EU regulators beef up SCCs as temporary Privacy Shield alternative
The key data regulators that oversee the European Union’s strict privacy regulation agreed to a beefed up set of contractual terms to provide more clarity about the level of protection data transfers to countries outside the EU can enjoy.
SFO closes bribery probe into British American Tobacco
The U.K. Serious Fraud Office announced it has concluded without prosecution its investigation into British American Tobacco regarding whistleblower allegations of corruption in the conduct of business.
British Airways breach could cost billions in landmark class-action push
British Airways faces the largest group claim ever made in U.K. legal history over a 2018 data breach that exposed the financial and personal details of more than 400,000 of its customers.
CJEU opinion could further expose Big Tech under GDPR
Any European Union data protection authority should be allowed to pursue legal action against Big Tech firms over privacy issues, according to an opinion from the advocate general of the region’s top court.
German laptop retailer fined $12.7M under GDPR for employee surveillance
A German data regulator fined an online laptop and electronic goods retailer €10.4 million (U.S. $12.7 million) for video-monitoring employees for at least two years without legal basis.
U.K. tax authority fines MT Global record $32.4M for AML failures
MT Global Limited, a U.K.-based money transfer company, was hit with a record £23.8 million (U.S. $32.4 million) fine by the U.K.’s tax authority for violations of anti-money laundering regulations.
Five key points from the EU-U.K. Brexit trade deal
The Brexit trade deal agreed to by the European Union and United Kingdom details how all business between the two markets will be transacted from now on. Neil Hodge examines five key areas of the deal.
Report: Fines against financial institutions hit $10.4B in 2020
Financial institutions have been hit with $10.4 billion in global fines and penalties related to AML, KYC, data privacy, and MiFID regulations in 2020, according to a recent Fenergo report.
GDPR priorities for 2021: Twitter ruling stresses need for harmonization
European data protection authorities need to speed up their decision-making processes—especially with regard to cross-border complaints—before regulators lose patience and find legal means to mete out penalties under national laws instead of the GDPR.
CPE Webcast: Schrems II: The end of the EU-U.S. Privacy Shield
The invalidation of the EU-U.S. Privacy Shield has many U.S. companies wondering if they will ever be able to take possession of EU data again.
Charles Schwab U.K. fined $12M for failing to protect client assets
The U.K. Financial Conduct Authority fined Charles Schwab U.K. approximately £9 million (U.S. $12 million) for compliance failures related to the protection of client assets.
OFAC closes investigation into Danske Estonia case
Danske Bank received a no-action letter from the U.S. Department of the Treasury’s Office of Foreign Assets Control regarding an investigation at the bank’s infamous Estonian branch.
U.K. court upholds insider trading charges against former UBS compliance officer
A U.K. appeals court upheld five insider trading convictions against a former senior compliance officer at investment bank UBS.
Video: Twitter GDPR fine too little or just right?
Aaron Nicodemus and Dave Lefort debate whether the Irish Data Protection Commission’s €450,000 (U.S. $547,000) fine against Twitter under the GDPR is an appropriate figure or way too small for the social media company.
Barclays fined $34.8M over treatment of cash-strapped customers
The U.K. Financial Conduct Authority fined Barclays Bank and its related units £26 million (U.S. $34.8 million) for poor treatment of consumer credit customers experiencing financial hardship.
Twitter’s tiny $547K GDPR fine leaves many scratching their heads
Ireland’s first major decision against a Big Tech company under the GDPR has stirred controversy as the country’s data regulator hit Twitter with an underwhelming €450,000 (U.S. $547,000) fine for a 2018 data breach.
Facebook reserves $366M for expected GDPR fines in Ireland
Facebook Ireland has set aside €302 million (U.S. $366 million) for possible fines from the Irish Data Protection Commission for violations of the General Data Protection Regulation.
France sidesteps GDPR in fining Google, Amazon $163M combined
Data privacy watchdog CNIL utilized the French Data Protection Act in fining Google and Amazon a combined €135 million (U.S. $163 million) for illegal cookie practices, sidestepping the “one-stop shop” provision of the GDPR.
Reports: Ex-EY partner steps aside as Deutsche exec amid Wirecard probe
A former EY partner is reportedly relinquishing his position as Deutsche Bank’s head of accounting temporarily after German prosecutors launched an investigation into his role as a lead auditor for Wirecard.
UBS chief facing investigation in ING money laundering case
A Dutch court has ordered a criminal investigation into UBS CEO Ralph Hamers for his role in the ING money laundering scandal that occurred during his tenure as the latter financial institution’s leader.
Five challenges for European CCOs heading into 2021
Many of the problems European compliance officers faced in 2020 will remain in place going into the new year, but new risks and new regulations will also present new challenges.
Companies should create ‘Ombuds’ function to meet EU whistleblower rules
The creation of an independent, competent “Ombuds” function could be used by companies to respond to certain key requirements in the EU’s Whistleblower Protection Directive.
U.K. firm BlueCrest fined $170M for violating U.S. securities laws
U.K.-based investment fund BlueCrest Capital Management has agreed to pay $170 million as part of a settlement with the SEC for allegedly violating anti-fraud provisions of U.S. securities laws.
Norway’s DNB facing potential $45M AML fine
DNB ASA, Norway’s largest financial services group, is facing a potential fine of NOK 400 million (U.S. $45.4 million) for inadequate compliance with the Norwegian Anti-Money Laundering Act.
Report shows Big Four stranglehold in U.K. near unavoidable
A review by the U.K. Financial Reporting Council found large companies will instinctively hire a Big Four firm as auditor, despite efforts by the regulator to break their dominance and open up the country’s audit market to smaller competitors.
U.K. corporate watchdog rips company reporting as ‘box-ticking exercise’
Not for the first time, the U.K.’s corporate governance regulator has said it is disappointed to see company reporting “does not demonstrate the high quality of governance” it expects.
SBM Offshore FCPA case ends, Swiss investigation begins
SBM Offshore confirmed it has reached the end of its three-year deferred prosecution agreement with the Department of Justice for FCPA violations, but the oil and gas services company is now facing a fresh corruption investigation from Swiss enforcement authorities.
Trio of U.K. fines expose third-party risks under GDPR
Recent GDPR fines against British Airways, Marriott, and Ticketmaster by the U.K. Information Commissioner’s Office each saw the regulator dismiss claims by the companies that third parties were primarily responsible for the data breaches in question.
Lookers discloses $60.5M loss following accounting fraud probe
After delaying for eight months its 2019 audited financial statements, U.K. car dealership chain Lookers has disclosed a £45.5 million (U.S. $60.5 million) loss following discovery of accounting fraud by a former employee.
Vodafone Italy fined $14.5M under GDPR for telemarketing tactics
The Italian arm of multinational telecommunications company Vodafone is facing a fine of more than €12.25 million (U.S. $14.5 million) under the General Data Protection Regulation for aggressive telemarketing practices.
Biden will tread carefully on sanctions, seek international consensus, experts say
Experts believe President-elect Joe Biden will likely take his time before making big moves to unwind the dizzying array of sanctions levied by his predecessor, President Donald Trump.
Crackdown on culture part of widespread regulatory push
A recent ruling by the U.K. Financial Conduct Authority to ban three individuals from the financial services industry for out-of-work misconduct is part of a broader push by regulators to crack down on matters related to culture, writes Martin Woods.
WhatsApp Ireland reserves $91.8M for potential GDPR fine
The Irish arm of WhatsApp has set aside $91.8 million for possible administrative fines arising from long-standing investigations by Ireland’s data regulator into the way the messaging platform shares data with Facebook.
Cryptocurrency’s future: What compliance needs to know
Cryptocurrency is complicated, but it’s not going away anytime soon. David Povey of the ICA takes a look at what regulators are trying to do and offers tips on where compliance officers can go to study this complex topic further.
German court cuts 1 & 1 Telecom GDPR fine by 90 percent
Continuing a recent trend of massive fine reductions under the General Data Protection Regulation, 1 & 1 Telecom in Germany had its €9.55 million penalty issued last year reduced to €900,000 (U.S. $1.06 million) by a German court.
U.K. eyes history with climate change disclosure plan package
Financial services firms in the United Kingdom must soon begin reporting what material financial impact they experience from climate change under a new disclosure mandate that is the first of its kind in the world.
Ticketmaster UK fined $1.6M under GDPR for 2018 data breach
The U.K. Information Commissioner’s Office fined Ticketmaster £1.25 million (U.S. $1.6 million) for its failures relating to a 2018 data breach by a third party.
Volkswagen CCO Kurt Michels: Tips for surviving a monitorship
Fresh off his company’s compliance monitorship, Volkswagen CCO Kurt Michels shares ways to cultivate a trustful relationship with a monitor; finesse a company’s cultural makeover; and reestablish credibility in the wake of criminal behavior.
Guidance for safe data transfers post-Privacy Shield
The European Data Protection Board has issued guidance to help companies transfer data to the United States and other third countries safely after Europe’s top court in July ruled key methods used up until then were either invalid or unsafe.
U.K. watchdog seeks disclosures on COVID-19, climate change
COVID-19 and its impact on operations and the bottom line tops the Financial Reporting Council’s list of what it wants to see in company reports for 2021.
BA, Marriott fine reductions latest wrench in GDPR enforcement harmony
Lack of clarity on fines has dogged the GDPR since it took effect in May 2018, and the recent dramatic penalty reductions handed down by the U.K. in the cases of British Airways and Marriott certainly won’t help.
Julius Baer reserves $80M for FIFA corruption settlement
Julius Baer has set aside nearly $80 million in a proposed settlement with the Department of Justice regarding the agency’s corruption investigation linked to world soccer federation FIFA.
VW integrity chief: Culture has changed … and we have stress test to prove it
In a Q&A with Compliance Week, Volkswagen integrity chief Hiltrud Werner said that while compliance efforts “never have a finish line,” the company has made great strides since Dieselgate.
Bombardier cooperating with SFO corruption investigation
The U.K. Serious Fraud Office is investigating plane maker Bombardier over suspected bribery and corruption in relation to contracts and orders from Indonesian airline carrier Garuda Indonesia.
ESMA review slams German authorities’ supervision of Wirecard
A damning report by the EU’s securities markets regulator found numerous shortcomings in German authorities’ supervision of Wirecard’s financial reporting leading up to its collapse surrounding a $2 billion accounting scandal.
Working together to stop money laundering: A conversation with Marcus Pleyer
Dr. Marcus Pleyer, president of the Financial Action Task Force, emphasized his commitment to stopping money laundering in a wide-ranging and forward-looking discussion at the ICA’s BIG Compliance Festival.
Manchester Arena tragedy offers stark lesson in training importance
As the public inquiry into the Manchester Arena bombing of 2017 plays out in the United Kingdom, lessons can be gleaned on the importance of providing thorough and complete training to employees in all fields.
CCO Philippe Vollot has a plan for Danske’s compliance reboot
Danske Bank CCO Philippe Vollot knows his journey to build a robust compliance program and culture at the troubled lender is far from over.
In second drastic reduction, ICO fines Marriott $23.8M
The Marriott GDPR fine handed down by the U.K. Information Commissioner’s Office is less than 20 percent of the original number the regulator proposed, the second time this month such a drastic reduction has taken place.
Airline Services Ltd to pay $3.9M, agrees to DPA in bribery case
The U.K.’s Serious Fraud Office has levied penalties worth nearly £3 million (U.S. $3.9 million) against defunct aircraft refurbishing company Airline Services Limited for violating the country’s anti-bribery laws.