Risk and Compliance Update - 12th October

Risk and Compliance Update - 12th October

 

In this issue:

GDPR & data protection

AML & counter-terrorist financing

Cybersecurity & cybercrime

Additional Risk & Compliance updates this week

Trackers

Latest Q&A

LexTalk®Risk & Compliance: a Lexis®PSL community


GDPR & data protection

UK government view of Schrems II and adequacy decisions

The European Scrutiny Committee (the Committee) has published recent correspondence with the Minister of State for Media and Data, following the Committee’s request for information on—(a) the UK Government’s view of the case of Data Protection Commissioner v Facebook Ireland Limited, Maximillian Schrems (commonly known as ‘Schrems II’), Case C-311/18, and (b) the UK’s aspirations for durable data adequacy decisions from the EU for both commercial and law enforcement purposes from 1 January 2021.

See: LNB News 06/10/2020 4.


Data protection and data flows—further Brexit transition guidance

The Departments for Digital, Culture, Media & Sport (DCMS) and Business, Energy & Industrial Strategy (BEIS), along with the Office for Civil Society (OCS) and Information Commissioner’s Office (ICO) have collectively published updated guidance on data protection and data flows to help stakeholders prepare for the end of the transition period and beyond. Further new and updated guidance may be issued as the transition period progresses, so stakeholders are advised to monitor the pages for updates.

See: LNB News 02/10/2020 89.


ICO consultation on draft statutory guidance regarding data protection legislation

The ICO has launched a public consultation on its draft statutory guidance, which details how it will regulate and enforce data protection legislation in the UK. The draft guidance sets out the ICO’s powers, how it is used and how fines are calculated, while assuring businesses that the powers will be used ‘proportionately and consistently’. The consultation closes at 5pm on 12 November 2020.

See: LNB News 01/10/2020 11.


AML & counter-terrorist financing

Jersey lays bare difficulties in curbing money laundering

MLex: Jersey has struggled to reduce its exposure to international money laundering despite its commitment to boost corporate transparency, the British Crown Dependency has acknowledged.

See News Analysis: Jersey lays bare difficulties in curbing money laundering.


Possible role of an EU dedicated AML authority

The European Commission has published a speech by executive vice-president Valdis Dombrovskis at the high-level conference on anti-money laundering and counter-terrorist financing (AML/CTF), in which he noted that around 1% of the EU’s annual GDP is thought to relate to criminal activity. Dombrovskis said he would be in favour of creating a dedicated AML authority with significant and direct supervisory powers regarding the most risky obliged entities. The EU’s AML rules are now among the toughest in the world, but still not enforced equally across the board, and the EU intends to present a package of legal proposals in the first quarter of 2021, based on the EU’s AML action plan and consultation input.

See: LNB News 01/10/2020 57.


ECB prudential and AML/CTF frameworks

The European Central Bank (ECB) has published the slides from a speech by Édouard Fernandez-Bollo, a representative of its supervisory board, setting out ECB Banking Supervision’s role in AML/CTF. Fernandez-Bollo set out the current structure of prudential supervision and the separate AML/CTF framework, and highlighted the ECB’s horizontal AML co-ordination function and updated supervisory methodologies.

See: LNB News 01/10/2020 83.


Cybersecurity & cybercrime

Europol cybercrime report finds uptick in cybercrime during coronavirus (COVID-19)

Europol has published the 2020 Internet Organised Crime Threat Assessment (IOCTA), which maps out the cybercrime landscape. The report has found that coronavirus (COVID-19) in many cases enhanced existing cybercrime problems, with social engineering and phishing being used to exploit vulnerable people and sell unproven coronavirus ‘cures’. A challenge faced by authorities is how to access encrypted information for criminal investigations. Further threats include improved malware, the increase in child sexual abuse material available online, sim swapping and criminal abuse of the dark web.

See: LNB News 06/10/2020 28.


Paying cyber ransoms can breach sanctions, US Treasury says

Law360: Ransomware victims and the third party companies that negotiate on their behalf may face stiff legal penalties if the cybercriminals behind an attack are known or turn out to be under economic sanction, the US Treasury Department said on 1 October 2020.

See News Analysis: Paying cyber ransoms can breach sanctions, US Treasury says.


Additional Risk & Compliance updates this week

Changes to EU list of non-cooperative jurisdictions for tax purposes

The European Council has announced the jurisdictions which are being added and removed from the EU list of non-cooperative jurisdictions for tax purposes. Cayman Islands and Oman have both been removed from the list after ‘having passed the necessary reforms to improve their tax policy framework’, meanwhile Anguilla and Barbados have both been added to the list following reports published by the Global Forum on Transparency and Exchange of Information for Tax Purposes downgrading the jurisdictions to ‘non-compliant’ and ‘partially compliant’ respectively. The list now contains twelve non-cooperative jurisdictions: American Samoa, Anguilla, Barbados, Fiji, Guam, Palau, Panama, Samoa, Seychelles, Trinidad and Tobago, the US Virgin Islands and Vanuatu.

See: LNB News 07/10/2020 35.


Trackers

Lexis®PSL Risk & Compliance has a dedicated area on the Key Resources section of the home page that tracks interesting and important cases, legislation, consultations and other key developments in the world of practice compliance. For more information, see: Risk & Compliance forecast as at 22 September 2020.


Latest Q&A

• Given that we cannot rely solely on the PSC registers maintained at Companies House for CDD purposes, what else, in practical terms, can we use to identify the beneficial owner of a corporate client/customer?


LexTalk®Risk & Compliance: a Lexis®PSL community

Collaborate and network with a community of expert lawyers

LexTalk® is an online community forum which gives Lexis®PSL subscribers the opportunity to post questions, hold conversations, participate in discussions and share best practice. It has been designed to provide a secure place for legal professionals to discuss legal developments, offer and receive peer support, and gain a sense of up-to-date market practice and advances in real-time. You can access and post questions on all of the dedicated practice area forums, including a dedicated community for Lexis®PSL Risk & Compliance.

Click here to sign up and meet like-minded community members, create a profile, connect, share, and start participating today! Alternatively, you can access LexTalk® on the key resources tab on your Practice Area home page.

Related Articles:
Latest Articles:
About the author:
Allison is a former partner of Shoosmiths, with extensive experience of legal management and practice compliance.