Facebook facing 10th GDPR probe over data leak
The Irish Data Protection Commission has launched an inquiry into Facebook over concerns the social media giant may not have properly disclosed the full extent of its recent data leak.
SFO launches fraud investigation into Buy2Let Cars owner
The U.K. Serious Fraud Office announced a fraud investigation into car leaser Buy2Let Cars and several other companies operated by Raedex Consortium. Further details are expected next month.
Facebook’s new leak: Assessing its liability under the GDPR
Old personal data of more than 533 million Facebook users was recently made publicly available on a hacker forum. Could the social media giant face a new investigation under the GDPR in response?
Irish DPC seeking answers on Facebook breach
The Irish Data Protection Commission has reached out to Facebook seeking to determine whether the social media giant’s weekend data breach should receive scrutiny under the General Data Protection Regulation.
Italian DPA fines Fastweb $5.3M under GDPR for aggressive telemarketing
The Italian Data Protection Authority announced a fine of €4.5 million (U.S. $5.3 million) against telecommunications company Fastweb for misusing customer data for telemarketing purposes.
Credit Suisse compliance chief steps down in Archegos collapse aftermath
Credit Suisse Chief Risk and Compliance Officer Lara Warner has stepped down from her role and left the company following the bank’s loss of an estimated $4.7 billion due to the meltdown of hedge fund Archegos Capital Management.
Booking.com fined $557K under GDPR for reporting data breach late
Online reservation Website Booking.com has been fined €475,000 (U.S. $557,000) by the Dutch Data Protection Authority for reporting a data breach 22 days later than the 72 hours required under the GDPR.
U.K. AML update: New obligations for cryptocurrency firms
Mark Steward, executive director of enforcement and market oversight at the U.K. Financial Conduct Authority, recently shared insights into the agency’s pipeline of AML investigations and what lies ahead for regulated firms.
How might U.K. mandate for audit to find fraud work in practice?
Experts weigh in on the hurdles to be overcome and clarifications needed if U.K. auditors are going to be mandated to detect and prevent fraud as spelled out in new proposals.
Moody’s fined $4.4M for European conflict-of-interest violations
Five European subsidiaries of Moody’s Corp. have been fined a total of €3.7 million (U.S. $4.4 million) by the European Securities and Markets Authority for violating conflict-of-interest rules.
Deutsche Bank restructures compliance amid leadership overhaul
Deutsche Bank announced a series of changes to its management board, including the upcoming departure of Chief Risk Officer Stuart Lewis and transition of compliance responsibilities to Chief Administrative Officer Stefan Simon.
Volkswagen to seek damages from former CEOs over Dieselgate
Volkswagen’s supervisory board has accused former CEOs Martin Winterkorn (Volkswagen) and Rupert Stadler (Audi) of negligent breaches of duty during the diesel scandal.
Local laws proving to be roadblocks for GDPR harmonization
Recent cases in Germany, France, and Austria underscore the difficulty of getting EU members on the same page regarding GDPR enforcement—particularly when other local laws take priority.
Popular Clubhouse app being probed for GDPR violations
France’s data privacy watchdog adds to a growing list of regulators that have launched investigations into Alpha Exploration, the publisher of the Clubhouse application, regarding measures it has taken (or not taken) to comply with the GDPR.
SFO closes bribery investigation into KBR’s U.K. subsidiaries
The Serious Fraud Office announced it closed its bribery and corruption investigation into the activities of KBR’s British subsidiaries and employees, weeks after the U.K. Supreme Court unanimously ruled the agency breached its authority in the case.
Italian court acquits Eni, Shell of corruption charges
An Italian court acquitted oil companies Royal Dutch Shell and Eni and a group of current and former executives of corruption charges surrounding a widespread bribery scheme to acquire oil exploration rights in Nigeria.
U.K. government proposals spell out Big Four breakup, new audit responsibilities
The U.K. government has unveiled proposals designed to end the Big Four accounting firms’ dominance of the region’s audit market while also making companies and executives more directly accountable—and liable—for failures in corporate reporting.
ABN AMRO facing new charges in money laundering probe
ABN AMRO is facing new charges from Dutch prosecutors that imply the bank is suspected of knowing of money laundering activities perpetrated by its customers without intervening.
John Wood Group earmarks $197M for global bribery settlement
Scotland-based multienergy services company John Wood Group is in “advanced stage” settlement talks with authorities in the United States, the United Kingdom, and Brazil regarding legacy bribery and corruption investigations.
U.S., U.K. enforcement heads praise coordination in corruption cases
Daniel Kahn of the U.S. Department of Justice and Lisa Osofsky of the U.K. Serious Fraud Office discuss how enforcement agencies expect closer cooperation through 2021 in the global fight against bribery and corruption.
Vodafone Spain fined record $9.72M for data protection failures
Vodafone Spain has been fined €8.15 million (U.S. $9.72 million) for aggressive telemarketing tactics and other data protection failures under the GDPR. The penalty is the highest the Spanish Data Protection Agency has handed out.
U.K. sanctions body signals tougher enforcement with new guidance
Revised guidance by the U.K. Office of Financial Sanctions Implementation suggests the agency might be strengthening its current enforcement stance as it pertains to breaches of financial sanctions.
FRC to investigate Deloitte over Lookers’ audits
The U.K. Financial Reporting Council has commenced an investigation into Deloitte over its audit work of car dealership chain Lookers.
GDPR fines by industry: Telecoms far outpace Big Tech
Since the GDPR came into force in 2018, Big Tech firms have not been on the receiving end of fines as frequently as expected. Meanwhile, other industries have shown to be more prone to data privacy violations, namely telecommunications.
‘An invaluable asset’: Participants praise opportunity for feedback via GDPR sandboxes
Regulatory sandboxes launched by EU data protection authorities provide firms the opportunity to collaborate and make use of the regulator’s expertise to reduce GDPR compliance risks.
GDPR dealt blow as German court drops $17.2M Deutsche Wohnen fine
A €14.5 million (U.S. $17.2 million) fine against Deutsche Wohnen has been dropped after a German court found under German law the company could not be held responsible for violating the GDPR unless blame could be attached to a specific individual or executive.
FCA confirms Dec. 31 end date for LIBOR
The U.K. Financial Conduct Authority put the nail in the coffin of LIBOR, confirming the widely used benchmark interest rate will cease to be available in most forms at the end of this year.
Video: Google ad change a boon for privacy; red flags apparent in Greensill downfall
Aaron Nicodemus acknowledges Google’s decision to stop selling ads based on user browsing history as a good first step, while Kyle Brasseur laments apparent red flags ignored in the seemingly impending collapse of Greensill Capital.
Ireland GDPR report: Big fines coming soon for Big Tech?
Ireland’s data regulator has 27 ongoing cross-border inquiries into Big Tech firms, according to its latest annual report. It expects several cases to be resolved in the coming year.
EY Germany changes leadership in wake of Wirecard scandal
Hubert Barth, head of EY’s Germany practice for the past five years, will step down and take on a “new role at the European level” as the firm seeks to restore its tarnished reputation following its missteps leading up to the collapse of Wirecard.
HSBC promotes group compliance chief to executive role
HSBC announced the promotion of Group Chief Compliance Officer Colin Bell to CEO of HSBC Europe and HSBC Bank amid a flurry of senior management changes.
EDPS opinion puts targeted advertising in crosshairs
The EU’s chief data regulator says planned regulations to oversee the tech sector should be tightened further to ban targeted advertising based on tracking online activity—an opinion that could prompt Big Tech and adtech firms to lobby hard against the changes.
Northern Ireland turns up heat on modern slavery transparency
Northern Ireland Justice Minister Naomi Long has launched two consultation documents on measures to eradicate modern slavery from the supply chains of public- and commercial-sector organizations.
Facebook fined $8.4M for data collection practices in Italy
Facebook has been fined €7 million (U.S. $8.4 million) by Italy’s antitrust regulator for failing to address issues related to its personal data collection practices.
TikTok faces more backlash, now from EU consumer group
TikTok has come under the scrutiny of European consumer advocacy organization BEUC, which is urging authorities to put an end to the video sharing platform’s abuse of EU users’ rights—especially those of children.
KPMG UK chair resigns over controversial pandemic remarks
KPMG UK Chairman Bill Michael has resigned after controversial remarks he made about the coronavirus pandemic during a virtual town hall meeting offended several employees and were subsequently made public.
James Freis did the right thing at Wirecard … but why didn’t anyone else?
At the end of the sorry Wirecard saga, James Freis may be one of the very few former senior employees who can hold his head high, writes Martin Woods.
Companies not reporting ESG initiatives are in the minority
Several reports highlight the growing trend of companies recognizing the value of aligning their business models with ESG concerns, acceding to the demands of shareholders, activists, the market, and the public.
U.K.’s SFO slapped down over attempts to flout jurisdiction rules
In another blow to the agency’s credibility, the U.K.’s Serious Fraud Office cannot attempt to force foreign companies to hand over evidence held overseas, according to a recent court ruling.
Europe handcuffed by current corporate liability laws; is change coming?
European countries have begun to question whether their laws around corporate liability need to be reformed. However, change may not be as rapid as first thought.
More Wirecard fallout: Top brass out at German finance regulator
Continuing fallout from the Wirecard scandal has led Germany’s finance minister to oust the top two officials at the country’s financial regulator, the Federal Financial Supervisory Authority (BaFin).
Spain, Italy setting new standard for GDPR enforcement
While big fines against big companies make headlines, Spain and Italy have flown under the radar as two of the most frequent enforcers of the GDPR, instead primarily focusing on smaller penalties. Might other countries follow suit?
Norwegian DPA warns Grindr of $11.7M GDPR fine
Norway’s data privacy watchdog issued gay dating app Grindr with a notice of intention to fine it NOK 100 million (U.S. $11.7 million) for sharing personal data with third parties without users’ consent.
Spanish DPA fines CaixaBank record $7.3M under GDPR
Spain’s data protection authority recently fined CaixaBank €6 million (U.S. $7.3 million) for misuse of customer data, the largest GDPR fine the country has handed out.
EU regulators beef up SCCs as temporary Privacy Shield alternative
The key data regulators that oversee the European Union’s strict privacy regulation agreed to a beefed up set of contractual terms to provide more clarity about the level of protection data transfers to countries outside the EU can enjoy.
SFO closes bribery probe into British American Tobacco
The U.K. Serious Fraud Office announced it has concluded without prosecution its investigation into British American Tobacco regarding whistleblower allegations of corruption in the conduct of business.
British Airways breach could cost billions in landmark class-action push
British Airways faces the largest group claim ever made in U.K. legal history over a 2018 data breach that exposed the financial and personal details of more than 400,000 of its customers.
CJEU opinion could further expose Big Tech under GDPR
Any European Union data protection authority should be allowed to pursue legal action against Big Tech firms over privacy issues, according to an opinion from the advocate general of the region’s top court.
German laptop retailer fined $12.7M under GDPR for employee surveillance
A German data regulator fined an online laptop and electronic goods retailer €10.4 million (U.S. $12.7 million) for video-monitoring employees for at least two years without legal basis.
U.K. tax authority fines MT Global record $32.4M for AML failures
MT Global Limited, a U.K.-based money transfer company, was hit with a record £23.8 million (U.S. $32.4 million) fine by the U.K.’s tax authority for violations of anti-money laundering regulations.