A guide to foreign investment in real estate in Colombia
The Colombian real estate market is experiencing significant growth and development. By 2024, the market is expected to reach a staggering value of USD$2.58 trillion.
The residential real estate segment holds the dominant position, projected to be US$2.17 trillion in the same year. Colombia’s stunning coastal landscapes and growing tourism industry are driving demand for luxury beachfront properties.
Newsletter June
New customs statute
With the execution of Decree 0659 of 2024, a new Customs Statute has entered into force. The new Decree seeks to streamline Colombia’s international trade; will allow the National Tax and Customs Directorate (DIAN) to improve controls against smuggling; will allow DIAN to have new technology and to facilitate the operations of importers.
The main modification brought about by this new legal framework is the mandatory implementation of the “Advance Goods Import Declaration”. Under this measure, importers must report to the DIAN what merchandise they are going to bring into the country 48 hours before it enters the national territory. This advance declaration was already mandatory for textiles, footwear, and machinery parts, among other products.
For example, when importers declare their goods in advance, customs clearance time takes, on average, six (6) days less at El Dorado airport and 3.3 days less at the port of Buenaventura, compared to those who do not declare their goods in advance. In this way, importers will be able to dispose of their products faster and this agility will translate into shorter times and lower costs that will benefit the country’s economy.
The Statute also makes the use of satellite tracking devices mandatory for goods moving through the country that are still under customs control.
The new Customs Statute also requires the development of a new import management system. This new system will replace the current SYGA (Customs Information and Management System), which is technologically obsolete and has security vulnerabilities that make the control operations on the entry of goods less effective.
Source: https://www.dian.gov.co/Prensa/Paginas/NG-Comunicado-de-Prensa-032-2024.aspx
Strengthening of penalties for tax offenses in tax reform law 2277 of 2022
The Constitutional Court has strongly supported the changes introduced by Law 2277 of 2022 regarding tax crimes. In its recent Ruling C-019 of 2024, the Court affirmed that the amendments made comply with the principles of “consecutivity and flexible identity proper to the legislative process”. This decision reinforces the legitimacy of the provisions that seek to combat tax evasion and tax fraud in the country.
One of the main provisions contemplated in the reform is the imposition of harsher penalties for those taxpayers who incur in omissions or false declarations in their income tax returns. It establishes that those who omit assets, declare a lower value than the real value of assets, or declare non-existent liabilities for amounts higher than 1,000 legal monthly minimum wages in force (smmlv), equivalent to $1,300 million (approximately $340,000 USD) with this year’s minimum, may face prison sentences between four and nine years.
In addition, the law provides for an escalation of penalties depending on the amount evaded. If the tax value of the evaded amount is between 2,500 and 5,000 minimum wages, the penalties will be increased by one third. In the event that it exceeds 5,000 minimum wages, the penalties will be increased by half, which reflects the seriousness with which tax evasion in the country is sought to be addressed.
The Superintendence of Companies recommends that the general shareholders’ meeting approve the sustainability report at its ordinary meetings.
At the end of last year, the Superintendence of Companies issued External Circular No. 100-000010 of 2023, where recommendations for the preparation of a Sustainability Report are suggested. These recommendations include that such report should be prepared annually by a designated person in charge and, if prepared, it should be presented during the ordinary meeting where the Financial Statements are approved.
Although the preparation and presentation of the Sustainability Report during the ordinary meeting is not mandatory so far, the Superintendency of Companies has expressed its intention to make these recommendations mandatory for companies that exceed certain thresholds. Therefore, it is suggested to initiate their preparation and approval during this year’s ordinary meetings in order to be prepared for possible future regulatory changes. The Superintendency of Companies clearly expressed its desire and plan to convert these recommendations set forth in the Circular into fully enforceable obligations for those companies that exceed the thresholds defined in Article 5 of said Circular.
To which companies does the recommendation to prepare the Sustainability Report apply?
- Companies that are under surveillance or control by the Superintendence of Companies and that have reached total revenues or assets equal to or greater than forty thousand (40,000) smlmv, as of December 31 of the immediately preceding year.
- Companies that are part of the following sectors: (i) mining – energy, (ii) manufacturing, (iii) construction, (iv) tourism, or (v) telecommunications and new technologies and that comply with the requirements established in paragraph 5.2 of the Circular.
Content of the Sustainability Report
- Name of International Reporting Standard
- Table of Contents
- Company profile.
- Context and sustainability strategy of the companies.
- Disclosure of management performance
- Assignment of a person responsible for the Sustainability Report.
Publication:
- Annual internal communication to all company employees.
- Recommended publication on the company’s website.
When can the alternate replace the principal legal representative?
The alternate legal representative of a Colombian company only has powers of representation in the permanent or temporary absence of the principal legal representative, since he/she lacks the capacity of representation while the principal is in office. The above was remarked by the Superintendence of Corporations in its official notice 220-060152 of March 18, 2024.
Substitution: Action and effect of substituting a person during a period of action that may not be joint or concomitant to the substituted one. The substitution does not depend on a territorial factor since the legal representative can represent and act for the legal person from any part of the world. On the contrary, the substitution only applies in the event of the impossibility of exercising functions such as bereavement, illness, incapacity, etc.
Alternate Representation: The alternate will not have the capacity to represent a company as long as the principal legal representative is capable, the above also includes not being able to make decisions contrary to those previously made by the principal legal representative and to subscribe documents that the principal has denied.
The alternate L.R. has the obligation to remain permanently available to replace the principal L.R. in his functions when the latter does not have the effective possibility to manage. Otherwise, the alternate does not have the capacity or power to represent the legal entity, for example, he/she could not call a meeting of the General Assembly of Shareholders if the principal previously refused to do so, among other cases.
Legal issues of M&A in the fintech sector
Introduction
Mergers and acquisitions (M&A) play a significant role in the Fintech sector. The Fintech industry is known for its rapid innovation and disruption. Mergers and acquisitions allow companies to consolidate their market position by acquiring competitors or supplementary businesses. This consolidation helps firms to achieve economies of scale, expand their customer base, and increase market share.
Fintech companies often acquire other firms to gain access to specialized talent and cutting-edge technology. This can accelerate their product development cycles and enhance their ability to innovate. For example, a company might acquire a smaller startup with expertise in artificial intelligence or blockchain technology to strengthen its offerings.
M&A activities enable Fintech companies to diversify their product and service offerings. By acquiring companies in adjacent or ancillary sectors, they can expand into new markets or offer a broader range of financial products. This diversification can help Fintech firms to mitigate risks associated with relying too heavily on a single product or market segment.
Regulatory compliance is a major challenge for Fintech companies, especially as they expand into new markets or offer new financial services. Acquiring a company that already has expertise in navigating regulatory frameworks can help expedite the compliance process and reduce legal risks.
Mergers and acquisitions can also facilitate strategic partnerships between Fintech firms and traditional financial institutions. For example, a Fintech startup specializing in payment processing might be acquired by a large bank seeking to modernize its digital banking offerings. These partnerships can drive innovation and improve the overall competitiveness of the companies involved.
Mergers and acquisitions are important for the Fintech sector because they enable companies to achieve growth, innovation, and market leadership in an increasingly competitive industry.
The Fintech Industry in Colombia
In the most recent study “Fintech Snapshot 2023-2” by Colombia Fintech, the following statistics are presented:
- Fintech is generating more than 26,000 jobs.
- Around 45% of fintechs that have between 20 and 249 employees have been in the Colombian market for six to 20 years.
- 46.4% of fintechs invest more than 30% of their operational income in technological capital.
- 28.6% of the country’s Fintech companies are financed with their own resources (Bootstrapping). The analysis of the investment rounds in which Colombian fintechs are found reveals a diversity in financing sources and development stages.
- The two leading verticals in the fintech ecosystem continue to be Digital Credit (35.6%) and Digital Payments (28.8%)
- 63% of the country’s fintech companies are microbusinesses. Half of the companies have been established between one and five years. Likewise, 95% do not exceed 20 years of incorporation.
- The distribution of Fintech companies in Colombia reflects a strong concentration in Bogotá. The capital is the undisputed epicenter of fintech activity in the country. However, a significant presence is observed in Antioquia, with 19% of the Fintech companies in the country.
Risks and Challenges of the Fintech Industry
The Fintech industry is characterized by a certain degree of risk, stemming from various factors inherent to its nature and operating environment.
Fintech companies often operate in highly regulated sectors such as banking, payments, lending, and securities. Navigating complex and evolving regulatory frameworks can be challenging, and changes in regulations can significantly impact business models, operations, and compliance costs.
Fintech companies handle sensitive financial data, making them attractive targets for cyberattacks and data breaches. Security vulnerabilities in technology systems, inadequate data protection measures, and sophisticated cyber threats pose significant risks to Fintech firms and their customers.
The Fintech industry is subject to rapid technological development, changing consumer preferences, and market disruptions. Fintech startups face competition from traditional financial institutions as well as other agile startups, and market dynamics can shift quickly, impacting business viability and growth prospects.
Fintech companies rely heavily on technology and digital infrastructure to deliver their products and services. Operational risks such as system failures, IT disruptions, technical glitches, and service outages can result in financial losses, reputational damage, and loss of customer trust.
Fintech firms engaged in lending, crowdfunding, or peer-to-peer finance activities are exposed to credit risk, including the risk of borrower default or non-payment.
Additionally, Fintech companies may face counterparty risks related to their relationships with other financial institutions, service providers, or business partners.
Fintech companies collect and process vast amounts of customer data, raising concerns about data privacy, confidentiality, and compliance with data protection regulations. Failure to adequately protect customer data or comply with regulatory requirements can lead to legal liabilities, fines, and reputational harm.
Fintech firms operating in payment processing, digital banking, cryptocurrency, and online lending sectors are susceptible to fraud, money laundering, and other financial crimes. Implementing robust fraud detection and prevention measures is essential to mitigate these risks and maintain trust with customers and regulators.
Rapid growth and scalability are common goals for Fintech startups, but scaling operations while maintaining quality, compliance, and customer satisfaction can be challenging. Inadequate infrastructure, insufficient resources, and organizational complexities can hinder scalability efforts and impede long-term success.
Many Fintech companies rely on partnerships with banks, technology providers, payment networks, and regulatory bodies to deliver their products and services. Dependency on third-party providers and ecosystem dynamics can introduce risks related to reliability, performance, and strategic alignment.
Despite these risks, the Fintech industry also presents significant opportunities for innovation, disruption, and value creation. Managing and mitigating risks effectively through robust risk management practices, compliance programs, cybersecurity measures, and strategic planning is essential for Fintech companies to succeed in a rapidly evolving and competitive landscape.
¿IPO or M&A in the Fintech industry?
There following are some of the reasons why there may be more merger and acquisition (M&A) deals than initial public offerings (IPOs) in the Fintech sector:
- Market Maturity and Consolidation: The Fintech industry has matured significantly over the past decade, leading to increased consolidation as larger companies seek to acquire smaller startups to expand their market reach, enhance their technology capabilities, and gain access to new customer segments. M&A deals are often seen as a faster and more efficient way for companies to achieve growth and scale compared to pursuing an IPO, which can be time-consuming and costly.
- Access to Capital: Fintech startups and emerging companies may find it challenging to access public capital markets through an IPO, particularly if they have not yet achieved profitability or established a track record of sustained growth. In contrast, M&A deals provide an alternative source of capital for startups by allowing them to be acquired by larger, more established companies with the financial resources to support their growth and development.
- Valuation Considerations: Valuation can be a significant factor influencing the decision between an IPO and an M&A deal. In some cases, Fintech startups may receive more attractive valuation offers from potential acquirers than they would receive in the public markets through an IPO, particularly if there is strong strategic interest or competition among buyers.
- Risk Mitigation: M&A deals can help mitigate various risks associated with scaling a Fintech business, including regulatory compliance, cybersecurity, competitive pressures, and market volatility. By joining forces with a larger, more established company, Fintech startups may gain access to additional resources, expertise, and support to address these challenges and accelerate their growth trajectory.
- Strategic Alignment: M&A deals often occur when there is strategic alignment between the buyer and the target company, such as complementary product offerings, technology capabilities, or market presence. For example, a Fintech startup specializing in payment processing may be acquired by a larger financial institution seeking to strengthen its digital banking capabilities. These strategic synergies can create value for both parties and drive M&A activity in the Fintech sector.
- Exit Opportunities for Investors: M&A deals provide liquidity and exit opportunities for Fintech investors, including venture capital firms, private equity investors, and early-stage backers. When a Fintech company is acquired, investors may realize returns on their investments sooner than if they had waited for an IPO, which can be appealing for investors seeking timely exits and capital deployment opportunities.
While M&A deals may be more prevalent than IPOs in the Fintech sector, both pathways offer advantages for companies seeking to raise capital, achieve liquidity, and pursue growth opportunities. The choice between an IPO and an M&A deal depends on various factors, including the company’s strategic objectives, financial position, market dynamics, and investor preferences.
Types of legal structures in the Fintech´s M&A transactions
The legal structure of a deal in the Fintech sector can vary depending on various factors such as the nature of the transaction, the parties involved, regulatory considerations, tax implications, and the strategic objectives of the parties.
- Asset Purchase Agreement (APA): In an asset purchase agreement, the buyer purchases specific assets and liabilities of the target company rather than acquiring its stock or equity interests. This structure allows the buyer to acquire specific assets such as intellectual property, technology, customer contracts, and goodwill while avoiding assuming certain liabilities of the seller.
- Stock Purchase Agreement (SPA): A stock purchase agreement involves the purchase of the target company’s stock or equity interests, either in part or in whole. This structure provides the buyer with ownership and eventual control of the entire business, including its assets, liabilities, contracts, and intellectual property rights.
- Merger Agreement: A merger agreement involves the consolidation of two or more companies into a single entity through the absorption of one of the entities or the creation a new one. Depending on whether they fall within the general authorization regime, merger transactions may or may not require a prior approval by the surveilling government agency.
- Joint Venture Agreement: Joint ventures often operate through merely contractual schemes or through the incorporation of a business entity. Except for unincorporated joint-ventures in public procurement regulation (consortia and temporary unions), joint ventures in Colombia are not specifically regulated but are possible under general contract and corporate laws. Incorporated joint-ventures may take any form available to business entities (stock corporations, limited liability corporations, simplified stock corporations, partnerships).
- In the Fintech sector, joint ventures may be established to collaborate on product development, market expansion, or technology sharing initiatives. This structure allows parties to combine their resources, expertise, and capabilities while maintaining separate legal entities.
- Franchising or Licensing Agreement: A licensing agreement allows one party (the licensor) to grant another party (the licensee) the right to use its intellectual property, technology, or other proprietary assets in exchange for a fee or royalty. In the Fintech sector, licensing agreements may be used to commercialize software, patents, trademarks, or other technology assets. In more sophisticated schemes, franchises may also allow to replicate the whole look & feel of a business together with its know-how, suppliers and business methodology.
- Strategic Partnership Agreement: A strategic partnership agreement involves a collaboration between two or more parties to pursue common business objectives, such as developing new products, entering new markets, or leveraging complementary strengths. Strategic partnerships in the Fintech sector may involve banks, technology companies, payment networks, or regulatory bodies.
- Subscription Agreement: A subscription agreement is used in equity financing transactions, such as seed rounds, venture capital investments, or private placements. This agreement sets forth the terms and conditions under which investors subscribe to purchase equity securities (e.g., common stock, preferred stock, or convertible notes) issued by the Fintech company.
- Service Agreement: A service agreement outlines the terms and conditions governing the provision of services by one party to another party. In the Fintech sector, service agreements may cover various services such as software development, IT support, payment processing, data analytics, or regulatory compliance.
The choice of legal structure depends on various factors, including the specific goals of the transaction, regulatory requirements, tax implications, risk allocation, and the preferences of the parties involved. It is essential for parties to consult with legal and financial advisors to determine the most appropriate structure for their particular circumstances and to ensure compliance with applicable laws and regulations.
Due Diligence in the Fintech´s M&A transactions
Performing due diligence before acquiring a Fintech company is crucial to assess its value, risks, and potential synergies.
The key areas to consider are the following:
- Financial Due Diligence: This involves a comprehensive analysis of the target company’s financial statements, including revenue, expenses, profitability, cash flow, and debt. It aims to verify the accuracy of financial information provided by the target and assess its financial health and sustainability.
- Regulatory and Compliance Due Diligence: Fintech companies operate in a highly regulated environment. Assessing the target company’s compliance with relevant laws and regulations is essential to identify any legal risks or compliance issues. This includes reviewing licenses, permits, regulatory filings, and any past or ongoing legal disputes or regulatory actions.
- Technology and Intellectual Property (IP) Due Diligence: Fintech companies rely heavily on technology and intellectual property assets such as software, algorithms, patents, and trademarks. Evaluating the target company’s technology infrastructure, development processes, cybersecurity measures, and IP portfolio helps assess its technological capabilities and potential for innovation.
- Market and Competitive Analysis: Understanding the target company’s market position, competitive landscape, customer base, and growth prospects is essential for assessing its strategic fit and growth potential. This involves analyzing market trends, customer feedback, market share, and competitive strengths and weaknesses.
- Operational Due Diligence: Examining the target company’s operational capabilities, including organizational structure, management team, business processes, and scalability, helps identify operational risks and integration challenges. Assessing factors such as employee retention, culture, and key operational metrics is also important.
- Cybersecurity and Data Privacy Due Diligence: Given the sensitive nature of financial data handled by Fintech companies, assessing the target company’s cybersecurity measures, data protection practices, and compliance with data privacy regulations is critical. This involves evaluating the effectiveness of security controls, incident response procedures, data encryption, and privacy policies.
- Customer and Partner Relationships: Understanding the nature of the target company’s relationships with customers, partners, suppliers, and other stakeholders is essential. This includes assessing customer satisfaction, contract terms, partnership agreements, and any dependencies or risks associated with key relationships. It also involves measuring consumer-protection compliance. Consumers are nowadays well educated about their rights and new mechanisms are being introduced for them to claim against Fintech entities when alleged violations occur. Recently the consumer-protection agency in Colombia, Superintendence of Industry and Commerce (SIC), issued instructions (Circular letter No. 02 of 10 October 2023) to tackle multiple complaints filed by FINTECH consumers and even imposing in recent days historic sanctions for this type of commerce. The SIC’s instructions include the following obligations by Fintech entities:
- To inform consumers at the time of entering into the contract and in writing about the remunerative interest rate and the delay interest rate expressed in terms of annual effective rate, the periodicity of payments, the number of installments and value of each one.
- To apply default interest only with respect to late installments and to provide sufficient information on credit assignments to third parties, securities, guarantees granted, the right of consumers to make early payments without generating penalties and the values or additional expenses to the credit operation, such as credit studies, insurance and guarantees, the type of credit and indications on collection costs.
- To refrain from making collections under conditions of threat, coercion and intimidation to the consumer and third parties.
- To ensure that the service offered does not cause damage to the integrity of the consumer and that its provision is given with the characteristics informed. Likewise, that the information to be provided is clear, truthful, sufficient, timely, verifiable, understandable, precise, suitable and in Spanish, and that they exclude from their contracts any clause considered abusive.
- Synergy Assessment: Identifying potential synergies between the acquiring company and the target company is crucial for maximizing the value of the acquisition. This involves assessing how the combined entities can leverage their respective strengths, capabilities, and resources to achieve strategic objectives, such as expanding market reach, enhancing product offerings, or improving operational efficiency.
- Environmental, Social & Governance (ESG) Due Diligence: It addresses companies’ potential controversial conduct or failure to adhere to legal regulations, while providing information on responsible ESG programs. ESG issues now constitute a crucial part of the investment decision-making process and portfolio management.
By conducting thorough due diligence across these key areas, acquiring companies can make informed decisions, mitigate risks, and maximize the success of their acquisitions in the Fintech sector.
Standard Reps and Warranties in the Fintech Industry
In a merger and acquisition (M&A) transaction involving a Fintech company, representations and warranties (reps and warranties) are contractual statements made by the seller regarding the condition, performance, and legal status of the company being sold. These provisions serve to protect the buyer by providing assurances about the accuracy and completeness of the information disclosed during due diligence.
The standard reps and warranties typically included in a Fintech M&A deal are the following:
- Corporate existence and authority: The seller represents that it is a legally formed and validly existing entity with the authority to enter into the transaction.
- Title to assets: The seller warrants that it has good and marketable title to all assets being sold, free and clear of any liens, claims, or encumbrances, except as disclosed.
- Compliance with laws and regulations: The seller represents that it has complied with all applicable laws, regulations, and industry standards relevant to its business operations, including financial services regulations, data protection laws, and anti-money laundering (AML) requirements.
- Intellectual property rights: The seller warrants that it owns or has the right to use all intellectual property (IP) assets necessary for its business, including software, patents, trademarks, and trade secrets, and that there are no third-party claims against such IP rights.
- Financial statements and performance: The seller represents that its financial statements are accurate, complete, and prepared in accordance with generally accepted accounting principles (GAAP) or International Financial Reporting Standards (IFRS), and that there have been no material adverse changes in its financial condition since the date of the latest financial statements.
- Contracts and agreements: The seller warrants that all material contracts, agreements, and commitments are valid, enforceable, and in full force and effect, and that there are no breaches or defaults under such contracts, except as disclosed.
- Regulatory compliance: The seller represents that it holds all necessary licenses, permits, and approvals required to conduct its business and that it is not subject to any pending or threatened regulatory actions or investigations.
- Litigation and claims: The seller warrants that there are no pending or threatened litigation, claims, or disputes that could materially affect its business, operations, or financial condition, except as disclosed.
- Data security and privacy: The seller represents that it has implemented adequate measures to protect the security and privacy of customer data and that it is in compliance with applicable data protection laws and regulations.
- Employment matters: The seller warrants that it is in compliance with all employment laws and regulations, including those related to wages, benefits, discrimination, and termination, and that there are no pending or threatened labor disputes or employee claims.
The specific terms and scope of reps and warranties may vary depending on the nature of the transaction, the parties involved, and the specific risks and considerations relevant to the Fintech sector. It is essential for both the buyer and the seller to carefully negotiate and document these provisions to allocate risks appropriately and facilitate a successful transaction.
Exit Clauses in a Fintech´s M&A transactions
Exit clauses in Fintech deals, like in any other sector, are provisions that outline the circumstances under which a party can exit the transaction or terminate the agreement. These clauses are essential for providing parties with options to exit the deal if certain conditions are not met or if unforeseen events occur. Here are some common exit clauses found in Fintech deals:
- Termination for Cause: This clause allows either party to terminate the agreement if the other party breaches a material provision of the contract. The breach must be significant enough to justify termination, and the terminating party may be required to provide notice and an opportunity to cure the breach before termination.
- Termination for Convenience: Some agreements include a termination for convenience clause, which allows one or both parties to terminate the agreement without cause upon giving notice within a specified timeframe. This clause provides flexibility for parties to exit the deal for any reason or no reason at all, subject to contractual requirements.
- Change of Control: In Fintech deals involving equity investments or acquisitions, change of control clauses may be included to address what happens if there is a change in ownership or control of one of the parties. This clause may give the non-acquiring party the right to terminate the agreement or require the acquiring party to obtain consent before completing the transaction.
- Force Majeure: Force majeure clauses excuse parties from performing their obligations under the agreement in the event of unforeseen circumstances beyond their control, such as natural disasters, acts of war, or government actions. If a force majeure event occurs and prevents the parties from fulfilling their obligations, the agreement may be terminated or suspended until the event is resolved.
- Material Adverse Change (MAC) Clause: A MAC clause allows a party to terminate the agreement if there is a material adverse change in the financial condition, business operations, or prospects of the other party or the target company. These clauses are often subject to negotiation and may include specific thresholds or carve-outs to limit their applicability.
- Exit Rights for Investors: In equity financing transactions, such as venture capital investments or private placements, investors may negotiate exit rights that allow them to sell their shares or redeem their investment under certain conditions, such as the failure to achieve specified milestones or the passage of a certain period of time.
- Drag-Along Rights: Drag-along rights empower majority shareholders to force minority shareholders to sell their shares in the event of a sale of the company. This clause ensures that all shareholders are treated equally and can facilitate the sale of the company by eliminating the need to obtain consent from every shareholder.
- Tag-Along Rights: Tag-along rights, also known as co-sale rights, give minority shareholders the right to join in a sale of the company initiated by majority shareholders on the same terms and conditions. This clause protects minority shareholders from being left behind in a sale transaction and allows them to participate in the sale process.
The speed with which technological innovation in the provision of financial services has evolved is undeniable. There are currently more than 700 fintech ventures in Latin America, and Colombia is the country with the third highest number of fintechs in the region. Traditional players like banking entities in Colombia have deployed different strategies to adapt to the transformation process by entering into alliances with fintechs including the implementation of digital labs to boost innovation in an organic way.
Having specialized legal advice in each of the areas related to the Fintech business can allow companies to develop their ventures in a more secure environment and with clear competitive advantages.
Legal protection for innovation strategies
INTRODUCTION
Innovation is crucial for the long-term success and competitiveness of companies in the rapidly evolving business landscape. To foster innovation, companies employ various strategies and approaches. To protect your innovation, you can utilize various forms of intellectual property (IP) rights. The choice of which IP protection to pursue depends on the nature of your innovation and your business goals.
Before pursuing any form of IP protection, the following steps are recommended:
- Conduct a Prior Art Search: To ensure your innovation is truly novel and eligible for protection, conduct a thorough search to identify prior art (previous similar inventions or creations) that might impact your ability to obtain protection.
- Consult Legal Experts: Intellectual property laws can be complex and vary by jurisdiction. Consult with intellectual property attorneys who specialize in the relevant field to guide you through the process and help you make informed decisions.
- Strategize: Develop an IP strategy aligned with your business goals. Some innovations may benefit from a combination of protections, while others may require choosing the most suitable single form of protection.
Obtaining IP protection is just one step; enforcing and maintaining these rights require ongoing attention and legal vigilance.
COMMON INNOVATION STRATEGIES THAT COMPANIES OFTEN USE:
- Open Innovation: This approach involves collaborating with external partners such as customers, suppliers, universities, and even competitors to bring in fresh ideas, technologies, and expertise. Companies share and exchange knowledge to accelerate the innovation process.
- Research and Development (R&D): Companies allocate resources to research and develop new products, services, or technologies. This can involve creating dedicated R&D departments or innovation labs to focus solely on generating novel ideas and solutions.
- Design Thinking: Design thinking is a human-centered approach that emphasizes empathy, collaboration, and iteration. Companies using this strategy involve cross-functional teams to deeply understand user needs, brainstorm solutions, prototype, and test ideas before implementation.
- Disruptive Innovation: This strategy involves introducing new products or services that create a significant shift in the market and often target underserved or overlooked customer segments. Disruptive innovations can reshape industries and change consumer behaviors.
- Incremental Innovation: Companies continuously improve existing products, services, or processes to enhance efficiency, performance, and user experience. This strategy involves making small, incremental changes over time.
- Blue Ocean Strategy: This approach focuses on creating entirely new market spaces where competition is limited or nonexistent. Companies aim to offer unique value propositions, differentiating themselves from competitors and attracting new customers.
- Acquisitions and Mergers: Some companies acquire or merge with other firms to gain access to their technologies, products, or intellectual property, thereby accelerating their own innovation efforts.
- Lean Startup Methodology: Popularized by Eric Ries, this strategy involves quickly building and testing minimal viable products (MVPs) to gather user feedback and iterate rapidly based on that feedback. This approach minimizes waste and reduces the risk of launching products that don’t meet customer needs.
- Crowdsourcing: Companies solicit ideas and solutions from a large group of people, often through online platforms, competitions, or challenges. This approach leverages the collective intelligence of a diverse group to solve problems and generate new ideas.
- Corporate Venture Capital: Companies invest in startups or innovative ventures that align with their strategic goals. This approach provides the company with insights into emerging trends and technologies while supporting external innovation.
- Technology Scouting: Companies actively search for emerging technologies, ideas, and trends outside their industry and then adapt or integrate them into their own operations or products.
- Intrapreneurship: This strategy involves encouraging employees to act as entrepreneurs within the company, empowering them to propose and develop new ideas and projects.
- Hackathons and Innovation Challenges: These events encourage employees or external participants to collaborate intensively over a short period to solve specific problems or develop innovative solutions.
- Agile Development: Agile methodologies, often used in software development, emphasize iterative development and collaboration, allowing companies to respond quickly to changing market demands.
- Successful innovation strategies are often tailored to a company’s industry, culture, and specific goals. The key is to create a conducive environment that encourages creativity, experimentation, and a willingness to embrace change.
KEY POINTS OF AN INNOVATION STRATEGY IN A COMPANY:
An effective innovation strategy in a company should encompass various key points to guide and support the organization’s efforts in creating and implementing innovative ideas. Here are some essential points to consider when developing an innovation strategy:
- Clear Objectives: Define specific innovation goals that align with the company’s overall mission and business strategy. These objectives should be measurable and time-bound, providing a clear sense of direction for the innovation initiatives.
- Alignment with Business Strategy: Ensure that the innovation strategy is closely aligned with the company’s core business strategy. Innovation efforts should contribute to the company’s competitive advantage and long-term growth.
- Leadership Support: Obtain commitment and active support from top leadership. Leaders should champion the importance of innovation and allocate necessary resources to foster a culture of creativity.
- Resource Allocation: Allocate dedicated resources, including funding, time, and personnel, to support innovation projects. Adequate resources are essential for experimentation and development of new ideas.
- Cross-Functional Collaboration: Encourage collaboration between different departments and teams. Innovative ideas often emerge at the intersection of different disciplines, so fostering a culture of collaboration can lead to breakthroughs.
- Open Communication: Establish channels for open communication that allow employees to share their ideas, feedback, and suggestions. Creating an environment where employees feel valued and heard fosters innovation.
- Risk Tolerance: Cultivate a culture that embraces calculated risk-taking. Innovation involves experimentation, and not all ideas will succeed. It’s important to learn from failures and iterate on ideas.
- Customer-Centric Approach: Focus on understanding customer needs and pain points. Innovations that directly address customer challenges are more likely to gain traction in the market.
- Continuous Learning: Encourage continuous learning and professional development. Provide opportunities for employees to acquire new skills and stay updated on industry trends and emerging technologies.
- Idea Generation and Management: Implement processes for generating, capturing, evaluating, and selecting innovative ideas. This might involve brainstorming sessions, idea submission platforms, and cross-functional evaluation teams.
- Innovation Metrics: Define key performance indicators (KPIs) to measure the effectiveness of innovation efforts. These metrics could include the number of new products launched, revenue from new products, or percentage of revenue from products developed in the last few years.
- Innovation Culture: Nurture a culture that values creativity, curiosity, and continuous improvement. Recognize and reward employees for their innovative contributions.
- Innovation Pathways: Develop a framework for moving innovative ideas from concept to implementation. This could include stages for idea validation, prototyping, testing, and scaling.
- External Partnerships: Explore opportunities for collaboration with external partners, such as startups, research institutions, and industry experts. These partnerships can bring fresh perspectives and accelerate innovation.
- Intellectual Property Protection: Establish procedures for protecting intellectual property generated through innovation. This could involve patent applications, copyrights, and trade secrets.
- Adaptability: Recognize that the innovation landscape is constantly evolving. Be prepared to adapt the strategy as new opportunities and challenges arise.
- Measurement and Feedback Loop: Regularly review and assess the progress of innovation projects against established objectives. Use feedback to refine and improve the strategy over time.
An innovation strategy should be tailored to your company’s unique circumstances, goals, and industry context. It’s important to create a strategy that resonates with your organization’s culture and capabilities.
KEY ELEMENTS OF A LEGAL PROTECTION FOR AN INNOVATION STRATEGY:
Protecting your innovation strategy involves a combination of legal measures to safeguard your intellectual property, proprietary information, and competitive advantage. The advisable steps to ensure comprehensive legal protection for an innovation strategy are the following:
- Intellectual Property (IP) Strategy:
- Patents: If your innovation involves a novel, non-obvious, and useful invention, consider filing for patents. Patents grant exclusive rights to your invention for a specific period, preventing others from making, using, selling, or importing it without your permission.
- Copyrights: If your innovation includes original creative works such as software code, artistic designs, or written content, consider obtaining copyrights to protect against unauthorized copying or distribution.
- Trademarks: Register trademarks for unique brand names, logos, and symbols associated with your innovation strategy. Trademarks protect your brand identity and prevent others from using similar marks that might cause confusion.
- Trade Secrets: Implement strict confidentiality measures to protect sensitive information that provides your company with a competitive advantage. This could include proprietary processes, customer lists, formulas, and more.
- Non-Disclosure Agreements (NDAs): When sharing confidential information with employees, partners, contractors, or potential collaborators, use NDAs to legally bind them to maintain confidentiality and prevent unauthorized disclosure.
- Employee and Contractor Agreements: Include clauses in employment and contractor agreements that specify that any innovations or intellectual property developed during their tenure belong to the company. This helps ensure the company’s ownership of innovations created by its workforce.
- Partnership and Collaboration Agreements: Clearly outline intellectual property ownership, usage rights, and profit-sharing arrangements in agreements when collaborating with external partners, vendors, or research institutions.
- Licensing Agreements: If you’re interested in monetizing your innovation by allowing others to use it, consider licensing agreements that define the terms under which others can use your intellectual property.
- Innovation Disclosure Policies: Develop internal policies and procedures for employees to disclose their innovative ideas and developments. This establishes a framework for capturing and evaluating new concepts.
- Regular IP Audits: Periodically assess your intellectual property portfolio to ensure that your patents, copyrights, trademarks, and trade secrets are up to date and aligned with your innovation strategy.
- Global Considerations: If your innovation strategy has an international component, be aware of intellectual property laws and regulations in various jurisdictions. File for protection in countries where you plan to operate or expand.
- Litigation Preparedness: While prevention is the primary goal, it’s wise to have a plan in place in case of IP infringement. Consult legal experts to understand your options for enforcing your rights and pursuing legal action if necessary.
- Legal Counsel: Consult with intellectual property attorneys who specialize in the relevant areas, such as patent law, copyright law, and trademark law. They can provide tailored guidance based on your specific innovation strategy.
MAIN CONTRACTUAL CLAUSES TO PROTECT INNOVATION MODELS AND PRODUCTS:
Some examples of clauses to be considered in contracts to protect innovation and intellectual property (IP):
- Confidentiality and Non-Disclosure Clause:
“Confidential Information” refers to all information disclosed by one party to the other that is not publicly available and is marked or communicated as confidential. The recipient agrees not to disclose or use the Confidential Information for any purpose other than the intended collaboration/project and to protect its confidentiality.
- Intellectual Property Ownership Clause:
“Any inventions, designs, works of authorship, developments, concepts, ideas, or other intellectual property created during the term of this Agreement shall be the exclusive property of [Company Name], regardless of which party contributed to their creation.”
- Assignment of Intellectual Property Rights Clause:
“Employee/Contractor hereby assigns and transfers to [Company Name] all rights, title, and interest in and to any and all intellectual property created in the course of employment/engagement, and agrees to execute any necessary documentation to effectuate such assignment.”
- Joint Ownership Clause (for collaborations):
“Any jointly developed intellectual property shall be owned jointly by the parties in proportion to their respective contributions. The parties agree to work together to secure appropriate protection and make commercialization decisions.”
- Non-Compete and Non-Solicitation Clause:
“During the term of this Agreement and for [X] years thereafter, the Employee/Contractor agrees not to engage in any business that competes with [Company Name] or solicit [Company Name]’s clients, customers, or employees.”
- Dispute Resolution Clause:
“Any dispute arising under or in connection with this Agreement, including disputes related to intellectual property rights, shall be resolved through mediation or arbitration, with [Arbitration/Mediation Provider] acting as the mediator/arbitrator.”
- Indemnification Clause:
“Employee/Contractor agrees to indemnify and hold harmless [Company Name] from any claims, damages, or liabilities arising from any breach of intellectual property rights or misuse of confidential information.”
- Termination and Return of Property Clause:
“Upon termination of this Agreement, Employee/Contractor shall promptly return to [Company Name] all confidential information, documents, and materials related to the project, including any prototypes, designs, and research.”
- Use of Company Resources Clause:
“Employee/Contractor shall not use [Company Name]’s resources, facilities, or equipment for any purposes other than the project specified in this Agreement, without prior written consent.”
- Governing Law and Jurisdiction Clause:
“This Agreement shall be governed by and construed in accordance with the laws of [Jurisdiction]. Any disputes arising under or in connection with this Agreement shall be subject to the exclusive jurisdiction of the courts of [Jurisdiction].”
CONCLUDING REMARKS:
Failing to seek IP protection in a timely manner can result in the loss of rights. It’s important to initiate the protection process as soon as your innovation is ready to be disclosed to others.
Not keeping thorough and organized records of the development process, dates of invention, and interactions with collaborators or partners can weaken your ability to prove the originality and ownership of your innovation. Neglecting to conduct a thorough search for existing patents, copyrights, trademarks, and other IP rights similar to your innovation can lead to conflicts, rejections, or invalidations of your claims.
Drafting incomplete or vague agreements, such as nondisclosure agreements (NDAs) or partnership contracts, can leave gaps in IP ownership and usage rights, leading to disputes later on. Not properly safeguarding trade secrets through contractual agreements and security measures can result in leaks of sensitive information, compromising your competitive advantage.
Disclosing details about your innovation to the public before applying for IP protection can impact your ability to obtain patents or certain types of protection. Public disclosures can trigger statutory grace periods in some jurisdictions. Failing to include strong IP ownership and assignment clauses in employee agreements can lead to uncertainties about who owns the rights to innovations created by employees.
If you plan to operate globally, not considering international IP protection can leave your innovation vulnerable in jurisdictions where you haven’t secured rights.
Licensing your IP without clear terms, usage limitations, and enforcement mechanisms can lead to unauthorized use or disputes. Confusing the differences between patents, copyrights, trademarks, and trade secrets can result in pursuing the wrong type of protection for your innovation.
Assuming that you don’t need to take any legal steps to protect your innovation can leave you exposed to IP theft or infringement. Forgetting to renew trademarks, pay maintenance fees for patents, or keep documentation up to date can lead to the loss of your IP rights.
Not actively monitoring for IP infringement and taking appropriate legal action when needed can weaken your IP position and allow others to infringe on your innovation. Relying on inexperienced or uninformed legal advisors can result in inadequate protection or misguided strategies.
Crypto-asset regulation in colombia: recent trends
The regulation on crypto-assets is a relevant index to determine the digital business climate in a country. Like any emerging technology, its early adoption in a market and adequate regulation can be an important step in the digital transformation processes in companies, the government and support digital entrepreneurship. The efficiency and data decentralization of blockchain and cryptocurrencies generate disruptive effects in certain markets and may also create concern about eventual illegal activities deriving from the technology’s relative anonymity.
In Colombia, several public entities have issued regulation and opinions on crypto-assets. This is precisely the first trend that we want to highlight. In Colombia there is a diversity of public entities that have touched upon different legal issues related to crypto-assets, namely: financial, exchange, tax, commercial, compliance and contractual issues, among others.
The following is a list with the main existing regulation and opinions:
(a) Financial Superintendence, Chapter XVIII External Circular Letter No. 041 of 2015;
(b) Decree 2555 of 2010.
(c) Regulatory Decree 1068 of 2015 (article 2.17.2.4.1.1);
(d) External Resolution No. 8 of May 5, 2000;
(e) External Resolution No. 1 of May 25, 2018;
(f) External Circular Letter No. DODM-144 of September 14, 2018;
(g) External Circular Letter No. DECIP-83 of August 27, 2021;
(h) Central Bank Opinion No. JDS-03409 of February 16, 2011;
(i) Central Bank Opinion No. JDS-19704 of September 12, 2016;
(j) Central Bank Opinion No. C19-110904 of June 21, 2019;
(k) Central Bank Opinion No. C21-70969 Q21-4417 of December 9, 2021;
(l) Financial Superintendence Opinion No. 2020079520-001 of May 15, 2020.
This is an effect of the transversal use of crypto-assets in different economic sectors and for different activities. However, if greater legal certainty is sought, the government could adopt a public policy document defining the vision and direction of the relationship between the public and the private sectors in relation to these digital assets.
In general, the Colombian authorities agree on the following characteristics related to crypto-assets as a basis for their regulation in each legal field and to determine the risks of the crypto title-holders who trade these intangible assets:
- Crypto-assets are not currency, as the only monetary and account unit that constitutes a legal tender and means of payment with unlimited release power, is the Colombian peso issued by the Central Bank of Colombia (bills and coins);
- Crypto-assets are not money for legal purposes;
- Crypto-assets are not a currency, since it has not been recognized as a currency by any international monetary authority nor is it supported by central banks;
- Crypto-assets are not cash or cash equivalent;
- There is no obligation to receive crypto-assets as a means of payment;
- Crypto-assets are not financial assets or investment property in accounting terms;
- Crypto-assets are not securities, so their mention as such or assimilation should be avoided.
The above characteristics have been consistently upheld by different Colombian government documents and denote an interpretation of intangibles that is always based on traditional notions of assets.
Crypto-assets have been defined in Colombia as intangible assets and therefore are likely to be contributed to the capital of corporations, provided that (i) they comply with accounting laws and secondary rules and legal regulations; and (ii) that the partners approve their appraisal. Based on these arguments, the Colombian government expressly affirmed a change in its doctrine, confirming that shareholders can contribute crypto-assets in the form of a contribution in kind. The foregoing, subject to a series of requirements and recommendations, opens the possibility of incorporating crypto-assets as part of the incorporation of companies in Colombia.
Colombian residents who have crypto-assets as part of their assets must declare them in their annual income tax returns. The value for which they must be declared will be for their equity value, either as an intangible asset (investment) or inventory.
On the accounting side, it is recommended that a separate unit of account be created for the recognition, measurement and disclosure of transactions and other events or occurrences that are related to cryptocurrencies, which could well be called “crypto-assets” or “virtual assets”.
If the crypto-assets are traded in a foreign currency, the value of the assets in foreign currency is estimated in national currency at the time of their initial recognition at the official exchange rate, less credits or payments measured at the same official exchange rate of the initial recognition.
Colombian residents who have equipment, resources and work that are integrated into the crypto mining activity, allowing them to obtain virtual currencies in exchange for the services provided in the network and/or by way of commissions, receive taxable income in Colombia, by virtue of the aforementioned criteria. Likewise, it is clear that resident individuals and national companies are taxed not only on their income from a national source but also from a foreign source income and on their assets owned in the country and abroad. From the equity point of view, as long as these coins correspond to intangible assets, capable of being valued, they form part of the equity and can lead to the obtaining of (presumptive) income.
For instance, the purchase and sale of real estate with payment through crypto-assets is an exchange of an asset whose payment will be made through the delivery of an intangible asset. The tax obligations associated with income tax will be those derived from the execution of the exchange contract. Carrying out the exchange will affect the assets of the party delivering the crypto-asset; the payment of the price will generate an equity decrease due to its disposal. On the other hand, depending on the real estate valuation, seller may increase its assets by carrying out the respective exchange, or equate the equity value of the crypto-asset delivered. Consequently, the party delivering the crypto-asset must determine the equity value of said asset, and analyze whether, on the occasion of the exchange, an income for the difference between the tax cost of the asset and the value of its disposal was obtained. The payment of the property through crypto-assets may represent an increase in equity in the head of the property seller if the equity value of the crypto-asset is higher than that of the real estate. The capital increase must be reported in that party’s accounting and income tax return. To the same extent, the real estate seller must determine the equity value of said property, and verify if, on the occasion of the exchange, an income for the difference between the fiscal cost of the real estate and the value of the sale was obtained. The parties must comply with the provisions of the Colombian Tax Statute for the purpose of determining the minimum prices for the sale of the goods subject to the exchange.
As in other jurisdictions, Colombia is no exception for crypto-assets being used in criminal activities. Cases of criminal use, fraud and the use of crypto-assets for payments related to computer attacks and ransomware as well as for payments related to extortion are becoming more frequent. Crypto-assets can also be used as instruments for money laundering, terrorist financing and other criminal activities, in view of which the administrators of the companies that participate in the crypto-asset market must deploy: i) the maximum due diligence in the knowledge of the ends of the operation (including associates, employees, clients, contractors and suppliers, and their final beneficiaries), in regards to the prevention of ML/TF; and, ii) the diligence that a businessman in good faith would take into account to prevent the phenomenon of asset laundering or money from the public being illegally collected or any other damage to the public or private interest being generated through such company. Those who carry out operations with crypto-assets decide in a responsible, conscious and autonomous manner, at their own expense and risk, to assume the possible losses that could be derived from this type of transaction.
The difficulty of clearly defining crypto-assets has been used by criminals to deceive investors and to carry out illegal collection of funds and Ponzi schemes with business models and strategies that can only be carried out by financial entities authorized by the Colombian government.
The growth of the crypto-asset market, in particular cryptocurrencies, depends on the ability of crypto-assets being used in many activities. So, while there is need for a clear regulatory framework that allows measuring risks, it is also important that absolute prohibitions or regulatory disincentives disappear.
In the past two years, a bill that regulates the relationship between wallets, exchanges and platforms in relation to crypto assets has advanced for approval in the Colombian Congress. In the first place, this proposed legislation proposes a series of definitions, among others, the following:
- Wallets: These are the virtual media in which the public and private encryption keys are stored.
- Crypto-assets Exchange Services: these are the following services: (i) Administration of crypto-assets exchange platforms. (ii). Provision of custody and/or storage services for crypto assets. (iii). Exchange or transfer between crypto-assets and fiat currency, or between one or more crypto-assets. (iv). The supplementary or analogous services related to sections i, ii and iii above.
- Crypto Asset Exchange Platform (PIC): These are computer applications or interfaces, internet pages or any other means of electronic or digital communication through which the Crypto-asset Exchange Services are provided.
- Crypto-asset Exchange Service Provider: It is a national business entity or a branch of a foreign company, in charge of operating, managing and guaranteeing the operation of the PIC, registering with the Chamber of Commerce of its main domicile and responsible for compliance with the obligations.
- Unique Registry of Crypto-asset Exchange Platforms (RUPIC): It is an electronic public registry managed by the Chambers of Commerce whose objective is to allow anyone to access the information published in said registry, and to verify that the Service Providers of Crypto-assets Exchange as holders are duly registered.
- PIC Operations Manual: Document that contains the requirements and internal parameters of the PIC for the provision of Crypto-asset Exchange Services.
As a principle of interpretation of the crypto-asset market, it is established in the draft bill that crypto-assets are negotiable directly by their owners. The operation of the different crypto assets, their rules belong to the private sphere of the users, who, based on the principles of free market and free competition, must seek to be informed about the risks inherent in trading with assets of any kind.
The Crypto-asset Exchange Service Providers, Colombian or foreigners, must comply with the following requirements:
- Be incorporated as a commercial company domiciled in Colombia or as a branch of a foreign company, and be duly registered in the Colombian mercantile registry.
- Include as the exclusive corporate purpose the performance of activities classified as Crypto-asset Exchange Services.
- Establish and maintain a computer security program that ensures the availability and functionality of its computer systems, protecting said systems and all information stored in them, from unauthorized access, use and manipulation, the foregoing in accordance with the instructions that for this purpose imparted by the Ministry of Information Technology and Communications.
- Adopt control measures aimed at detecting and preventing money laundering and terrorist financing.
- Register in the Special Register for Crypto-assets Service Providers before the Chamber of Commerce of the entity’s main address, indicating the web domain and the information determined by the Ministry of Information and Communication Technologies.
- Report to the Financial Information and Analysis Unit the information that is required in compliance with money laundering regulations.
- Comply with the Colombian personal data protection regulations.
- Implement KYC and customer Due Diligence measures.
- Have an Operations Manual for the operation of the PICs that it manages, approved by the Ministry of Information Technologies and Communications.
According to the proposed bill, the Crypto-assets Exchange Service Providers are prohibited from:
- Offering or paying consumers interests or any other return or monetary benefit for the balance that they accumulate over time or maintain or for any operation directly or indirectly related to the exchange that they carry out with crypto-assets.
- Transferring under any title, lend or encumber crypto-assets or any other resource owned by consumers, stored by the Crypto-asset Exchange Service Provider, without the express authorization of the consumer.
- Developing any kinds of commercial network or multi-level marketing activity with crypto-assets, as well as their financial intermediation. Likewise, the administrators or service providers of crypto-asset exchange platforms may not allow the commercial distribution of crypto-assets to be carried out on their platforms through network or multi-level marketing activities or similar.
- Refraining from carrying out any conduct that leads to the massive and regular collection of funds from the public that additionally implies the absence of consideration in present or future goods or services that justify it or, even if such consideration exists, does not have a reasonable financial explanation.
The model proposed in this draft bill does not comprehensively regulate the different legal aspects of crypto assets. The relationship between some of the agents in the ecosystem can set aside a holistic vision that is necessary to obtain the benefits of intelligent regulation. It is not clear if the Financial Regulation Unit of the Colombian government agrees with the content of this bill.
To sum up, in Colombia there is a regulatory trend that has been transforming from a prohibition on the use of crypto-assets towards a vision more associated with the risks inherent in the market for these digital assets. The regulation remains disperse since different Colombian public entities with market supervision and surveillance functions have issued rules and opinions related to accounting, tax, contractual, exchange and financial issues, among others. An effective coordination between the different public entities that regulate crypto-assets is necessary to achieve legal certainty and stimulate the use of these digital assets as well as to generate a business environment that allows attracting investment. It is necessary to wait and see if the draft bill that is in progress becomes law so that wallets, exchanges and crypto-asset offering platforms in particular, are regulated more specifically in terms of their registration and duties as well as their liability towards consumers and users of crypto-assets.
New regulation on electronic payroll In Colombia
By: María del Pilar Duplat M. – Peña Mancero Abogados
The Colombian tax authority (DIAN by its Spanish acronym) issued resolution 13 of February 11, 2021 regulating the implementation of the electronic payroll system (the “Electronic Payroll Resolution” or the “Resolution”).
Who must submit the electronic payroll to DIAN?
Income taxpayers that are employers or that make payments due to legal or regulatory relationships or that make pension payments, and require to support said costs and deductions in their tax returns.
On a monthly basis, the aforementioned subjects must submit to DIAN a payroll supporting document for its approval or correction.
What is the payroll supporting document?
The electronic payroll supporting document is the document that shows all labor-related payments made by the employer. This document must contain the following information for its creation, transmission and approval by DIAN:
- Expressly indicate that it is an electronic payroll supporting document.
- Employer complete name of the individual or entity, ID Number or tax id number.
- Complete name(s) and ID of the person who receives the payment.
- The Unique Code Number of the Supporting Document of the electronic Payroll (CUNE by its initials in Spanish).
- Internal consecutive number granted by the subject obliged to submit the electronic payroll.
- Contents and amounts of the accrued value of payroll pursuant to the Technical Appendix to the Electronic Payroll Resolution.
- Contents and amounts of the deducted sums from the payroll pursuant to the Technical Appendix to the Electronic Payroll Resolution.
- Total amount resulting from the difference between the total accrued payroll payments minus the total deducted sums from the payroll payments.
- The contents of the Technical Appendix as provided in article 20 of the Electronic Payroll Resolution, regarding the information and contents contained herein.
- The form of payment of the payroll per the Technical Appendix to the Payroll Resolution.
- Date and time of creation of the document.
- Digital signature of the Subject who pays the Payroll in accordance with the DIAN’s requirements of authenticity and integrity of the signature.
- Complete name and ID or tax id number of the software supplier and identification of the software.
When do I have to submit the electronic payroll to DIAN?
The electronic payroll supporting document must be issued and sent to DIAN on a monthly basis, ten (10) days after its creation or issuance.
As of when must the electronic payroll be implemented?
- Implementation Calendar for subjects per the number of employees
Group | Beginning date of the enabling of the electronic payroll data processing system | Maximum date to start the issuance and transmission of the electronic payroll payment support document and the electronic payroll payment support document adjustment notes. | Range in relation to the number of employees
|
|
From | Until | |||
1 | May 31st, 2021 | July 01, 2021 | More than 251 | |
2 | August 01, 2021 | 101 | 250 | |
3 | September 01, 2021 | 11 | 100 | |
4 | October 01, 2021 | 4 | 10 | |
5 | November 01, 2021 | 2 | 3 | |
6 | December 01, 2021 | 1 |
- Permanent Implementation Calendar
The obliged subjects will have a term of two (2) months from the date in which they make the payroll payments to carry out the enabling of the service and proceeding to transmit the supporting documents of the electronic payroll and its adjustment notes.
The remaining subjects must issue the supporting payroll document and their adjustment notes to request the costs and deductions of the income tax and the VAT deductible taxes, when applicable.
- Implementation calendar for subjects not obliged to issue electronic sales invoices
Subjects not obliged to issue electronic sales invoices must start the enabling of the electronic data payroll service on March 31, 2022; and they must issue and send the supporting document of the payment of the electronic payroll and their adjustment notes, no later than May 31, 2022.
How do I issue the electronic payroll documents?
The enabling procedure is the one that is developed within the electronic invoicing system which must have the function to issue the electronic payroll supporting document pursuant to DIAN’s requirements.
The enabling procedure must be carried out before the date when the subjects must start with the implementation and the term when they must submit the monthly electronic payroll.
If you have further inquiries regarding this new regulation, please do not hesitate to contact us at: info@pmabogados.co
Why a due diligence process may become a nightmare in Colombia?
Strong institutions with reliable databases available to the public are key when carrying out a due diligence process. In most cases, information provided by the target is insufficient and not always accurate. This means that attorneys must be creative in order to look for the right information in the right places.
Here are some examples of what can go wrong if a due diligence process is not properly handled:
- Real estate is tricky in Colombia, especially when you acquire assets or companies with rural real estate. Many attorneys focus on making sure that the “owner” of the land or property is duly recorded with the Real Estate Registry without realizing there is so much more! For instance: (i) determining whether the area has oil & gas or mining licenses that would create compulsory easements or eventually hinder its use; (ii) determining whether there are environmental restrictions such as being part of a national park, a protected wetland or a forest; (iii) verifying whether the land was formerly owned by communities or people who had to give it up because of armed groups’ pressure and are now subject to restitution proceedings; (iv) confirming that the land is not in fact a barren land that someone occupied as, regardless of time lapsed, it will continue to be State-owned and not subject to transfer.
- The Superintendence of Corporations recently issued a new regulation introducing stricter rules for anti-money laundering and terrorism financing. We cannot hide that Colombia has individuals and companies involved in such activities that do business in creative manners so as to disguise the true origin of their funds. A proper investigation during due diligence should include examining who the beneficial owners of the target are and searching not only the standard international OFAC and similar lists but also carrying out a full search of local media publications and other more informal sources of information.
- Latin American countries keep facing more and more corruption scandals. Colombia is not the exception. Doing business with relatives, partners and close friends of politically exposed parties can be risky. A proper due diligence should involve requesting full disclosure not only from all sellers but also from the target’s main stakeholders. Regulatory standards can be found in the Colombian anti-corruption statute.
- Unlike most Latin American countries, Colombia’s foreign exchange regulation imposes strict reporting obligations concerning foreign-currency-related operations such as foreign investment, receiving or granting loans from/to foreign residents, granting securities abroad, imports and exports. Non-compliance with such obligations may derive in huge fines to be imposed either by the Superintendence of Corporations or by the tax authority (DIAN). To avoid such liability, due diligence should include reviewing all the above foreign exchange transactions including: timely filing of reports to the Central Bank; correct reporting of each transaction; requesting an up-to-date report from the Central Bank to obtain information on all reported items.
- When searching for the history of land, corporations, litigation, property and any other asset that is subject to public record, one must be careful in Colombia. Government agencies are not always up-to-date and technology tends to be basic when it comes to search engines. There are entities and courts who simply do not provide such service to the public so not being able to complete an independent verification of the target’s records is common.
Being able to distinguish between what a “deal breaker” is and what not requires a thorough understanding of the risks involved and their eventual effects. For example, if a mining license does exist on the target’s land, a deal breaker would be not being able to use the land at all because of a compulsory easement that would prevent you from carrying out any activity whatsoever and that land being essential and of great value to the business you are acquiring. Otherwise, you may still negotiate such liability being properly disclosed in the “Disclosure Schedule” of the purchase agreement and establishing an escrow or taking any other measure to tackle loss if occurring. The same thing cannot be said when there are findings concerning money laundering or corruption charges. The risk involved in such situations would need to be measured in a very conservative manner as effects would not only involve economic consequences but eventual imprisonment.
Peña Mancero Abogados is publishing a series of high-level articles on M&A activity in Colombia. This article is for information purposes only and does not constitute legal advice. If you require further information, please contact Gabriela Mancero (info@pmabogados.co)
Guidelines for the treatment of personal data in artificial intelligence
By: María del Pilar Duplat – Peña Mancero Abogados
In June 2019, the Superintendence of Industry and Commerce (hereinafter “SIC”) issued its Guidelines for the treatment of personal data through Artificial Intelligence (AI).
- Purpose of the Guidelines
The guidelines seek to provide a series of suggestions to those who develop artificial intelligence projects based on the Standards for Data Protection for the Iberoamerican States of the Ibero-American Data Protection Network (RIPD, after its acronym in Spanish).
- Recommendations
- To comply with local regulation on the treatment of personal data
To avoid any legal objection over the AI products, it is important that your organization develop from the beginning a legal risk study of the local regulations to determine a strategy to:
- Mitigate legal risks.
- Earn and maintain the trust of the users of the AI technologies.
- Prevent any damage to the reputation of the organization.
- Avoid potential investigations from data protection or other authorities.
- To develop privacy impact studies
Before designing and developing AI products and to the extent possible, if there is a high risk of affecting the data protection rights of the owners of the data, it is necessary to develop a Privacy Impact Assessment (PIA) to put in place an effective system of risk management and internal controls to guarantee that the data is dully treated and in compliance with the current regulation.
Said PIA must contain at least the following:
- A detailed description of the operations of treatment of personal data involved in the development of the AI.
- An evaluation of the specific risks for the rights and liberties of the owners of the personal data.
- The measures foreseen to face the risks, including the guarantees, safety measures, software design, technologies and mechanisms that guarantee the protection of the personal data, taking into consideration the legitimate interests and rights of the owners of the data and other potentially affected third parties.
The results of the PIA with the risk mitigation measures are part of the principle of privacy by design and by default.
- To include the privacy, ethics and security from the design and by default
The privacy by design and by default is considered as a proactive measure towards the Principle of Accountability. By including the privacy from the design, the organization seeks to guarantee the adequate treatment of the personal data used in the AI procedures, even before the risks are materialized.
Thus, the privacy by design must be included in the design, the architecture of the software or the algorithm of the AI product. The following are the purposes that the technology must include:
- Avoid unauthorized access to the data.
- Avoid the manipulation of the data.
- Avoid the destruction of the information.
- Avoid unauthorized or improper uses of the information.
- Avoid the circulation or supply of the data to unauthorized people.
The safety measures must be adequate and must consider various risk factors, such as:
- The risk levels of the treatment of data for the exercise of the rights and freedoms of the owners of the data.
- The nature of the data.
- The potential consequences derived from a safety breach and the magnitude of the damage caused by said breach to the owner and, overall, to the society.
- The number of owners of the data and the amount of information.
- The size of the organization.
- The available resources.
- The monitoring and follow-up of the reliability of the algorithms.
- The status of the technique
- The reach, context and purposes of the treatment of the information.
- The cross-border circulation of the data.
- The uncertainty and complexity of each AI initiative.
- Every safety measure must be revised, evaluated and permanently improved.
The following are risk management aspects that have an impact on the algorithms:
- To materialize the principle of accountability
The designers and developers of AI products must adopt useful, appropriate and affective measures to comply with their legal obligations. They must also show the evidence of the correct compliance of their duties. Said tools must be subject to permanent revision and evaluation to determine their effectiveness regarding the compliance and degree of protection of the personal data.
For said purpose, and to comply with the principle of accountability, the organization should have, at least the following:
- Allocate resources to implement data protection programs and policies.
- Implement a risk management program for the treatment of data protection.
- Develop mandatory data protection programs and policies within the organization.
- Put in place training and updating programs for the personnel on the obligations of data protection.
- Review periodically the policies and programs for the safety of the data to determine the required amendments.
- Incorporate an internal and external surveillance system, including audits, to verify the compliance of the data protection programs and policies.
- Establish procedures to receive and answer questions and complaints of the owners of the data.
The accountability principle goes further than just creating a series or policies and programs, it requires that the organization responsible for the treatment of the data can show evidence of concrete results of the correct treatment of the personal data in the AI projects.
- To design adequate governance schemes over the treatment of personal data in the entities who develop AI products.
It is recommended that the organization defines a structure with clear functions and responsibilities that guarantee a proper corporate governance for the respectful treatment of the norms related to the personal data protection regime and the rights of the owners of the data.
The main functions and responsibilities that must be set within the organization are the following:
-
- Develop risk management evaluations.
- Decide which decision-taking models will be used.
- Develop maintenance, monitoring and revision activities.
- Review the channels of communication with the users and consumers.
- To undertake measures to guarantee the principles of data protection in the AI Projects
Every person or organization responsible or in charge of the treatment of personal data must foresee adequate and efficient strategies to guarantee the compliance of the principles of treatment of personal data pursuant to the principles of the Standards for Data Protection for the Ibero-American States of the RIPD.
- To respect the rights of the owners and implement effective mechanisms so they can exercise them.
The organizations that create or use AI technologies must guarantee the following rights to the owners of the personal data:
It is specially important to talk about the right “not to be subject to automated individual decisions” when we talk about AI proyects. Thus, when talking about AI projects, it must be a possibility for the owners of the personal data to argue any decision related to the treatment of his/her personal data before a human being, and that it is not 100% in charge of algorithms or automated procedures.
Additionally, the RIPD’s Standards forbid that the automated decisions are discriminatory. Thus, developers of the AI proyects must foresee in their design all the mechanisms or options for the owners of the data to exercise their rights through simple, free, fast, and accesible means that allow them to access, rectify, cancell, opose or transfer their personal data.
- To ensure the quality of the data
One of the risks using AI is that the machine is biased due to the configuration of the algorithm and the quality of the information. To minimize the risk of bias and prevent the breach of the rights of the owners of the personal data, it is suggested that:
- The information used by the AI is true and precise.
- The organization carries a registration of the source of the data.
- The organization makes audits of the sets of data used in the creation of the algorithms used in the decision-making processes by the machine.
- Grant veracity scores to the sets of data used to train the machine during its creation.
- Regularly update the data.
- Have separate sets of data to train, prove, and validate the decision-making processes.
- To use anonymization tools
It is important to determine if it is strictly necessary that the information that will be used by the AI must be used or linked to a person. If it is not necessary it is recommended that the information is used anonymously, so the owner of the data is not identified. In this way, the anonymization will help in the mitigation of the risks of massive treatment of personal data in the AI projects and procedures.
- To increase the trust and transparency with the owners of the personal data
A transparent organization may increase the trust of the owners of the Data in it through:
-
- Keeping open communication channels with Data owners and disclosing its policy for the treatment of the personal data in AI procedures or products. It is important to use a simple language that a non-expert in AI may understand.
- Carrying out pilot tests to evaluate the decision-making model and correct any problem that may exist.
- Giving the option to the data owner, in certain cases, that its information is excluded from the data provided and studied by the machine in the development of the algorithms and patterns in the cases allowed by law.
- Implementing revision channels so the decisions taken by the machine may be revised by humans to ratify them or correct them.
CAUSE FOR DISOLUTION OF COMPANIES DUE TO NON-COMPLIANCE WITH THE HYPOTHESIS OF CONTINUING BUSINESS
By: Daniel Salazar López
The current political, social and economic crisis as a result of COVID-19 outbreak, led many companies and branches of foreign companies to enter into a cause for dissolution for losses or accumulated losses, some of them overcame the cause for dissolution while others had to be liquidated.
Until recently, in Colombia a company entered into a cause for dissolution when it had losses or accumulated losses which resulted in a decrease in equity below 50% of its subscribed capital. If this cause for dissolution was not solved within a 2 year period, the company had to be liquidated. Nevertheless, Law 2069 of 2021 (Entrepreneurship Law) eliminated this cause for dissolution and liquidation of companies in Colombia, and introduced a new cause for dissolution, the non-compliance with the hypothesis of continuing business. This is a step forward in corporate matters, since the cause of losses caused confusion, firstly taking into account that companies at the beginning of their economic activity generated high costs that prevented them from having profits at the end of the fiscal year, and therefore entering into grounds for dissolution; previously, at the closing of each fiscal year, the cause for dissolution was warned of and could be enervated within the established term, now it is imperative that the administrators of a company intervene more thoroughly on the hypothesis of continuing business.
The hypothesis of continuing business provides that provides that at the end of the fiscal year, a company must evaluate its financial statements to determine whether it has the capacity to continue operating. Therefore, when the highest corporate body analyses and evaluates the financial statements prepared under the hypothesis of continuing business, and it is observed that there is a detriment to the company’s assets and that this casts doubt on the continuity of the company’s continuing business[1], the company will be subject to dissolution.
If your company has an International Financial Reporting Standard (IFRS) accounting framework, the management under IFRS will assess the entity’s ability to continue with its businesses, which underlines the importance of preparing financial statements for the fiscal year 2020 in the current business environment. On the other hand, the companies that were subject to dissolution due to losses before the entry into force of Law 2069, such cause was suspended by virtue of Decrees 560 and 772 of 2020, while the companies are recovering in the midst of the crisis generated by COVID-19. It is worth mentioning that such suspension is extended to Law 2069 until the end of the term of such decrees, i.e., until April 2022.
In view of the foregoing, when the administrator notices in the financial statements of the fiscal year that the hypothesis of continuing business is not complied with, the administrator must summon the highest corporate body to inform in a documented manner such situation, so that the highest corporate organ of the company declares that the company has entered into dissolution grounds and therefore measures must be taken to continue with the business or to liquidate the company. It is important to highlight that when the company enters into a cause for dissolution, the administrators must abstain from carrying out new operations different from the ordinary course of business of the company. In case of non-compliance with the duty to inform the respective highest body by the administrator, the administrator shall be jointly and severally liable for the damages caused to the members of the Company or third parties. In assessing whether continuing business situation is appropriate, the management shall consider all available facts about the future, which shall cover at least, but not be limited to, the next twelve (12) months from the reporting date.
The following situations are considered as non-compliance with the continuing business hypothesis:
- Liquidity risk
- Legal claims of significant contingencies.
- Low quality condition of the company’s products or services.
- Termination of contracts with significant customer and suppliers.
- High consecutive borrowing to invest in long-term business.
- Financial losses due to failure to meet contractual payment obligations.
- Labor strikes that have a significant impact on the company´s result.
- If there are delay in the payment of liabilities with banks, payroll or dividends.
Thus, if the company has a history of profitable operations and it´s positive cash flow projections indicate appropriate access to financial resources, it can be concluded that the use of the hypothesis of continuing business is appropriate. Now, it is imperative to prepare the financial statements for the fiscal year, including the trial or periodic financial statements, and the concept issued by the accountant will become more relevant since the highest corporate body will determine the viability in the short and medium term (12 months), avoiding deterioration in the common pledge of the creditors and in the equity of the associates. If, on the contrary, there is an uncertainty in the operations of the ordinary course of business of the company, and it isn´t possible to cover it within the following twelve months, the cause of non-compliance with the hypothesis of continuing business is configured and the company must proceed with its dissolution and liquidation. The proposal of this new cause seeks to protect the contingencies derived from the state of emergency due to COVID-19.
[1] Consejo Técnico de la Contaduría Pública Radicado 2018-095, del 2 de febrero de 2018
Data Protection & Privacy
Autor: Daniel Peña Valenzuela
Editorial: European Lawyer
Categoría: Data Protection, European & EU Law
Año de Edición: 08 Nov 2016
Formato: Libro Impreso
Número de páginas: 1124
ISBN: 9780414057821
The number of jurisdictions with laws on data protection and privacy is still on the rise and the interest in the area of data protection and privacy has never been greater. The book aims to create a single starting point of reference for businesses, data protection officers, advisers and legal professionals involved in data protection and privacy. This third edition of Data Protection & Privacy – Jurisdictional Comparisons serves as an indispensable reference guide on the data protection and privacy laws in over 40 countries from six continents.
Written by expert local practitioners, with deep experience in the field of data protection and privacy, every chapter contains an overview of the key elements and principles of the data protection and privacy law framework in the relevant jurisdiction as well as the latest developments and trends. Because each chapter follows the same Q&A structure, readers can conduct quick comparisons between the various legal regimes.
Contents
1. Legislation
2. Data protection authority
3. Legal basis for data processing
4. Special rules
5. Data quality requirements
6. Outsourcing and due diligence
7. International data transfers
8. Information obligations
9. Rights of individuals
10. Security of data processing
11. Data protection impact assessments, audits and seals
12. Registration obligations
13. Data protection officer
14. Enforcement and sanctions
15. Remedies and liability
Jurisdictional coverage
1. Argentina – Marval, O’farrell & Mairal
2. Australia – Gilbert + Tobin
3. Austria – Preslmayr Rechtsanwälte Og
4. Belgium – Covington & Burling Llp
5. Brazil – Felsberg Advogados
6. Bulgaria – Djingov, Gouginski, Kyutchukov & Velichkov
7. Canada – Osler
8. Chile – Palma & Palma Abogados
9. Colombia – Peña Mancero Abogados
10. Costa Rica – Thompson Abogados
11. Czech Republic – Havel, Holásek & Partners S.R.O.
12. Denmark – Beck – Bruun
13. EU – Covington & Burling Llp
14. EU Institutions & Bodies – European Commission
15. Germany – Covington & Burling Llp
16. Hong Kong – Deacons
17. Hungary – Oppenheim Law Firm
18. India – Vaish Associates Advocates
19. Ireland – Mason Hayes Curran
20. Israel – Vigal Arnon & Co
21. Italy – NCTM
22. Japan – Atsumi & Sakai
23. Lithuania – Valiunas Ellex
24. Luxembourg – Arendt & Medernach SA
25. Malaysia – Christopher Lee Ong
26. Malta – GVTH Advocates
27. Mexico – Laurant Abogados
28. Morocco – Hajji & Associes
29. Netherlands – Vondst Advocaten
30. Poland – Soltysinski Kawecki & Szlezak
31. Portugal – Coelho Ribeiro E Associados
32. Romania – Nestor Nestor Diculescu Kingston Petersen
33. Singapore – Wongpartnership Llp
34. Slovakia – Havel, Holásek & Partners S.R.O
35. Slovenia – Rojs, Peljhan, Prelesnik & Partnerji
36. South Africa –Adams & Adams
37. South Africa – Lee & Ko
38. Spain – Garrigues
39. Sweden – Mannheimer Swartling Advokatbyrå Ab
40. Switzerland – Lenz & Staehelin
41. Taiwan – Lee And Li, Attorneys-At-Law
42. Turkey – Elig
43. Uae – Al Tamimi & Company
44. Uk – Covington & Burling Llp
45. Usa – Covington & Burling Llp
International Joint Ventures (2013)
GABRIELA MANCERO,
JOINT VENTURE IN COLOMBIA, PAGS 91-102,
OBRA: INTERNATIONAL JOINT VENTURES, A GUIDE OR U.S. LAWYERS (INTERNATIONAL JOINT VENTURES/MERGERS AND ACQUISITIONS COMMITTEE)
CHICAGO, AMERICAN BAR ASSOCIATION,
AÑO: 2013.
This publication is part of a series of works published by the international Mergers & Acquisitions Subcommittee to assist business lawyers in advising clients in international transactions. The focus of this publication is on bilateral joint ventures between US and overseas coventurers.
In providing a framework for considering issues particular to a jurisdiction’s legal system and culture, the Task Force has crafted a flexible but relatively uniform method of how to think about issues particular to international joint venture. The result is a reference work that is intended to serve as a starting point from which to map out effective agreements.