range of technology related matters at Lawrence Stephens.”

Abtin Yeganeh comments on landlord-imposed work from home bans in The Independent

Posted on: July 8th, 2024 by Natasha Cox

Senior Associate, Abtin Yeganeh, comments on landlords banning their tenants from working from home, as well as tenants’ protections in this area, in The Independent.

Abtin’s comments were published in The Independent, 07 July 2024.

“As a general rule, a landlord cannot stop a tenant from working from home as it would interfere with a tenant’s statutory right to quiet enjoyment of their property. The position is somewhat more complicated where a tenant seeks to run a business from their rental property. With that said, whilst landlords can seek to exclude a tenant’s right to work from home, The Small Business Enterprise and Employment Act 2015 (subject to several exclusions) provides that landlords cannot unreasonably refuse a tenant’s request to do so.”  

Crypto assets for businesses

Posted on: November 1st, 2023 by AlexT

The business landscape is continually evolving, with technology being a major catalyst for fostering progress, increasing capabilities, and maintaining a competitive edge.

Among the recent innovations capturing the interest of businesses is the rise of crypto assets and the blockchain technology that underpins them. Major brands such as Microsoft and Sotheby’s, as well as independent companies from travel agencies to cafés, are increasingly adopting crypto assets and harnessing their potential, seeking to position themselves to benefit immensely from these distinctive digital assets.

What’s in it for businesses?

One of the main appeals of crypto assets is the swift and transparent payment transaction mechanism that they provide. In an age where cash payments are on a significant decline, the ability to facilitate fast, transparent and secure payments is appealing to consumers and businesses alike.

Additionally, transactions with crypto often attract fewer charges compared to traditional payment methods. Crypto assets do not require intermediaries to facilitate transactions and the elimination of these intermediaries like banks and payment gateways in favour of a decentralised verification system (in other words, the blockchain) minimises the costs associated with traditional payment processing. Also, by merit of being exclusively digital, crypto assets negate the need for physical payment infrastructures such as card machines.

An undeniable upside for businesses adopting cryptocurrency payment is virtually zero risk of chargebacks. With every transaction confirmed and immortalised on the blockchain forming a secure, tamper-proof and transparent record, they cannot be reversed. Consequently, businesses no longer need to wrestle with drawn-out, expensive chargeback processes.

Adopting crypto assets also offers a broader customer outreach. By bypassing traditional financial institutions, businesses can access the 1.7 billion unbanked population globally, as well as the 1.2 million unbanked individuals in the UK. Allowing for crypto asset payment also caters to the growing population of crypto asset enthusiasts,  granting a unique selling proposition amidst a competitive market.

Moreover, due to the borderless nature of crypto assets, such transactions do not require conventional currency conversions and can be sent to or from anyone in the world with a smart device and internet connection. This makes crypto assets an ideal form of payment for businesses that wish to expand their operations into new jurisdictions, without the usual friction points involved in optimising cross border payments.

What are the challenges for businesses?

Whilst there are a number of advantages for businesses, integrating crypto assets as a form of payment is not without its risks. One such risk comes from the fact that crypto assets are extremely volatile, and it is not unheard of to have massive fluctuations in a crypto assets value over a relatively small time frame of days and hours. This volatility can present challenges for businesses in being able to predict how much it will generate from crypto asset payments, and it can also expose the business to losses if the value of its crypto assets falls. In the same vein, it can also present opportunities for gains if there is an increase in the price action of a crypto asset.

For example, a retailer may sell an item for 0.035 Bitcoin (BTC), which at the time of writing is around £766. In the days after the sale the value Bitcoin may increase, such that 0.035 BTC is now worth £800. On the flipside, the value of BTC may decrease, such that the 0.035 BTC is now worth £735.

Another challenge is security. Whilst crypto assets are secured utilising complex cryptographic algorithms, they aren’t invincible against cyberattacks, phishing or fraudulent schemes. Thus, businesses using crypto assets need to be proactive in establishing robust cybersecurity defences and countermeasure procedures.

The developing regulatory environment around cryptocurrencies presents another challenge. As the legislative and regulatory landscape is still maturing, businesses adopting crypto assets as a form of payment may need to comply with unforeseen regulatory requirements and make an effort to stay informed of ongoing developments in this area.

However, with diligent planning and careful strategies, these challenges and risks can be substantially offset and mitigated.

What must businesses consider?

For businesses considering crypto asset integration, an effective policy and strategy should take into account the specific nature and operation of the business, its goods/services, geographical scope, and clientele. Particular consideration should be given the following points:

  • Choice of crypto assets: Given the plethora of cryptocurrencies available, it is important to consider which crypto assets in particular should be allowed to facilitate payment for the business. Important points to consider here would be the crypto assets stability, liquidity, popularity, and confirmation times.
  • Payment processing: It may be worth trying an external payment processor who can simplify the process of crypto asset acceptance, albeit at a cost. Alternatively, it is entirely possible to set up your own crypto payment processing system, but will require some technological expertise and knowledge.
  • Formulating guidelines: Businesses adopting crypto assets should have defined guidelines addressing transaction disputes, and refund mechanisms. There should also be procedures in place for handling price volatility, for example, through stablecoins or immediate fiat conversion upon receipt.
  • Continuous transaction oversight: Businesses allowing crypto asset payments will need need to be able to track, record, and report transactions for tax compliance. Crypto assets are taxable, and businesses will need to consider whether they choose to hold crypto assets on their balance sheet as an asset, or if they would rather liquidate the crypto assets to fiat upon receipt or at regular intervals.
  • Selecting an appropriate digital wallet: Considering the scale of operations, anticipated crypto holdings, and security requirements is vital when choosing a digital wallet. There are a variety of different wallets including cold wallets, hot wallets, custodial wallets, non-custodial wallets, multi-sig wallets and many other variations. It is important for businesses to choose a wallet which is compatible with their needs, and which they are confident with and able to keep secure.

How Lawrence Stephens can assist with your crypto challenges

While venturing into the world of crypto assets does bring its set of challenges and intricacies, the potential benefits are substantial. As with any business decision, prudent planning, accompanied by knowledgeable legal consultation, is key to ensure regulatory compliance and adept risk management.

At Lawrence Stephens, our team is adept at assisting diverse businesses in harnessing the potential of crypto assets. With our bespoke legal insights, we ensure your cryptocurrency adoption journey is seamless, safeguarded, and aligned with the developing digital finance sector.