July 13, 2021
Business Risk

Starting a business can be hectic – hopefully this legal checklist for startups will help you avoid falling into the kinds of traps that we often see businesses falling into before they come to us for advice.

Ideally you want to have all of the following in place as soon as possible:

  • Customer contracts
  • Supplier contracts
  • Staff contracts
  • Data protection compliance
  • Licence to occupy / lease
  • Shareholder agreement
  • Legal notices / policies
  • Insurance
  • Tax
  • Companies House
  • Other

Customer Contracts

If you do not have proper contracts in place with your customers then there’s a high risk that sooner or later there will be a problem. If the goods or services that you are supplying are low priced or if you take payment in advance then the risk of non-payment for those goods or services shouldn’t hurt you as long as non-payment only happens rarely. However, a contract is not just there to protect you from non-payment. If your contract isn’t clear on things like when it starts, how it ends and what the goods or services are that you are delivering then you run the risk of having time-consuming arguments with your customers about what the true position is or worse, they sue you. Other clauses can be very important as well such as clauses limiting your liability and ownership / licensing of intellectual property rights. If you don’t protect yourself properly in your contracts you are not just running the risk of being sued or losing your rights, you are running a business that investors won’t find attractive. Check out our blog here about what you should look out for in a contract.

Supplier Contracts

More often than not you will need to contract on your suppliers’ terms and conditions of business. The previous section refers to the kinds of things you need to look out for. If you can’t navigate your way around a contract then find someone who can help you if you are going to enter into a contract with a supplier that is important or high value. If you are having something crucial like software being built for you then you should get the contract checked but above all you should read what is put in front of you. Do not assume that the agreement will be fair or that because it is for a basic service it won’t contain “nasties”. It happens less so now thanks to paper being less prevalent in offices but in the past, many businesses fell foul of office photocopier contracts that tied them in to paying for support charges for 5 years or more.

Staff Contracts

You need to have appropriate contracts in place with your employees because it is a legal requirement. You should be able to source basic contracts at low cost. Basic contracts should cover you for an employee who, if they leave, is not going to hurt your business by working for a competitor or by taking confidential information such as client lists or intellectual property out of the business. However, if your business could be damaged in these scenarios, then ensure that your contracts are drafted by an employment lawyer who will include appropriate provisions to make it easier for you to take action against a departing or rouge employee. In practice, having properly drafted clauses restricting what a departing employee can and can’t do often prevents the mischief occurring in the first place.

Although there is no legal requirement to have a written contract in place with a consultant, the usual reasons for having written contracts in place with any supplier apply – clarity being one of them. Also, if your consultant is going to create anything for you, for example, software, reports, designs – i.e. things that contain intellectual property rights – then if you don’t include appropriate written clauses, the consultant will be the owner of those things that they are creating for you and your business will have limited rights to use them.

In addition to your employment contracts you should consider having a staff handbook drafted. The staff handbook contains your policies about behaviour and standards as well as disciplinary and grievance procedures. It makes things a lot easier to deal with if there is an issue with an employee down the line. If you are a high growth start up then you should put a staff handbook in place from the outset.

Finally, it’s a legal requirement to offer your employees a pension so make sure you understand what you need to do in this regard.

Data Protection Compliance

Firstly, you need to register your business with the Information Commissioner’s Office and pay their fee.

All businesses need to comply with the retained EU law version of the General Data Protection Regulation ((EU)2016/679), called the UK GDPR along with the Data Protection Act 2018 (DPA 2018), and if using such data to market to customers, then the Privacy and Electronic Communications Regulations (PECR).

To comply with data protection laws you need to understand them and how they impact your business and then put appropriate policies and notices in place. It can be expensive getting professional advice but it will save you a lot of time because data protection compliance is complex and, in our experience, it is unlikely that you are going to get things right if you don’t seek professional help. If you are processing “special category data” i.e.

  • personal data revealing racial or ethnic origin;
  • personal data revealing political opinions;
  • personal data revealing religious or philosophical beliefs;
  • personal data revealing trade union membership;
  • genetic data;
  • biometric data (where used for identification purposes);
  • data concerning health;
  • data concerning a person’s sex life; or
  • data concerning a person’s sexual orientation

then we highly recommend you obtain expert advice from the outset because the ICO is more likely to come down hard on an organisation that gets things wrong when they are processing this kind of data.

If you want to send marketing communications to your customers or potential customers then it is important to get your opt-in / opt-out messaging correct and to comply with PECR. Again, either follow online guidance or have an expert advise you.

Licence To Occupy / Lease

Most start-ups nowadays don’t take on the commitment of a lease, opting instead to use a serviced office on a 12 month licence to occupy. If you are going to sign up to a licence to occupy then make sure you have read and understood the terms. You must be clear on what payments your business will be liable for, looking out for those hidden extras. The other really important clauses are those around termination. Look out for a clause that says the licence will automatically renew for another 12 months unless appropriate notice to terminate is given by you. So many businesses miss this and then find themselves tied in for another 12 months.

If you are going to enter into a lease then get the lease checked by a lawyer who specialises in this area because leases often contain traps for the unwary. You are not going to spot the issues unless you are an expert and getting this wrong can be very costly.

Shareholders Agreement

If you have set up a company with someone else you should put a shareholders agreement in place, especially if you hold a minority of the shares. You don’t have to have one – you can rely on the articles of association of your company and company law to protect you and regulate how things are done in the company. But if you don’t have a shareholders agreement in place it makes things much harder to deal with if you fall out with the other shareholders. You probably will fall out at some point and we see this all the time – businesses coming to us for help because the shareholders can’t agree on how to do things. We have to try and resolve things often with another lawyer on the other side of the table and it ends up costing the business dearly when it wouldn’t have been the case if a shareholders agreement had been in place.

Legal Notices / Policies

Your website should be displaying a privacy notice and, if it is using cookies, a cookie notice. Other website notices such as acceptable use and website terms of use policies aren’t essential but they are very low cost to obtain, give you some protection and make you look the part.

If your business employs five or more people you must have a written health and safety policy.

Although not mandatory, you should put an equal opportunities policy in place. If you don’t then this can count against you if an employee claims discrimination.

If there is any risk at all of someone in your business or supply chain bribing another person then you should have an anti-corruption and bribery policy in place. If you don’t then it’s unlikely that you will be able to demonstrate that your company had adequate procedures in place to prevent bribery and criminal sanctions may be applied.


If your business has staff you need to have employer’s liability cover in place – it’s a legal requirement.

Depending on the industry you are in, your regulator may require you to have other types of insurance in place such as professional indemnity insurance.


You must register your business with HMRC and pay tax. Engage an accountant for this.

Companies House

If you have set up a company in England & Wales then you must ensure that your filings are up-to-date at Companies House. Register for “Companies House Webfiling” so you or whoever you have outsourced to can make filings online.


You should consider whether anti-bribery compliance is necessary for you. You can read more about this here and we have done a blog about the Bribery Act here. If you are providing services to the public sector, in an industry where bribery is medium risk or above (e.g. the construction sector) or working in jurisdictions where the corruption perception is medium risk or above you should put a compliance programme in place from the outset – having an anti-bribery policy is not enough.

If your business activities are regulated, you will need to register with and obtain the relevant consents from those regulators.

You should also consider:

Having a non-disclosure agreement ready to send to individuals / other businesses. It’s unlikely you will find investors right at the beginning but if you have built an exciting product then you may be able to find investment rapidly and you should put an NDA in place with potential investors before you start discussions.

Protecting your trademark. If you can live with changing your brand name if someone else comes along with the same or similar name then not to worry. If you can’t then register your trademark asap.

Final Thoughts

Hopefully you will find this legal checklist for startups useful. It’s very much a guide and you should do your research or ask for help around compliance issues specific to your industry. Good luck with your business and if we can be of any help please get in touch.