Risk & Compliance weekly highlights—17 June 2021

Risk & Compliance weekly highlights—17 June 2021

In this issue:

Risk & Compliance forecast

Data protection

Financial crime

Privilege

Cybersecurity 

Modern slavery

UK/EU divergence—have your say

Daily and weekly news alerts

New and updated content

Trackers


Risk & Compliance forecast

Risk & Compliance forecast as at 15 June 2021

Our new Risk & Compliance forecast (as at 15 June 2021) is now live. This month, we report on issues including (1) finalised standard contractual clauses (SCCs); (2) economic crime; (3) cybersecurity and cybercrime updates and (4) whistleblowing. You can rest assured we’re tracking forthcoming regulatory changes so you can plan ahead.

 

Data protection

Global One 2015 given monetary penalty notice by ICO for unlawful marketing messages

The Information Commissioner’s Office (ICO) has published a monetary penalty notice against Global One 2015. The ICO found that Global One instigated 573,000 unsolicited direct marketing messages between 24 April 2020 and 23 May 2020 without valid consents, resulting in 548 complaints. The ICO also notes that the unsolicited messages did not offer individuals the ability to ‘opt out’ of future unsolicited messages. As a result, the charity has been fined £10,000 by the ICO.

See: LNB News 15/06/2021 101.


New C2P SCCs for controllers and processors in the EEA

Dr W Kuan Hon, director in the Privacy, Security & Information Law team at Fieldfisher, discusses Commission Implementing Decision (EU) 2021/915 which sets out SCCs for arrangements between controllers and processors in the EEA (C2P SCCs). She considers the background to the C2P SCCs, to what extent they may be used in practice, and issues organisations may encounter when using them, as well as implications for organisations in the UK.

See News Analysis: New C2P SCCs for controllers and processors in the EEA.

Papa John’s given monetary penalty by ICO for unlawful marketing messages

The ICO has fined the pizza company Papa John’s (GB) Ltd £10,000 for sending 168,022 nuisance marketing messages to its customers without valid consent. This was after the ICO received 15 complaints from Papa John’s customers about the unwanted marketing, which was distributed by texts and emails. The ICO investigation concluded that Papa John’s was relying on a ‘soft opt in’ exception as a form of marketing consent. However, the ICO ruled that this exemption could not be relied upon, as a privacy notice was not provided to the customers at any point, with an option to opt out.

See: LNB News 15/06/2021 53.

Financial crime

Will the CPS’ decision to update its guidance mean an increase in prosecutions for failure to disclose under section 330 of POCA 2002?

Recent guidance issued by the Crown Prosecution Service (CPS) on the offence of ‘failure to disclose’ under section 330 of the Proceeds of Crime Act 2002 (POCA 2002) states that it is now ‘possible to charge an individual under section 330 even though there is insufficient evidence to establish that money laundering was planned or has taken place’. Leena Lakhani of Kingsley Napley LLP considers the offence and new guidance and whether it will mean an increase in prosecutions for failure to disclose under POCA 2002, s 330.

See News Analysis: Will the CPS’ decision to update its guidance mean an increase in prosecutions for failure to disclose under section 330 of POCA 2002?


FATF publishes consolidated assessment ratings

The Financial Action Task Force (FATF) has published a consolidated table of assessment ratings, providing an overview of the ratings that assessed countries obtained for effectiveness and technical compliance.

See: LNB News 16/06/2021 92.


MEPs call for EU human rights sanction regime to cover corruption

The Foreign Affairs Committee of the European Parliament has adopted a resolution calling for the European Commission to produce a legislative proposal to include corruption as a punishable offence within the EU Global Human Rights Sanctions Regime (GHRSR). Members of the European Parliament (MEPs) have also called for a system whereby they can propose cases of serious human rights violations ‘in order to increase the legitimacy’ of the GHRSR, as well as the introduction of qualified majority voting with the goal of achieving a more effective implementation of the regime. 58 MEPs voted in favour of the resolution, with eight voting against and three abstaining.

See: LNB News 16/06/2021 111.


Treasury Committee to examine AML measures and impacts of economic crime

The Treasury Committee has announced that it will assess UK’s anti-money laundering (AML) measures and sanctions and how economic crime impacts consumers. A virtual meeting will take place at 3.30 pm on 14 June 2021.

See: LNB News 10/06/2021 84.


Privilege

Legal Advice Privilege and internal investigations—getting the basics right

Sophie White, partner and Saira Choonka, principal associate from Eversheds Sutherland analyse the case of A v UBS AG, highlighting the issue of legal privilege in the context of investigations. There is a growing trend for financial institutions to commission external law firms to conduct internal investigations into complex issues. Maintaining privilege over documents produced during the course of an investigation is imperative to avoid disclosure of potentially damaging investigatory materials. This article sets out a series of steps financial institutions can use to protect their position.

See News Analysis: Legal Advice Privilege and internal investigations—getting the basics right.


Cybersecurity

SMEs failing to buy cyber insurance, study shows

Law360, London: Almost nine in ten small and mid-sized businesses in Britain do not have cyber insurance policies, exposing them to the risk of attack amid the growth of online activity, insurer Aviva plc has warned.

See News Analysis: SMEs failing to buy cyber insurance, study shows.


MEPs vote in favour of cybersecurity resolution amid hybrid threats

MEPs have called for heightened cybersecurity standards for connected devices, apps and operating systems in light of the increasing complexity of so-called ‘hybrid threats’—methods used by hostile actors to target democratic states through misinformation campaigns and cyberattacks on economic processes and democratic institutions. MEPs voted overwhelmingly in favour of a resolution by 670 votes to four (12 abstaining) calling for connected products to be made secure-by-design, fortified against cyber incidents, and easily-patchable should any weaknesses be discovered, but have also called on the European Commission to harmonise national laws across Member States to maintain consistency throughout the single market.

See: LNB News 10/06/2021 65.


Modern slavery

Modern Slavery (Amendment) Bill [HL]

House of Lords first reading 15 June 2021

See: LNB News 16/06/2021 1.


UK/EU divergence—have your say

Please click here to participate in our Customer Survey—UK/EU Divergence. The aim of the survey is to gather insight into customer needs and preferences for PSL coverage of how UK law diverges from EU law arising from the UK’s departure from the EU. The survey also covers potential for divergence within the devolved administrations of the UK (in areas where EU previously had competence), as well as needs around EU materials going forward. It should take around 20 minutes to complete.


Daily and weekly news alerts

Did you know that you can set up your own personal alerts to let you receive all of our news stories on either a daily or a weekly basis? Go to your ‘News’ tab and amend your personal settings to subscribe to regular updates by clicking on either ‘Email’ or ‘RSS’ (depending on how you prefer to receive them) on the right hand side of the blue banner.


New and updated content

Practice Note: What’s new and what’s changed in 2021—Risk & Compliance contains a summary of substantive changes to our content.

New Practice Note


Updated Practice Notes


Updated Precedents


Trackers

Lexis®PSL Risk & Compliance has a dedicated area on the Key Resources section of the home page that tracks interesting and important cases, legislation, consultations and other key developments in the world of risk & compliance. For more information, see: Risk & Compliance forecast as at 15 June 2021.

Related Articles:
Latest Articles:
About the author:
Allison is a former partner of Shoosmiths, with extensive experience of legal management and practice compliance.