Risk and Compliance Update - 11th February

Risk and Compliance Update - 11th February

In this issue:

Data Protection

Information management & security

Crime prevention


Data Protection

EU Member States agree on negotiating mandate for revised ePrivacy rules

The Council of the EU has reported that Member States have agreed on a negotiating mandate for revised ePrivacy rules—rules on the protection of privacy and confidentiality in the use of electronic communications services. The updated rules will be used in cases in which service providers may process electronic communications data or have access to data stored on end-users’ devices. The agreement allows the Council to start talks with the European Parliament on the final text of the regulation.

See: LNB News 10/02/2021 78.

UK ‘does not meet conditions’ for data adequacy, EU parliamentary committee says

MLex: EU lawmakers have said the UK ‘does not currently meet the conditions’ to allow the continued free flow of personal and law-enforcement data, and expressed ‘strong doubts’ about an interim six-month agreement that allows those flows as part of a post-Brexit trade deal. The non-binding opinion from the European Parliament’s civil liberties committee (LIBE), adopted on 4 February 2021, comes just weeks before the EU’s data protection authorities are set to scrutinise the European Commission’s draft decision on adequacy, which is crucial for continued economic and security co-operation between the EU and the UK.

See News Analysis: UK ‘does not meet conditions’ for data adequacy, EU parliamentary committee says.

Information management & security

Government launches a new UK Cyber Security Council

The government has announced the launch of a new UK Cyber Security Council, funded by the Department for Digital, Culture, Media & Sport. The new independent body will set standards and define career and learning paths for the cyber security sector. The Council will help boost skilled job prospects around the UK by providing ‘budding and existing workers’ with clear guidance for building a career in cyber security. It will also focus on increasing the number and diversity of individuals entering the cyber security profession. The Council will formally launch on 31 March 2021.

See: LNB News 09/02/2021 89.

Crime prevention

OFSI introduces new director Giles Thomson 

The Office of Financial Sanctions Implementation (OFSI) has introduced Giles Thomson as a new director. Thomson hopes to utilise his ‘expanding role to build stronger links between sanctions and broader economic crime work, exploiting the large overlap in threats, issues and stakeholders’. Additionally, Thomson aims to enhance OFSI’s compliance work by developing relationships further with law enforcement agencies, regulators and private sector bodies to improve understandings of compliance risks and trends.

See: LNB News 01/01/0001 2691.

Four lessons from record money services business AML fine

Law360, London: HMRC recently imposed a record fine on MT Global over AML violations, highlighting several AML enforcement and supervision considerations for money services businesses and their advisers, says Jessica Parker at Corker Binning.

See News Analysis: Four lessons from record money services business AML fine.

Section 2 notices against non-UK companies—what is within the SFO’s direct reach? (R (KBR) v Director of the SFO)

In 2018, the Divisional Court’s decision in R (KBR) v Serious Fraud Office (SFO) found that the SFO’s powers to compel data under  section 2 of the Criminal Justice Act 1987 ( CJA 1987) extended to data of a non-UK company held abroad, provided there was a ‘sufficient connection’ between that company and the UK. The Supreme Court has now allowed KBR Inc’s appeal of that decision. The decision places important limits on the SFO’s ability to use CJA 1987, s 2 notices to obtain material in the hands of foreign companies.

See News Analysis: Section 2 notices against non-UK companies—what is within the SFO’s direct reach? (R (KBR) v Director of the SFO) and LNB News 05/02/2021 104.

LexTalk®Risk & Compliance: a Lexis®PSL community

Collaborate and network with a community of expert lawyers

LexTalk® is an online community forum which gives Lexis®PSL subscribers the opportunity to post questions, hold conversations, participate in discussions and share best practice. It has been designed to provide a secure place for legal professionals to discuss legal developments, offer and receive peer support, and gain a sense of up-to-date market practice and advances in real-time. You can access and post questions on all of the dedicated practice area forums, including a dedicated community for Lexis®PSL Risk & Compliance.

Click here to sign up and meet like-minded community members, create a profile, connect, share, and start participating today! Alternatively, you can access LexTalk® on the key resources tab on your Practice Area home page.

Related Articles:
Latest Articles:
About the author:
Allison is a former partner of Shoosmiths, with extensive experience of legal management and practice compliance.