Skillcast Blog

Compliance News | 2021 Highlights | Skillcast

Written by David Mangion | 16 Dec 2021

We've examined the top 10 compliance news stories in 2021, from major data breaches and discrimination awards to billion-dollar fines.

Our pick of the top 10 compliance stories of 2021

  1. Record £23m fine for MT Global's AML breaches
  2. Siemens Gamesa worker injury fine after fall
  3. Ex-Braskem CEO pleads guilty in $250m bribery case
  4. Google fined €102m for abuse of dominant position
  5. Classified UK MoD documents found at a bus stop
  6. UK first of G7 to effect climate change legislation
  7. WhatsApp issued 2nd highest ever GDPR fine
  8. Southeastern loses franchise over failure to declare
  9. Sexual discrimination lawsuit filed against Tesla
  10. NatWest fined £264.8m for anti-money laundering failures

Take a look at our summary of key compliance fines in 2021 too!

Record £23m fine for MT Global's AML breaches

MT Global Limited, which has been subjected to the biggest ever fine issued by HMRC, for considerable AML breaches between July 2017 and December 2019 relating to:

  • fundamental customer due diligence measures
  • risk assessments and record-keeping
  • controls, policies and procedures

This penalty is three times as high the previous record penalty of £7.8 million handed out by HMRC last year to a London money service bureau.

According to Nick Sharp, Deputy Director of Economic Crime, Fraud Investigation Service, HMRC, "We're here to help businesses protect themselves from those who would prey on their services. That includes taking action against the minority who fail to meet their legal obligations under the regulations as this record fine clearly shows."

Siemens Gamesa worker injury fine after fall

Siemens Gamesa Renewable Energy has been fined after an agency worker fell from a blade platform.

Leeds Magistrates’ Court heard that on 11 November 2017, the 30-year-old was working inside one of the turbine blades at the company’s factory in Hull.

Inside the blade is a midway platform referred to as the "web". He was standing on the web, vacuuming the inside of the blade to clean off fibreglass dust and deposits.

As he approached the edge of the web, towards the end of the turbine blade, he fell a distance of 1.8 meters, sustaining injuries including a broken collarbone, 10 broken ribs, a broken wrist and a punctured lung, meaning he was off work for two months.

An investigation by the Health and Safety Executive(HSE) found Siemens Gamesa Renewable Energy had provided a ladder to access the web but they had not provided any fall protection on either side of the ladder.

Key takeaways

  • Find ways to avoid working at height whenever possible.
  • Prevent falls from occurring by using a safe workplace and suitable equipment.
  • Minimise the consequences of potential falls with collective and individual protection.
  • Train your staff to ensure they're familiar with emergency and rescue procedures.

Ex-Braskem CEO pleads guilty in $250m bribery case

The former chief executive officer of Braskem SA, Brazil’s largest petrochemicals company, admitted he took part in a sweeping bribery plot also involving Braskem’s parent company, Odebrecht SA.

Jose Carlos Grubisich pleaded guilty on Thursday to two counts of conspiracy to violate U.S. anti-bribery laws, acknowledging that he approved a $4.3 million payoff to an official of the state-owned energy company Petroleo Brasileiro SA for rights to build and operate a plant.

Under the deal he struck with prosecutors, Grubisich faces as long as 10 years in prison. His plea is the latest chapter in a sprawling corruption scandal centred on Petrobras.

Key takeaways

  • Make sure that you conduct adequate due diligence on all third parties and make our stance on bribery clear to them
  • Have a suitable Gifts and Entertainment Policy in place so that everyone is clear on what is and is not acceptable
  • Never make facilitation payments- they're just bribery by another name
  • Remember that bribery is a criminal offence and can result in hefty fines or even a stretch in jail!

Google fined €102m for abuse of dominant position

Italy's antitrust authority has issued Google with a €102.8m (£88.7m) fine for breaching competition law by abusing its dominant position. The Competition and Market Authority (AGCM) said the fine was due to Google's refusal to allow Enel X Italia to create a version of its JuicePass app compatible with Android Auto.

The app in question permits users to find and book a place at numerous recharging stations for electric vehicles. AGCM has also issued Google with a cease and desist order to coerce it to make Android Auto development tools available to Enel X Italia and other similar developers.

"By refusing Enel X Italia interoperability with Android Auto, Google has unfairly limited the possibilities for end-users to avail themselves of the Enel X Italia app when driving and recharging an electric vehicle," AGCM said in a statement.

"Google has consequently favoured its own Google Maps app, which runs on Android Auto and enables functional services for electric vehicle charging, currently limited to finding and getting directions to reach charging points, but which in the future could include other functionalities such as reservation and payment.

Key takeaways:

  • Don't act in a way that restricts competition in markets where you enjoy a dominant position by for instance refusing to supply, prohibiting discounting, imposing exclusive obligations or entering "pay-for-delay" deals
  • Never discuss or enter into agreements with competitors regarding prices, margins, market shares or production volumes
  • Never discuss future pricing plans and promotions with suppliers or discuss RRPs with retailers
  • Don't impose price, territorial or online sales restrictions on suppliers or distributors unless you are absolutely certain that it is legally permissible to do so in that instance

Classified UK MoD documents found at a bus stop

Documents detailing classified information about military strategy and the movements of HMS Defender were found at a Kent bus stop by a member of the public, who returned them to the Ministry of Defence (MoD).

The set of papers included documents outlining Russia's expected reaction to the HMS Defender's journey through Ukrainian waters. The documents also discussed possible plans for the UK's military presence in Afghanistan. This breach of sensitive military data could compromise diplomatic relations with other countries and jeopardise existing military operations.

Shadow defence secretary, John Healey, told the press: "The loss of classified documents that cover a wide range of vital areas of national security is as embarrassing as it is worrying for ministers. Ultimately, ministers must be able to confirm to the public that national security has not been undermined, that no military or security operations have been affected and that the appropriate procedures are in place to ensure nothing like this happens again."

The MoD is undertaking an investigation.

Key takeaways:

  • Check how information is classified before sharing it with others or before printing it and removing it from the premises.
  • Only share confidential or personal information on a 'need to know' basis and ensure it is encrypted.
  • Be extra vigilant when travelling - check who else may be listening to phone conversations or seeing your screens, and take extra care to not leave any physical documents behind.

UK first of G7 to effect climate change legislation

The UK is set to become the first G7 country to bring climate change legislation into effect. The UK Government expects to proceed with the recommendations of the Taskforce on Climate-related Financial Disclosure (TCFD) across the financial sector over the coming months. The UK Minister for Pensions and Financial Inclusion explained that:

"Trustees of pension schemes [will be] statutorily required to consider, assess and report on the financial risks of climate change within their portfolios. By October 2022, we will have captured more than 70% of assets under management and over 80% of members."

While the legislation will be debated in UK Parliament in the coming months, the TCFD has established recommendations supported by over 1,440 organisations and representing a market capitalisation of over $12.6 trillion.

Key takeaways

  • Firms will need to assess whether the TCFD regulatory procedures apply to their business once they are legislated.
  • Industries will need to implement robust policies to safeguard their business models and client interests as the consequences of climate change become more apparent.

WhatsApp issued 2nd highest ever GDPR fine

Ireland's data authority fined WhatsApp £193m for violating privacy standards. It's the highest penalty the Irish Data Protection Commission (DPC) has ever imposed and the second-highest under EU GDPR standards.

A 2018 investigation revealed that WhatsApp was not transparent enough with its customers on how it collected, managed and processed their data. Following "a lengthy and comprehensive investigation," the Irish DPC said it had communicated its decision to other regulators, as required by GDPR law, and had received complaints from eight countries, including Germany, France, and Italy.

Southeastern loses franchise over failure to declare

Rail operator Southeastern has had its franchise claimed by the Government after it failed to declare over £25m of taxpayer funds. The Operator Last Resort will now oversee the rail services in the southeast region to safeguard taxpayers’ interests.

Investigations over the undeclared funds are being carried out and the Government has indicated the company and any guilty parties involved in the case could face financial penalties.

"We won’t accept anything less from the private sector than a total commitment to their passengers, and transparency with taxpayers."

Grant Shapps, UK Transport Secretary

The Department for Transport has said that the taxpayer funds have since been reclaimed.

Sexual discrimination lawsuit filed against Tesla

A Tesla factory worker has filed a lawsuit over alleged sexual discrimination on the factory floor. Jessica Barraza claims that months after she started work at a Californian Tesla factory, she started experiencing near-daily harassment, including vulgar comments and inappropriate sexual advances from colleagues.

She claims the work environment became so toxic that it led to a diagnosis of post-traumatic stress disorder following three years of working at the factory. Barraza filed her complaints to Tesla HR in September and October, but they did nothing to tackle the harassment, and it is unclear whether the complaints were even acknowledged internally.

Tesla includes a mandatory arbitration clause in the contracts that mandate employees to settle disputes outside of court. This type of dispute is, therefore, rare. However, Baraza's attorneys claim that this clause is illegal.

Since Barraza has filed the lawsuit, other employees are coming forward with sexual harassment claims. The case remains ongoing, with the official charges citing sexual harassment and failure to prevent sexual harassment at the workplace.

Key takeaways:

  • Establish a zero-tolerance policy on discrimination and harassment of any kind at the workplace and nurture a culture of good conduct.
  • Ensure all policies and procedures are legal and compliant with Employment Law, including contracts and complaint procedures, are legal and compliant with Employment Law.

NatWest fined £264.8m for AML failures

National Westminster Bank Plc (NatWest) has received a huge £264.8m fine after being convicted for three separate offences relating to anti-money laundering failures. This fine marks the FCA's first criminal charges against a firm for AML failures.

According to the sentencing judge, Mrs Justice Cockerill, "although in no way complicit in the money laundering which took place, the Bank was functionally vital. Without the Bank – and the Bank's failures - the money could not be effectively laundered."

Between November 8th, 2012, and June 23rd, 2016, NatWest failed to adequately monitor the activity of a commercial customer, Fowler Oldfield, a jewellery firm in Bradford. NatWest initially assumed it would not handle cash from the Fowler Oldfield firm when it took on the account. However, around £365 million was placed with the Bank throughout the customer relationship, with around £264 million in cash.

Some of the Bank's workers in charge of handling these cash deposits reported their suspicions to the Bank's money-laundering investigators, but they took no action. The reported red flags included depositing large amounts of Scottish banknotes around England, suspicious behaviour when individuals were depositing cash at NatWest branches, and deposits of notes with a strong, musty odour.

Furthermore, the Bank's automatic transaction monitoring system misidentified some cash deposits as cheques. Because cheques carry a lower risk of money laundering than cash, the Bank's monitoring of many cash depositors, including Fowler Oldfield, was severely lacking.

Key takeaways:

  • Conduct initial and ongoing customer due diligence using a risk-based approach
  • Look out for anything suspicious, paying particular attention to high-risk customers and jurisdictions
  • Report any knowledge or suspicion of money laundering or terrorist financing immediately
  • Exercise extreme care to avoid tipping off anyone who has been reported for money laundering or terrorist financing

Looking for more compliance insights?

We have created a series of comprehensive roadmaps to help you plan and execute compliance in your organisation.

Our best-selling Compliance Essentials Library and award-winning LMS provide a one-stop compliance training solution, including compliance refresher courses.

And our searchable compliance glossaries explain key terms and regularly report on learnings from the largest compliance fines resulting from regulatory breaches.

We also have 80+ free compliance training aids, including assessments, best practice guides, checklists, desk aids, eBooks, games, posters, training presentations and even e-learning modules!

If you'd like to stay up to date with compliance learning best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech and RegTech news, subscribe to the Skillcast Compliance Bulletin.

Last but not least, you can interact in person with thought leaders and your peers at one of our popular live webinars and face-to-face events.

If you've any questions or concerns about compliance or e-learning, please get in touch.

We're happy to help!