Compliance Essentials News - May 2019
This month's egulatory announcements, market studies, and stories about compliance lapses and downright disregard of laws/regulations.
Select the links or scroll down for more details.
- HMRC cautioned over voice authentication
- 10 Danske managers charged over money laundering
- Companies House gets overhaul, finally
- No smoke without fire - tobacco companies fined for anti-competitive practices
- 5 banks fined for rate rigging
- Telefônica Brasil caught offside by the SEC
- You too? Bullying and sexual harassment "endemic in legal profession"
- The UK businesses leading the way in modern slavery compliance
HMRC cautioned over voice authentication
Her Majesty's Revenue and Customs (HMRC) has been cautioned after complaints about its voice authentication system which asked helpline users to record their voice as their password.
The ICO said HMRC had paid, "little or no consideration to the data protection principles when rolling out the Voice ID service". It's the first enforcement action taken by the regulator for use of biometric data under the GDPR.
The regulator noted serious data governance and accountability concerns including:
- Its large scale data collection - 7 million voice records were collected
- Inadequate consent - users were not told that they could decline to participate
- It was not made clear that they would not suffer a detriment if they declined to participate
- A Data Protection Impact Assessment (DPIA) was not put in place at the time of launch
Whenever AI-related technologies are implemented, companies need to:
- Consider whether biometric data (special category data) will be used
- Conduct a DPIA where processing is "likely to result in a high risk to the rights and freedoms of natural persons" - such as large scale use of biometric data
- Address any risks as the project progresses
- Deliver accountability - ensuring there are adequate organisational and technical measures in place to safeguard personal data
- Obtain explicit consent if you rely on consent as the legal basis for processing
If you need to train your staff check out our comprehensive GDPR elearning course library.
10 Danske managers charged over money laundering
According to reports, ten former Danske Bank managers, including its former CEO Thomas Borgen, have been charged over their role in the €200 billion money laundering scandal at their Estonian unit. Prosecutors have also charged Henrik Ramlau-Hansen, the former chair of Denmark's financial regulator and Danske's former finance director for failing to prevent certain transactions during his time at the bank.
Meanwhile, Chris Vogelzang - ex-ABN banker - is to be its new executive with the unenviable task of restoring trust. He told Reuters, "Of course the most important challenge is now to regain the trust, so people at dinner parties or when having drinks at a pub can say with pride that they work for Danske Bank."
"I think I bring a lot of energy and a lot of ambition in what I do. I set the bar high. I also empower people, I'm a good communicator, and I think I understand banking. I've seen a lot."
Companies House gets overhaul, finally
Perhaps sensing blood, the UK Government has announced an overhaul of the Company House regime, the biggest in 170 years. The reforms will increase traceability of company ownership and protect business owners from fraud.
There is overwhelming evidence from anti-corruption campaigners (such as Transparency International) that UK-registered companies are one of the 'favoured vehicles' used by criminals to launder funds and hide illicit wealth. Out of 52 recent corruption cases, 766 UK firms were involved laundering around £80 billion. Indeed, the Danske Bank scandal (see above) was also facilitated by UK company structures. Weaknesses in the UK register of some 4m companies aren't new.
However, new research by Global Witness found:
- Over 300,000 companies say they have no beneficial owner
- 3,000 companies say their PSC is another company in a tax haven
- 2,083 companies are owned by individuals who are disqualified as directors
- 76 beneficial owners match the names of individuals on US sanctions lists
- A number of companies are controlled by a two-year old!
No smoke without fire - tobacco companies fined for anti-competitive practices
CMNV, the Spanish anti-trust regulator, has issued a number of tobacco companies with fines totalling €58 million for anti-competitive practices.
Distributor Integral Logista was fined €21 million for passing on sales information to Philip Morris Spain, Altadis and JT International Iberia who were also fined €15 million, €11 million and €10 million respectively.
Logista, an affiliate of Imperial Brands, said it provided the information freely and in good faith, disputing its actions were anti-competitive.
5 banks fined for rate rigging
Following a six-year investigation, the EU anti-trust regulator has fined five banks - including Barclays, Citigroup, RBS and JPMorgan - over €1 billion for their involvement in the rigging of the foreign exchange market.
Traders had "exchanged sensitive information and trading plans" via online chat forums named "Three Way Banana Split" and "Essex Express n' the Jimmy", used by traders who travelled on the same commuter train.
EU competition commissioner Margrethe Vestager said, "Foreign exchange spot trading activities are one of the largest markets in the world, worth billions of euros every day. The behaviour of these banks undermined the integrity of the sector at the expense of the European economy and consumers."
Telefônica Brasil caught offside by the SEC
Telefônica Brasil SA has been fined $4.125 million by the Securities and Exchange Commission after it offered hospitality and World Cup tickets to government officials in return for furthering its business interests.
The US regulator said the telecoms firm around spent $5.6 million on World Cup and Confederations Cup tickets, which were booked as publicity and advertising costs and then handed out to around 127 government officials.
An email memo suggested staff "take into account the importance of the actions that each guest has already effectively done in our favor" when deciding who should benefit from tickets.
Anti-bribery laws prevent us:
- Offering, promising, giving, requesting or receiving a financial or other advantage as inducements
- Offering, promising or giving a financial or other advantage to induce a Foreign Public Official (FPO) to perform their public function improperly
Companies must have adequate procedures to prevent bribery by employees and associated persons. Do you?
You too? Bullying and sexual harassment "endemic in legal profession"
Amid news that the insurance industry is desperately trying to shake off its 'laddish' culture, a survey by the International Bar Association has found alarming levels of bullying and harassment within the legal profession:
- 1 in 2 female and 1 in 3 male respondents has been bullied at work
- 1 in 3 female and 1 in 14 male respondents has experienced sexual harassment
- Only half of respondents' workplaces had relevant policies
- Just 1 in 5 respondents' organisations had provided training
Barrister Charlotte Proudman called for change and tougher sanctions to be imposed in the industry, such as:
- More disciplinary action - in 2017/18, just two of the paltry eight complaints received by the Bar Standards Board resulted in disciplinary action
- Greater diversity in the makeup of chambers - 85% of queen's counsel and 72% of the judiciary are men, despite equal numbers of men and women joining the profession
- An independent office to handle complaints of sexual harassment
For more information, download our free workplace harassment training presentation.
The UK businesses leading the way in modern slavery compliance
At Skillcast, we often use negative stories to illustrate compliance trends and consequences of non-compliance. But it doesn't always have to be this way. Positive role models are good too. More carrot, less stick? Yes please.
Indeed, we can learn just as much from companies who do the right thing and make headlines for all the right reasons.
So, hats-off to Marks and Spencer, Tesco, British American Tobacco and WM Morrison Supermarkets after being ranked among the top 4 UK businesses for modern slavery compliance in the second Global Governance FTSE 100 Index. We salute you.
If you've got some catching up to do, check out our free Modern Slavery training resources.
Looking for more compliance insights?
Why not subscribe to our Compliance Bulletin which delivers a round-up email of all of this month's best practices, expert opinions, industry insights, key trends in regulatory compliance training, digital learning, EdTech and RegTech news.
Skillcast has partnered with YouGov to conduct primary research into compliance issues, attitudes and risk perceptions in the UK workplace to produce a series of Insights Blogs.
We also have 50+ free compliance training aids, including a selection of desk-aids, eBooks, guides, handouts, posters, training presentations and even free e-learning modules!