Top 10 Global Compliance Trends to Watch in 2014

Expect 2014 to be a busy year, full of regulatory and enforcement developments in the European Union, China, South America, and elsewhere that will have a big effect on U.S. companies.

A new European Parliament will be elected in May with a new European Commission appointed in October. Politicians, regulators, and Eurocrats will be in a rush to see their pet projects finalized before they have to let go of power, including a new data privacy regime that is likely to change the way any company that does business in Europe collects and handles consumer information.

Meanwhile, China is beginning to flex its enforcement muscle, coming down on companies for bribery and corruption, financial fraud, and antitrust violations. Other countries, including Brazil, Russia, and Canada, have also enacted stricter anti-corruption laws.

Here are 10 developments to watch on the global compliance front in the coming year.

1. Data Privacy: Europe decides

Europe's new data privacy regime has been in the pipeline for a while. In 2014 the EU will likely end the horse trading and finalize its plans, otherwise the election of a new European Parliament in May will force it back to square one. In the rush to the finish line, many U.S. companies will be hoping that Europe doesn't over-regulate in this area, but the continued fallout from the Edward Snowden leaks about U.S. government surveillance of European citizens hardly helps their case. Even the future of the bilateral U.S.-European safe harbor program, which has traditionally given U.S. companies preferential status when it comes to data privacy rules, is in doubt. By year's end, Europe's data laws are likely to look very different from those in place today and are likely to change how all companies that do business in Europe collect, store, and process customer and employee information.

As more countries around the globe introduce data privacy rules based on the new European model, the international transfer of personal data has become a real trap for the unwary, says Nicholas Thomas, a partner in law firm Morgan Lewis. During 2014, “many of the world's biggest companies with substantial operations within and outside of the European Union need to re-examine their existing processes and look to put in place broader and more far-reaching policies to ensure compliance with even the most aggressive data privacy regimes,” he says.

2. Bribery Act enforcement?

Will the next 12 months bring us the first significant prosecution under Britain's Bribery Act?  We asked the same question last year, and the answer turned out to be no. Through 2013 the Serious Fraud Office said it had several cases in progress. But none came to court. Then at the end of the year the SFO was hit by yet another high-profile courtroom humiliation. The trial of a £40 million ($65 million) bribery case against businessman Victor Dahdaleh collapsed after a key witness changed his evidence and two U.S. lawyers crucial to the case refused to testify.

3. China flexes its enforcement muscle

Chinese regulators are paying closer attention to pricing practices across several industries over the last few months, indicating that the government is ramping up antitrust enforcement heading into 2014. From pharmaceuticals to food packaging and consumer products, no industry appears out of the reach of China's evolving antitrust regime. “Multinational companies might have felt that, for a while, they were not really exposed to these kinds of price-related antitrust risks,” says Peter Wang, partner-in-charge of Jones Day's antitrust practice in China. “Clearly, that's no longer the case.”

China's anti-bribery enforcement has also grown significantly stronger over the last year and will likely increase into 2014, forcing U.S. companies that operate there to consider not just compliance with the U.S. Foreign Corrupt Practices Act, but local Chinese anti-bribery laws. “Businesses seem to be recognizing, rightly so, a culture of greater enforcement by China on anti-bribery and corruption issues,” says Randy Stephens, vice president of Advisory Services at NAVEX Global.

“Our findings suggest that there is a risk that many could find themselves on the back foot if they do not start planning their transparent tax strategy soon.”

—Charlotte Rushton,

Managing Director EMEA,

Thomson Reuters

4. Europe gets tough on anti-trustEurope's current  competition commissioner, Joaquín Almunia, will be replaced in May. Could we see a flurry of antitrust decisions as he cleans his desk for his successor? Nicole Kar, a partner at law firm Linklaters, think so. Hot topics include the long-anticipated settlement of a case against Google, which has been in arbitration for three years. Kar also thinks the European Commission will test the boundaries of antitrust law through 2014 with more aggressive enforcement in the legal “grey zone.” Companies at risk of action include those that exchange information, signal price changes, and distort market benchmarks. The Commission has also started trying to push corporate liability to the minority shareholder level. “These trends will continue to present compliance challenges for in-house legal and compliance teams,” says Kar.

5. A busy year for cartel and patent cases

2013 was a mild, if not timid, year for European cartel enforcement, adds Kar, but she expects “a number of significant fines at unprecedented levels” through 2014. “We understand there to be at least 20 cartel investigations ongoing in a wide range of sectors—from sugar to seatbelts and from envelopes to smart card chips. 2014 is likely to see some progress in those cases and decisions adopted in some of the longer outstanding investigations.” Kar also expects Europe's “patent wars” to only intensify in 2014. The IT sector will remain a fierce battlefield, with cases involving Apple, Microsoft, Motorola, Google, and Nokia.

   >> Subscribe | Try a risk-free 10-day trial subscription to Compliance Week and enjoy a host of benefits.

6. Private damages actions: swifter justice

2014 looks set to be the breakthrough year in which European legislation is finally adopted to harmonize damages in antitrust actions. If political progress can be reached in the European Parliament and skeptical national governments can be convinced, the “Actions for Damages” directive could be adopted before the European parliamentary elections in May. The proposed aim is to remove national rules that, in effect, stop all but the most determined victims of EU competition law infringements from getting compensation. The changes have been eight years in the pipeline. The wait could soon be over.

MAIN OBJECTIVES

Below are the main objectives of the European Union's REMIT and EMIR legislation.

REMIT introduces a sector-specific legal framework for the monitoring of wholesale energy markets. The objective is to detect and to deter market manipulation. For the first time, energy trading will be screened at EU level to uncover abuses.

Market integrity and transparency are essential for well-functioning energy markets and for promoting the confidence of market participants and final consumers.

Once REMIT is fully implemented, ACER will

be responsible for collecting and analysing wholesale markets and other relevant data to identify possible instances of market abuse.

will notify the concerned National Regulatory Authorities (NRAs).After an initial assessment and when there is ground to believe that abusive behaviour has actually occurred.

National authorities in Member States will have to carry out investigations and put in place penalties to help to stop and to prevent market manipulation.

This is a complex and delicate task because it deals with complex traded products and markets and, because monitoring should be conducted in a vigilant manner without however unduly interfering with the working of energy markets.

Source: ACER.

EMIR's main obligations are:

Central Clearing for certain classes of OTC derivatives;

Application of risk mitigation techniques for non-centrally cleared OTC derivatives;

Reporting to trade repositories;

Application of organizational, conduct of business and prudential requirements for CCPs;

Application of requirements for Trade repositories, including the duty to make certain data available to the public and relevant authorities.

Source: ESMA.

7. Global tax transparency: got a strategy?The G20 governments have promised to make companies in their jurisdictions provide open and clear financial data by the end of 2015, as part of a global clampdown on tax avoidance. Few companies are prepared. A study by Thomson Reuters found that only 35 percent of global companies are planning to be more transparent on tax. “Tax authorities around the world are becoming more aggressive and focused, in turn increasing disclosure and transparency requirements on the business community,” says Thomson Reuter's Charlotte Rushton. “Our findings suggest that there is a risk that many could find themselves on the back foot if they do not start planning their transparent tax strategy soon.”

8. Payment card questionsThe international standard that governs how companies should keep payment card information safe changes in 2014.  Compliance with the new Payment Card Industry Standard (PCI DSS 3.0) is mandatory for companies that store, process, or transmit cardholder data from the start of 2015. “E-commerce merchants will face the biggest changes, since the new standard states that anything that impacts the security of these environments, even if they do not store, process, or transmit cardholder data, will be in scope for PCI DSS 3.0,” says Michael Aminzade of Trustwave, an information security company. “This means merchants, including those who have been redirecting the processing of payments, will have to implement policy and procedural controls as well as security technologies that will help prevent their customers' card-holder data from ending up in the wrong hands.”

9. Energy-sapping regulationThe European Union's slow and faltering rollout of two regimes to regulate the energy sector should finally gain pace through 2014. REMIT (Regulation on Energy Market Integrity and Transparency and EMIR (European Market Infrastructure Regulation) create new data collection and reporting requirements for companies involved in Europe's wholesale energy markets. Companies will likely have to invest in new information systems to cope. “Compliance executives need to be seriously concerned,” says Steven Ferrigno of the Allegro Development Corp., a software company. “If your company trades in energy commodities or operates a hedging strategy to mitigate fuel or energy-related costs, either of these shifting sets of rules could bog you down for the foreseeable future.”

10. Bank audit under fireThe big audit firms are likely to come under fire again next year when the U.K. Financial Reporting Council takes another look at their auditing of banks and building societies. In December the regulator said it would investigate how audits in this area are performed so it could identify “why progress in improving their quality has been slow and what needs to be done to achieve necessary improvements.” The review will start in the second quarter with a formal report due by the end of the year. FRC chairman Sarah Hogg said she wanted to see “a genuine step change” in the quality of audit work.