This months' news that touches the people dimension of regulatory compliance. It's not only about regulations, policies, procedures and systems.
Money Laundering at Danske Bank
In the minds of many, money laundering conjures up images of drug barons from Latin America, blood diamond smugglers from Africa, and arms dealers from Asia. Well, prepare to be disabused of such notions. Possibly the largest ever money-laundering scandal in history is unfolding here in the European Union!
It turns out that the Estonian branch of the Danske Bank from Denmark had thousands of suspicious customers and may have laundered up to €200bn over a nine-year period.
The scandal - which involved over 32 currencies and companies in Cyprus, Seychelles, British Virgin Islands and the UK - lead to the resignation of its CEO Thomas Borgen. However, he has protested that he did everything he was legally required to do.
Incidentally, Denmark is ranked the second-best country globally on Transparency International's Corruption Perceptions Index 2017. Yet, it has no whistleblowing legislation, which may have brought the Danske case to light earlier. And in 2013, the OECD pointed out that it had "serious concerns about the lack of enforcement" of bribery paid by Danish companies abroad.
UK Authorities Hit Back With UWOs
The UK's National Crime Agency has recently developed a taste for unexplained wealth orders. Zamira Hajiyeva - the wife of jailed Azerbaijani banker who spent £16m at Harrods and owns luxury properties, including an £11.5m Knightsbridge home - has been forced to explain the source of her wealth.
UWOs came into force in January as part of the Criminal Finances Act 2017. This requires targets to account for their source of funds. If they cannot prove a legitimate source - and crucially, the burden is on them to do so - then their assets and property can be seized.
Still, there's a lot further for the authorities to go. Transparency International has claimed that £4.4bn worth of property in London bought with suspicious wealth is linked to politically exposed persons and criminals.
A Chairman's Fall from Grace
Carlos Ghosn has not just been at the helm of Renault Nissan but is a true legend in the global car industry for the way he saved Nissan from bankruptcy in 1999 and nursed it back to rude health. He's the only person to simultaneously run two Fortune Global 500 companies (Renault and Nissan). And for years, he was one of the top five most respected business leaders in the world.
So, it came as a shock to many when he was dismissed by Nissan and arrested in Japan, facing prosecution for alleged financial misconduct.
An investigation was launched following a tip-off by a whistleblower, who accused Ghosn of misappropriating funds for personal use. Allegedly Nissan spent millions of dollars purchasing and renovating luxury homes in Brazil, Lebanon, France and the Netherlands without legitimate business justifications. This could open Ghosn up to charges of professional embezzlement and tax evasion for not reporting this benefit in his income tax returns.
Prosecutors also claim that Ghosn arranged for himself future compensation to the tune of 8 billion yen ($70.5 million) that was not reported on Nissan's annual report - in contravention of Japanese securities regulations.
Finally, Ghosn is also facing corruption charges for dubious consultation fees paid by Nissan to his older sister. However, the company cannot confirm whether she has actually performed any work for which she was paid.
All of the above are presently allegations and charges that need to be proven. Still, they ring a warning bell for top executives, no matter how illustrious, against using their companies as a piggy bank to fund their lifestyle.
New Guidance on Passwords and Encryption from the ICO
The ICO has reminded companies that they are expected to use encryption when storing or transmitting personal data, given the availability of low-cost encryption solutions. If it is important that you have an encryption policy, be sure to train your staff in its use and importance, but remember that the residual risks to the data remain even after encryption.
Although there is no specific mention of passwords in GDPR, the security principle requires organisations to implement appropriate measures to prevent the unauthorised processing of personal data. The guidance has advice on authentication schemes, good practice and defending against brute force and other attacks. Again, there's a need to train your employees to embed good practice in your operations.
State of Whistleblowing
The FCA recently published its review of whistleblowing arrangements by firms in the UK financial services sector. It claims that the new rules introduced in 2017 have spurred firms into implementing whistleblowing arrangements and managing concerns fairly, consistently, and in a way that protects the individual whistleblower. Non-exec directors (NEDs) provide independent oversight and accountability and helping to raise the profile of whistleblowing. However, the report has also identified key areas requiring improvement, most notably in the provision of whistleblowing training to staff, preparation of whistleblowing annual reports, and the need for better documentation, plus practical arrangements for protecting whistleblowers against victimisation.
Expect more protection for whistleblowers by way of a Whistleblowing Directive that's making its way through the European Commission and the European Parliament.
What's the Cost of Compliance?
At Skillcast, we pride ourselves on not only helping our clients create a culture of ethics, integrity, and compliance. But also for doing so at relatively low costs (£5 and £100 per employee for a complete compliance training solution). So, imagine our shock when we recently came across the following estimates for the cost of financial crime compliance by very credible sources.
Bob Wigley, Chair of UK Finance, claimed at a UK Government symposium that "Banks spend over £5 billion a year fighting economic crime".
Meanwhile, LexisNexis Risk Solutions' 2018 True Cost of AML Compliance report found that the cost of AML compliance across US financial services firms amounts to $25.3 billion per year. This is based on survey responses from more than 150 decision-makers at banks, investment, asset management and insurance firms.
But, then if you think compliance is expensive - try non-compliance!
Looking for more compliance insights?
If you'd like to stay up to date with best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech, and RegTech news, subscribe to Skillcast Compliance Bulletin.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
And last but not least, we have 60+ free compliance training aids, including assessments, best practice guides, desk-aids, checklists, eBooks, games, guides, handouts, posters, training presentations and even free digital learning modules!