The Swiss-U.S. Privacy Shield Framework is approved

The Swiss-U.S. Privacy Shield Framework (the “Framework”) made its debut on January 12, 2017 without much fanfare when Swiss federal councillor Johann Schneider-Ammann announced the Framework’s approval as a valid legal mechanism to comply with Swiss requirements for transferring personal data from Switzerland to the United States. The Framework, designed by the U.S. Department of Commerce (the “DOC”) and the Swiss government to align with the EU-U.S. Privacy Shield, will immediately replace the U.S.-Swiss Safe Harbor. The DOC will begin accepting self-certifications starting April 12, 2017 to give organizations ample time to review the new Framework’s principles and compliance requirements. For more of Scherzer International’s coverage of the EU-U.S. Privacy Shield, click here.

February 2nd, 2017|Business Transactions, European Union, International, Legislation, Privacy, Risk Management|

Three companies to be fined for relying on invalidated Safe Harbor to transfer data from the EU

Fortune reported that Hamburg, Germany’s data protection commissioner, Johannes Caspar, is taking five unspecified global companies to task for continuing to transfer EU data to the US after the Safe Harbor ruling made it illegal, The Hamburg data protection authority is preparing to fine three companies for relying on the Safe Harbor privacy framework as the legal basis for their trans-Atlantic data transfers, the report states. “Two other firms are also under investigation” according to the report.  Caspar refused to disclose the names of the companies for legal reasons, but said they are “large international companies” and “subsidiaries of US-based global corporates.”

February 29th, 2016|European Union, International|

U.K. Bribery Act now slated to take effect July 1, 2011

After receiving widespread criticism for the lack of guidance and compliance clarification, the U.K. Bribery Act of 2010 (Bribery Act) originally scheduled for implementation in April 2011, is now set to take effect July 1, 2011. The act’s jurisdiction extends to commercial organizations incorporated or formed in the U.K. or “which carr[y] on a business or a part of a business in the U.K. irrespective of the place of incorporation or formation.” Determination of such existence will be made by the U.K. courts and will require “a demonstrable business presence.” The official guide states that an organization will not be deemed to be carrying on a business in the U.K. merely by virtue of having its securities listed on the London Stock Exchange or by having a U.K. subsidiary.

Unlike the anti-bribery provisions of the U.S. Foreign Corrupt Practices Act (FCPA), which focus primarily on corruption involving non-U.S. government officials, the Bribery Act  widens its scope to prohibit domestic and international bribery across both private and public sectors. And while the FCPA allows exceptions for facilitation payments (generally small payments to lower-level officials for “routine government actions,”) the Bribery Act does not. These payments were illegal under the previous legislation and the common law, but the difference under the Bribery Act is that non-U.K. organizations are broadly subjected to these restrictions for the first time.

The Bribery Act specifically criminalizes the offering, promising or giving a bribe (active bribery) and the requesting, agreeing to receive or accepting a bribe (passive bribery) to obtain or retain business or secure a financial or other advantage. It also contains a provision whereby an organization that fails to prevent bribery by anyone associated with the organization can be charged under the Bribery Act unless it can establish the defense of having implemented preventive “adequate procedures.” The official guide recommends the following six principles as foundation for developing “adequate procedures” to prevent bribery:

  • Proportionality – Actions should be proportionate to the risk, nature, size and complexity of the organization.
  • Top-level Commitment – Board of directors, owners, officers or equivalent top level- management should establish and promote a culture where bribery is never acceptable and be committed to preventing bribery, both within the organization and with anyone associated with the organization externally.
  • Risk Assessment – Various risk exposures, both internal and external, such as country of operation, business sector, types of transaction, new markets, and business partnerships should be evaluated and documented on an ongoing basis.
  • Due Diligence – Proportionate, risk-based approach to due diligence procedures assessing existing and proposed relationships should be taken to ensure trustworthy associations and mitigate identified bribery risks.
  • Communication – Appropriate channels of communication, awareness and training, both internal and external, on anti-bribery policies and procedures should be implemented and evaluated on a regular basis.
  • Monitoring and Review – Anti-bribery policies and procedures should be monitored on an ongoing basis and amended as quickly as possible when activities and risks change.

The penalties for violating the Bribery Act are severe, with individuals facing up to 10 years in prison and organizations facing unlimited fines. Violations also may result in damaging collateral consequences such as director disqualification, ineligibility for public contracts, and asset confiscation.

 

May 9th, 2011|Educational Series, International, Legislation|

What is FATF?

FATF, which is the acronym for the Financial Action Task Force, and also known by its French name, Groupe d’action financière (GAFI), is an inter-governmental policy-making organization founded in 1989 by the initiative of the G7. The FATF Secretariat, headquartered in Paris, is comprised of over 30 countries, and has a ministerial mandate to establish international standards for combating money laundering and terrorist financing.

The primary functions of the FATF are to monitor members’ progress in implementing necessary measures, review money laundering and terrorist financing techniques and counter-measures, and promote the adoption and implementation of appropriate measures globally. To date, over 180 jurisdictions have joined the FATF or a FATF‐style regional body, and committed at the ministerial level to implement FATF standards and evaluations. In performing its activities, the FATF collaborates with other international bodies involved in combating money laundering and  terrorism financing, and has established mutual evaluations (see monitoring implementation of the FATF recommendations.)

The FATF does not have a tightly defined constitution or an unlimited life span, and thus periodically reviews its mission. The current mandate of the FATF (for 2004-2012) was subject to a mid-term review and was approved and revised at a ministerial meeting in April 2008 (see FATF standards.)

January 18th, 2011|Educational Series, International|

Decoding criminal records in the UK

In the UK, a criminal record is technically any conviction in a court of criminal offence. However, many motor vehicle offences are not deemed as crimes for criminal record purposes, since such offences carry fixed penalties and are not considered criminal convictions. Offences that are prosecuted by local authorities are sometimes classified as criminal offences, although they are unlikely to be in the Police National Computer (the “PNC”). Even if an individual has accepted a “police caution” as an alternative to prosecution, this would count as a criminal conviction.

The Criminal Records Bureau standard and enhanced disclosures contain information about convictions, cautions, reprimands, and warnings retained in the PNC and the equivalent systems in Scotland and Northern Ireland. For the purposes of CRB disclosures, a caution, reprimand, or warning that has been entered into the PNC will constitute a criminal record.

Criminal convictions also are labeled as “spent” and “unspent.” A “spent” conviction is removed from public records, meaning that the defendant has served time and passed through a rehabilitation period. Until then, the conviction is “unspent.” Some convictions, such as crimes with a prison sentence of more than 2.5 years, remain “unspent” indefinitely, regardless of the elapsed time. For convicted minors under 18 years of age, the “unspent” period is cut in half.

During the “unspent” time, the conviction must be disclosed when applying for jobs and on other applications. And for certain jobs such as law enforcement, some roles in the financial services sector, prison services, health services, private security, and for work with children, the elderly, and disabled, “spent” convictions also must be disclosed.

July 20th, 2010|Criminal Activity, Educational Series, International|