Our pick of key compliance stories this month
- COP26 outcomes and their impact on businesses
- Credit Suisse announces changes following a string of scandals
- EU agrees on new sanctions against Belarus
- SFO reclaims £100,000 from Unaoil executive
- Sunrise Brokers LLP fined over £640,000 for financial crime control failings
- KPMG sued $600 million over alleged poor auditing
- 1.2 million users have emails exposed in GoDaddy security breach
- Sexual discrimination lawsuit filed against Tesla
- Definition of 'fully vaccinated' in the UK set to change with COVID-19 boosters
- JPMorgan to pay $60 million over alleged market abuse
COP26 outcomes and their impact on businesses
The UN Climate Change Conference (COP26) was deemed a relative success after seeing at least 90% of the world's economy commit to net-zero targets - a substantial increase from the 30% it was a year ago.
Notably, financial firms and businesses, including banks, insurance firms and capital markets, are expected to play a crucial role in driving clean finance, irrespective of government policy. One example is the Glasgow Financial Alliance for Net Zero (GFANZ), which manages approximately $130 trillion of assets.
The conference focused on key conversations on reducing greenhouse gases, reforestation, the phase-down of coal, green innovation and carbon accounting. COP26 established a new International Sustainability Standards Board (ISSB) to set a global baseline for disclosure standards on climate and other Environmental, Social and Governance (ESG) issues.
Large companies in the UK must submit climate risk disclosures from 2022, a requirement that will extend to all companies by 2025. Following COP26, the UK has also introduced a new requirement for all UK listed companies to submit a net-zero transition plan by 2023.
- Change is certain – climate change prevention will become a critical aspect of businesses' ESG measures, policies and procedures.
- ESG assets will be impacted by government and institution commitments to greenhouse gas reduction and the adoption of green initiatives. These assets surpassed $40 trillion in 2020 and are forecast to increase to over $52 trillion by 2025.
- All UK businesses will need to design a net-zero transition plan over the next two years and will need to commit to it over the next couple of years.
Changes in Credit Suisse following a year of scandal
Following a year of scandals, lawsuits and fines that have cost billions, Credit Suisse is now conducting a series of internal changes in an attempt to overhaul its risk management strategy and re-establish good culture and conduct at the workplace.
So far in 2021, Credit Suisse has been fined by regulators for a fraudulent loan given to the government of Mozambique, its multiple failings concerning the Archegos hedge fund scandal, as well as its involvement with Greensill Capital and its now-defunct fund.
The bank's Chairman, appointed last April, stated his intention of clearing Credit Suisse of the negative reputation it has acquired recently. The bank will also shift focus on advising firms on deals and listings and trading cash equities. It will also limit its lending in emerging markets.
EU agrees on new sanctions against Belarus
A geopolitical dispute concerning Polish-Belarusian frontiers has escalated over the last few weeks as thousands of migrants, originally from the Middle East, remain stranded in makeshift camps in increasingly plummeting winter temperatures.
The EU has accused Alexander Lukashenko's regime of allowing Middle Eastern people eager to reach the EU to fly into the Belarusian capital, who then make their way to the Polish border on foot.
In light of the conflict, EU Foreign Policy Chief Joseph Borrell has stated that the EU will use sanctions against "people, airlines, travel agencies and everyone involved in [the] … illegal push of migrants" against EU borders.
Existing sanctions already target Belarus' petroleum, tobacco and potash industries, which are a significant source of income.
- Sanctions against Belarus is a highly evolving situation – be vigilant, proactive and pay particular attention to trades and/or business that the recent addition to Belarusian sanctions might impact.
- Educate your staff on how to spot the red flags of a potential sanctions breach and how they can report it. Don't solely rely on automated screening software, specific departments (e.g. Compliance/Legal) or hired third party companies to spot sanctions risks.
- Pay particular attention to business supply chains - businesses with Belarusian raw material or agricultural product companies as part of their supply chain should be reported to the Compliance/Legal team.
SFO reclaims £100,000 from Unaoil executive
The Serious Fraud Office (SFO) has ordered a former Unaoil senior executive to repay £100,000 – the same amount of criminal gains he obtained in his role in the Unaoil bribery scandal. The funds will be paid into the public purse.
Earlier this year, it came to light that the senior executive paid over $500,000 in bribes to secure a $55 million contract for Unaoil to supply oil infrastructure in Iraq. The Head of Proceeds of Crime and International Assistance at the SFO, Emma Luxton, stated that: "The SFO relentlessly pursues those who line their own pockets with illicit gains, and we have a proud record of recovering funds; for victims and for the UK taxpayer."
The Unaoil investigation also led the SFO to a bribery scheme that was occurring at Petrofac. The latter company pleaded guilty to 14 counts of bribery, which included paying £32 million in bribes to secure over £2.6 billion in Middle East oil and gas contracts. The company's fine amounts to £77 million.
Sunrise Brokers LLP fined over £640,000
The FCA has fined Sunrise Brokers LLP £642,000 over serious crime control failings concerning suspected fraud and speculation involving dividend taxes, known as cum-ex trading.
An investigation found that Sunrise had inadequate systems, procedures and controls in place that should have mitigated the risk of facilitating fraudulent trading and money laundering. The malpractice primarily occurred with business conducted by the Solo Group. The review found that the Group's trading in 2015 followed a circular pattern – a red flag that is highly suggestive of financial crime.
Further analysis indicates that the Group's trading allowed for withholding tax reclaims in Denmark and Belgium to be arranged. The Executive Director of Enforcement and Market Oversight, Mark Steward, stated that: "Sunrise should not have carried out these self-evidently suspicious trades without proper due diligence. Sunrise's failings were significant, and this outcome demonstrates we will not tolerate firms' lax controls."
- Ongoing due diligence is essential to spot the red flags of financial crime: fraud, tax evasion, terrorist financing, or others.
- Financial crime, such as fraud, is not limited to criminal activity in the UK. It also includes financial crime abroad.
- Companies are held accountable and liable to implement adequate financial crime controls, policies and procedures and ensure the education of all staff on their implementation.
KPMG sued $600 million over alleged poor auditing
KMPG LLP has been sued for $600 million in its auditing role concerning the now insolvent Dubai private-equity firm Abraaj Group in Dubai. The Group managed around $14 billion at the height of its operations but fell into insolvency in 2018 when it was accused of misusing investors' funds. US prosecutors also allege that the firm's CEO stole over $250 million in a separate case.
The claimants, who represent two units of Abraaj, allege that KMPG auditors "failed to maintain independence and an appropriate attitude of professional scepticism", thus failing to act in their (the client's) best interests. The main issue arises from claims that KMPG failed to identify and notify the Group of irregularities in their financial statements.
The case centres around Abraaj's Chief Financial Officer (CFO) - he worked for the Abraaj during two separate periods. In between, he worked as a KMPG partner. The Dubai Financial Services Authority fined him $1.7 million for his role in the scandal.
GoDaddy security breach exposes emails of 1.2m
GoDaddy Inc, one of the most popular international web hosting companies, alerted the SEC that the email address of up to 1.2 million WordPress customers had been exposed. Hackers could also see original WordPress admin passwords, user credentials, and in some cases, the SSL website keys that determine a website's identity and security.
The security breach occurred due to a compromised password used by a third party to gain unauthorised access. The company's Chief Information Security Officer stated that once the team was alerted to the breach, they "immediately began an investigation with the help of an IT forensics firm and contacted law enforcement."
GoDaddy is mitigating the breach by changing any affected passwords and generating new website security certificates where required. Impacted customers are also being contacted with further steps they should take to secure their accounts and credentials.
Sexual discrimination lawsuit filed against Tesla
A Tesla factory worker has filed a lawsuit over alleged sexual discrimination on the factory floor. Jessica Barraza claims that months after she started work at a Californian Tesla factory, she started experiencing near-daily harassment, including vulgar comments and inappropriate sexual advances from colleagues.
She claims the work environment became so toxic that it led to a diagnosis of post-traumatic stress disorder following three years of working at the factory. Barraza filed her complaints to Tesla HR in September and October, but they did nothing to tackle the harassment, and it is unclear whether the complaints were even acknowledged internally.
Tesla includes a mandatory arbitration clause in the contracts that mandate employees to settle disputes outside of court. This type of dispute is, therefore, rare. However, Baraza's attorneys claim that this clause is illegal.
Since Barraza has filed the lawsuit, other employees are coming forward with sexual harassment claims. The case remains ongoing, with the official charges citing sexual harassment and failure to prevent sexual harassment at the workplace.
- Establish a zero-tolerance policy on discrimination and harassment of any kind at the workplace and nurture a culture of good conduct.
- Ensure all policies and procedures are legal and compliant with Employment Law, including contracts and complaint procedures, are legal and compliant with Employment Law.
'Fully vaccinated' definition set to change in the UK
UK Prime Minister Boris Johnson stated that the definition of 'fully vaccinated' would be adjusted to account for the COVID-19 booster shot. While a time frame for the booster rollout is yet to be detailed, the news should alert businesses to the constantly changing regulations concerning the management of the COVID-19 pandemic.
The move comes in light of concerns that the initial COVID-19 vaccine only provides a heightened immune system for a few months. The highly contagious Delta variant could compromise the positive effect vaccines have had on reducing transmission and hospitalisation deaths. So far, the UK has extended the COVID-19 booster eligibility to people over the age of 40.
Business' understanding of what it means to have a 'fully vaccinated' employee or client will need to reflect this change.
JPMorgan to pay $60m over alleged market abuse
JPMorgan has agreed to pay $60 million to settle a case on alleged precious metal spoofing. Spoofing occurs when traders place orders intending to cancel them later. This gives the illusion that a trade commodity or financial instrument is in high demand, moving prices upwards to benefit market positions.
Precious metals investors accused JPMorgan of manipulating the price of precious metals futures and options, which has brought the lawsuit forward. The case was built on information disclosed from US government investigations in the US Treasury markets concerning trades between 2008 and 2016.
Prosecutors noted that the settlement recovers around 7% of the approximately $915 million class-wide damages.
Looking for more compliance insights?
If you'd like to stay up to date with best practices, industry insights and key trends across regulatory compliance, digital learning, EdTech, and RegTech news, subscribe to Skillcast Compliance Bulletin.
To help you navigate the compliance landscape, we have collated searchable glossaries of key terms and definitions across complex topics, including GDPR, Equality, Financial Crime and SMCR. We also track the biggest compliance fines, explaining what drives them and how to avoid them.
You can follow our ongoing YouGov research into compliance issues, attitudes and risk perceptions in the UK workplace through our Compliance Insights blogs.
Last but not least, we have 70+ free compliance training aids, including assessments, best practice guides, checklists, desk-aids, eBooks, games, handouts, posters, training presentations and even e-learning modules!
If you've any questions or concerns about compliance or e-learning, please get in touch.
We are happy to help!