Compliance Updater - October 2018

A summary of key compliance stories around the globe in October.

Regulatory and compliance news in brief

Facebook notifies of massive potential data breach.
In its first breach since the implementation of the EU’s General Data Protection Regulation (GDPR), social networking giant Facebook announced that hackers could have gained access to up to 50m user accounts. Facebook has notified the data protection commissioner in Ireland, the home of its European HQ, and also asked the US FBI to investigate.

Musk settles with the US SEC over misleading tweet.
Elon Musk agreed to step down as chairman of Tesla for at least 3 years and pay a $20m fine but will remain as CEO of the electric car manufacturer. The SEC was seeking to bar Mr Musk from serving in any public company due to his false and misleading statements after he said “funding secured” to take Tesla private at $420 per share in a tweet. Mr Musk had neither discussed nor confirmed key terms such as price and funding sources at the time.

Walgreens Boots Alliance pays $34.5m penalty to US SEC.
Pharmacy group Walgreens Boots Alliance agreed to pay a penalty of $34.5m to the US Securities and Exchange Commission without admitting or denying it had made inaccurate and misleading disclosures. The company had reaffirmed earlier projections of operating income between $9bn and $9.5bn for 2016 despite increasing risks that it would fail to achieve that level.

Brussels orders Malta to tighten its AML rules.
The European Commission will issue binding demands on Malta’s financial regulator to address systemic weaknesses in its enforcement of anti-money laundering rules. If Malta’s Financial Intelligence Analysis Unit does not make the required changes, the European Banking Authority will give direct orders to Malta’s banks to bring them into line with EU rules.

StanChart starts negotiations with US regulators over alleged sanctions breaches.
Standard Chartered has started negotiations with US regulators including the Department of Justice that are seeking to impose fines of around $1.5bn for breaches in sanctions involving Iran-based clients of StanChart’s Dubai branch. It is alleged that StanChart continued to breach sanctions by processing US dollar transactions for Iran-controlled entities after signing a deferred prosecution agreement and paying a $667m fine in 2012.

UK High Court rules in favour of NCA’s unexplained wealth order and the name is revealed.
The UK’s High Court ruled in favour of the National Crime Agency (NCA) as it faced an attempt to overturn an unexplained wealth order (UWO) against a banker’s wife. The failure to overturn the UWO means the female now has to explain how she came to afford the properties or face having them seized.
After reporting restrictions expired, Zamira Hajiyeva, the wife of jailed former chair of the International Bank of Azerbaijan, was revealed as the subject of the UK’s first unexplained wealth order. UWOs require owners of assets worth £50,000 or more to explain how they were able to afford them when their declared income seems to be too low. Mrs Hajiyeva was challenged in relation to an £11.5m house in Knightsbridge bought by Vicksburg Global, a company incorporated in the British Virgin Islands. Vicksburg secured a £7.5m mortgage, implying a £4m deposit, and the loan was paid off in 5 years. There were also other assets including a golf club near Ascot worth around £10.5m and a private jet. Mrs Hajiyeva spent more than £16.3m between 2006 and 2016 in Harrods, including £150,000 in a single day. Mr Hajiyeva’s net income at the bank was around $71,000 per annum.

Danske receives requests for information from the US DoJ.
Danske Bank, the Danish bank at the centre of a money laundering scandal involving its Estonian branch, has received a request for information from the US Department of Justice. A US federal prosecution could result in a large fine for Danske.

Forex rigging trial begins in New York.
A three-week trial began in New York accusing three individuals of price fixing in the foreign currency markets. The three all worked in the UK – Rohan Ramchandani ex-Citigroup, Richard Usher ex-RBS and Christopher Ashton ex-Barclays. They were all members of a chatroom where they shared information and advice that also included Matt Gardiner (ex employee of UBS and Standard Chartered). Mr Gardiner has made a plea deal with the US Department of Justice to give evidence against the trio. The individuals face a potential 10-year jail sentence if found guilty.

No-deal Brexit threat to derivatives clearing.
In the event of the UK leaving the EU without any deal, there is the potential for a sudden need for EU banks to move their clearing from UK clearing houses. However, the UK clearing houses (LCH, ICE Clear Europe and LME Clear) dominate the clearing of European OTC derivatives market clearing thousands of contracts worth tens of trillions of dollars. EU banks moving their positions would be difficult due to the absence of EU alternatives and the need to post further margin.

UK’s FCA unveils no-deal Brexit plans.
The UK’s Financial Conduct Authority issued consultation documents outlining how it plans to issue temporary authorisations to EU groups ‘passporting’ business into the UK for an initial 3-year period after a no-deal Brexit. No similar proposals for temporary permits have been made available from Brussels for the 5,500 UK groups that passport into the EU.

$500bn in bonds may need rewritten documentation.
With the scandal-tainted Libor set for extinction in 2021, law firm Linklaters estimates that more than $500bn in bonds may need to have their documentation rewritten. Many of the bonds are floating rate notes linked to Libor.

UK’s PRA tells banks and insurers to nominate top manager with responsibility for climate change impact.
In an unprecedented step for a financial regulator, the UK’s Prudential Regulation Authority (PRA) issued a draft supervisory statement that tells boards to identify a senior executive to take charge of climate change risks. The move will apply to large banks and insurers and result in careful analysis of areas such as loans to high-carbon projects, like coal power, and additional damage in flood plains to mortgage books.

HSBC on track to trade in Shanghai.
Global bank HSBC is on track to become the first foreign company to trade on the Chinese stock exchange under the so-called London-Shanghai Stock Connect initiative. HSBC will offer Chinese Depository Receipts allowing Chinese domestic investors to trade a foreign company in their own market for the first time.

FATCA encourages UBS to re-enter the US.
Nine years after a $780m fine from the US Department of Justice for helping clients evade taxes, Swiss giant UBS is planning to re-enter the US market for ultra-high net worth individuals and family offices. The bank believes that recent regulatory changes including the Foreign Account Tax Compliance Act (FATCA) cuts the risk of regulatory problems.

Tech giants in call for US version of GDPR.
Apple and Facebook have backed calls for the US to legislate to give equivalent protections to Americans as those within the European Union due to the implementation of the General Data Protection Regulation (GDPR). The White House currently believes such a move would impose unnecessary burdens on companies.

Facebook fined the maximum by the UK’s ICO.
The Information Commissioner’s Office (ICO), the UK regulator for data protection, formally fined Facebook over the Cambridge Analytica scandal at the maximum level available under the rules that applied at the time - £500,000. If the incident had arisen post the implementation of the EU General Data Protection Regulation (GDPR) the fine could have been as high as $1.6bn.

British Airways data breach revealed to be bigger than first thought.
British Airways revealed a data breach in September where hackers stole details of around 380k customers. The airline has now found that the hack impacted another 185k customers. The breach is expected to be one of the first major incidents to be disciplined under the recently implemented GDPR regime.

Fraudsters identifiable by tiny facial movements?
Chinese banks have started using micro-expression technology to spot signs of fraud in customers’ facial movements. Phone cameras are used to detect minute facial expressions that indicate someone is being economical with the truth. Developed by Ping An, the Chinese financial services giant, it is said that the technology has reduced credit losses by 60%. However, using the system in Europe may be difficult - to get the best from it probably requires use without the customer’s awareness, which could be difficult under the recently introduced General Data Protection Regulation (GDPR).