This issue of Skadden’s semiannual Cross-Border Investigations Update takes a close look at recent cases, regulatory activity and other key developments, including DOJ guidance on the use of corporate monitors in criminal matters, the expansion of multijurisdictional anti-corruption enforcement, a landmark U.K. appeals ruling clarifying privilege in criminal investigations and trends based on an analysis of FCPA corporate resolutions.
France Introduces Enhanced Enforcement Framework for Prosecution of Tax Fraud
On October 23, 2018, the French Parliament introduced a new procedural framework for criminal tax fraud prosecutions whether to refer cases to public prosecutors for prosecution, and cases were brought only upon referral from both agencies. The new law requires referral in cases where (i) the amount of tax avoided exceeds €100,000 (or, in certain cases, €50,000) and (ii) the tax authority has found intentional wrongdoing by the taxpayer and imposed one of several additional statutory penalties. As public prosecutors typically have brought criminal cases in the vast majority of referrals, the new law is expected to increase the volume of prosecutions for tax fraud. The new law also increases the maximum fines that can be imposed for tax fraud, creates additional penalties for those who assist others in avoiding taxes and establishes a “tax police” unit at the French Ministry in Charge of Action and Public Accounts.
In anticipation of a higher volume of tax fraud prosecutions, the legislation also provides procedures for pretrial guilty pleas and deferred prosecution agreements (DPAs) in criminal cases involving allegations of tax fraud. While guilty pleas require admissions of guilt, DPAs do not.
UK Lawmakers Launch Investigations Into Audit Market
In November 2018, the U.K. Parliament announced that it had launched an inquiry into the nation’s corporate auditing market — currently dominated by the Big Four accounting firms — in response to a series of accounting scandals that have “undermined public and investor confidence.” In October 2018, the U.K. Competition and Markets Authority announced that it was launching a “fast-track” investigation into the auditing industry, specifically addressing the question of whether a lack of competition in the sector has driven down audit quality. The UK’s auditing industry has faced increasing criticism in recent months, particularly following the collapse of construction giant Carillion due to auditing failures, and accounting scandals at retail group BHS and cafe chain Patisserie Valerie.
UK’s First-Ever Unexplained Wealth Order
On October 10, 2018, the High Court of Justice in England upheld its first unexplained wealth order (UWO). The order was issued against Zamira Hajiyeva, wife of the former chairman of the International Bank of Azerbaijan, who is currently serving a 15-year sentence for fraud, money laundering and embezzlement of € 2.2 billion. The U.K.’s National Crime Agency sought the UWO, a court order issued to compel an individual to reveal the source of his or her wealth under legislation enacted in January 2018 as part of the Criminal Finances Act of 2017. The goal of these orders is to pursue the assets of individuals using illegitimately obtained funds, particularly those arising from foreign corruption, to obtain U.K. property.
The issuance of the UWO is not a criminal proceeding, but where an individual fails to show a legitimate source for his or her assets, the National Crime Agency is empowered to seize them. This case has attracted media attention, given details of extravagant purchases Hajiyeva made at several prominent London retailers. The National Crime Agency has already seized jewelry belonging to Hajiyeva worth hundreds of thousands of pounds that were scheduled to be auctioned by Christie’s, to prevent the sale pending the outcome of the investigation.
SFO Appoints New Director
On August 28, 2018, Lisa Osofsky began a five-year term as director of the Serious Fraud Office (SFO) in the U.K. Director Osofsky, who has both American and British citizenship, has had an extensive career prosecuting a range of white collar crimes in the U.S. She began her career at the U.S. Department of Justice (DOJ) and then worked at the FBI and an investment bank. She is the second appointee to come from the private sector in the SFO’s 30-year history.
At the outset of her tenure, Director Osofsky pledged to be a “different kind” of director. She has noted that her priorities for the agency include: (i) improving cross-border coordination; (ii) improving corporate engagement; (iii) continuing the use of DPAs; (iv) increasing attention to money laundering; and (v) speeding up individual prosecutions. One of her first major strategic decisions in office was deciding not to appeal the ruling handed down by the English Court of Appeal in The Director of the Serious Fraud Office v. Eurasian Natural Resources Corporation Ltd, which reaffirmed the protection of litigation privilege in the context of criminal investigations. (The ENRC decision is discussed further in our article “Landmark Appeals Ruling Clarifies Privilege in UK Criminal Investigations,” on page 23.)
Criminal Tax Enforcement
ZKB Bankers Who Hid Money From US Revenue Service Sentenced to Probation
On November 30, 2018, two former Zürcher Kantonalbank (ZKB) bankers who pleaded guilty in August 2018 to conspiring to help U.S. taxpayers evade their U.S. tax obligations were each sentenced in the U.S. District Court for the Southern District of New York to one year of probation. While each defendant faced a sentence of 15 to 21 months under the U.S. Sentencing Guidelines, the court found that a probationary sentence was appropriate given their “minimal role” in the underlying scheme. These sentences follow a DPA that ZKB entered into in August 2018, in which the bank admitted to helping U.S. clients collectively avoid paying more than $39 million in U.S. taxes between 2002 and 2013. ZKB agreed to pay $98.5 million in connection with the DPA.
Canadian Man Gets Five-Year Term for $10 Million Tax Scheme
On August 28, 2018, Daveanan Sookdeo, a Canadian citizen, was sentenced to five years in prison for promoting a tax fraud scheme in which he and other Canadian citizens filed false tax returns with the U.S. Internal Revenue Service (IRS). As described by the court, participants in the scheme fraudulently claimed that nearly $10 million in income had been withheld by Canadian financial institutions, entitling them to tax refunds. After the co-conspirators received their refunds, they opened U.S. bank accounts to deposit the refund checks, then transferred the money back to Canada.
Sookdeo charged an upfront fee for the false documents used in the scheme, profited from a percentage of any tax refunds obtained through the scheme and personally filed nine false tax returns. He was the fifth Canadian citizen convicted in connection with this tax scheme. Sookdeo’s California-based co-conspirator, Ronald Brekke, is currently serving a 12-year prison sentence for his involvement in the scheme.
DOJ Secures First-Ever Conviction for Violating FATCA
Adrian Baron, the former chief business officer and CEO of Loyal Bank, Ltd., an offshore bank with offices in Hungary, St. Vincent and the Grenadines, pleaded guilty on September 11, 2018, in the U.S. District Court for the Eastern District of New York to conspiring to defraud the United States by failing to comply with the Foreign Account Tax Compliance Act (FATCA). This was the first conviction under FATCA, a U.S. statute enacted to combat tax evasion by U.S. persons holding accounts and other financial assets offshore. The law requires certain foreign financial institutions and other foreign entities to identify their U.S. customers and to report certain information about the foreign assets of their U.S. accountholders.
As described by the court, in June and July 2017, Baron met with an undercover agent posing as a U.S. citizen involved in stock manipulation schemes. The agent explained his stock manipulation schemes, said that he wished to open corporate accounts at the bank but did not want to personally appear on any of the account opening documents, and said he needed to circumvent IRS reporting requirements under FATCA. Loyal Bank proceeded to open accounts for the agent as discussed, and neither the bank nor Baron requested or collected the information required by FATCA from the agent.
Baron, a citizen of the U.K., St. Vincent and the Grenadines, was extradited to the U.S. from Hungary in July 2018. The investigation of the case involved assistance from the City of London Police, the U.K.’s Financial Conduct Authority and the Hungarian National Bureau of Investigation, in addition to U.S. authorities.
US Unseals Charges in 1MDB Scandal
On November 1, 2018, in a case involving the cooperation of numerous non-U.S. law enforcement authorities, federal prosecutors unsealed charges in the U.S. District Court for the Eastern District of New York against two former bankers and a Malaysian financier for allegedly conspiring to launder $2.7 billion embezzled from 1Malaysia Development Berhad (1MDB), a state-owned investment development fund. The government contends that the defendants laundered the funds by purchasing luxury real estate and artwork at a high-end auction house in New York City, and by funding major U.S. motion pictures, most notably “The Wolf of Wall Street.” On November 30, 2018, in connection with this investigation, a former DOJ senior congressional affairs specialist pleaded guilty in the U.S. District Court for the District of Columbia to conspiring to facilitate the transfer of millions of dollars from the indicted financier’s foreign bank accounts to U.S. accounts, as part of the financier’s efforts to fund a lobbying campaign to resolve the DOJ’s ongoing 1MDB investigation.
Three Forex Traders Acquitted of Forex-Rigging Charges
On October 26, 2018, a federal jury in the U.S. District Court for the Southern District of New York acquitted three former foreign exchange (forex) traders charged with conspiring to violate the Sherman Antitrust Act by rigging forex benchmark rates. The charges covered a five-year period beginning in 2007, during which time the London-based traders worked at affiliates of certain financial institutions. The government alleged the traders fixed forex prices in part through the use of an online Bloomberg chatroom the traders referred to as “the cartel” but apparently failed to persuade the jury.
Former Deutsche Bank Traders Convicted in Libor Manipulating Scheme
On October 17, 2018, the U.S. District Court for the Southern District of New York convicted former Deutsche Bank derivatives trader Gavin Campbell Black, of London, and Matthew Connolly, former supervisor of the bank’s pool trading desk in New York, of wire fraud and conspiracy related to manipulating the Libor global benchmark. Authorities in the U.S. and U.K. participated in the investigation leading to the convictions. This was the second trial in the U.S. against traders accused of manipulating Libor. The government alleged that the defendants pressured the individuals responsible for submitting the bank’s Libor rates to adjust their submissions to favor the financial interests of Deutsche Bank and its traders.
The convictions followed an extensive investigation of Deutsche Bank related to the same conduct, which resulted in the bank’s entry into an April 2015 DPA. As part of that agreement, Deutsche Bank Group Services (UK) Limited pleaded guilty to one count of wire fraud and agreed to pay a $775 million fine. Sentencing dates for Black and Connolly have not yet been set.
Telemarketer Sentenced to 11 Years in Prison for $18 Million Cross-Border Fraud
On September 10, 2018, Mark Eldon Wilson, the owner of a Canadian telemarketing company, was sentenced in the U.S. District Court for the Central District of California to 135 months in prison for defrauding victims of over $18 million. As found by the court, between 1998 and 2001, Wilson and his employees falsely represented to victims that they were vulnerable to credit card fraud and would be held liable for fraudulent charges on their cards. To mitigate this supposed risk, Wilson and his employees offered sham credit card protection services with a false money-back guarantee. After fighting extradition from Canada for over 10 years, Wilson was convicted on March 30, 2018, of nine counts of mail and wire fraud in connection with telemarketing and sentenced to 135 months in prison. Wilson was not ordered to pay restitution due to the complexity of his scheme and the fact that many victims had already received refunds from their banks or credit card companies. The case was jointly investigated by the FBI, U.S. Postal Inspection Service, Federal Trade Commission and Royal Canadian Mounted Police, with assistance from the U.S. DOJ Office of International Affairs and Canada’s Department of Justice.
Trader Pleads Guilty to Fraud in Beaufort-Linked Manipulation Case
On September 17, 2018, William T. Hirschy pleaded guilty in the U.S. District Court for the Eastern District of New York to securities fraud and conspiracy to commit securities fraud charges for manipulating the share price of HD View 360 (HDVW), a publicly traded company that distributed and installed security surveillance systems.
Hirschy, the CEO of WT Consulting Group, was charged in March 2018 along with Dennis Mancino, the CEO of HDVW, with arranging with Mancino and others to pump up HDVW’s stock price, sell the stock for a multimillion dollar profit and pay kickbacks to brokers who executed manipulative trades designed to increase the price and trading volume of HDVW. Hirschy’s prosecution arises out of a joint investigation of U.K.-based Beaufort Securities that was conducted by U.S. and U.K. authorities. On March 2, 2018, the DOJ charged Beaufort Securities and several of its staff for orchestrating securities fraud and money laundering schemes totaling $50 million. The government alleged that these schemes included manipulating trading in small-cap U.S. stocks such as HDVW by using “pump-and-dump” schemes and laundering the fraudulent proceeds through offshore bank accounts and through purchases and sales of artwork. The Securities and Exchange Commission (SEC) also charged Beaufort Securities and its staff with manipulating trading in HDVW. Hirschy’s sentencing is scheduled for December 19, 2018.
US Charges Three Futures Traders With Spoofing
On October 11, 2018, the DOJ filed charges in the U.S. District Court for the Southern District of Texas against three commodity futures traders for their involvement in a two-year-long scheme of “spoofing” — placing and then canceling orders to manipulate the price of futures contracts. Two of the traders, both U.S. citizens, have agreed to plead guilty. The third indicted trader, a Chinese citizen, has not pleaded guilty. The indictment alleges that between 2012 and 2014, the traders conspired to mislead the markets for E-Mini S&P 500 and E-Mini Nasdaq 100 futures contracts traded on the Chicago Mercantile Exchange, as well as E-Mini Dow futures contracts traded on the Chicago Board of Trade. The Commodity Futures Trading Commission has also filed charges against one of the traders.
Brokerage Firms Fined $1.15 Million for Fake Forex Trades
On September 26, 2018, U.K.-based brokerage firm TFS-ICAP Ltd. and its U.S.-based affiliate, TFS-ICAP LLC, resolved forex-related charges brought by the New York attorney general (NYAG). Both entities pleaded guilty to a misdemeanor violation of the Martin Act for posting fake trades in emerging market forex currency options. The NYAG found that between 2007 and 2015, brokers at the companies “printed” fake trades in order to increase orders for Latin American forex options. The NYAG also found that “high managerial agents” were aware of this practice and “recklessly tolerated it.” The companies entered a settlement with the NYAG in which they agreed to (i) pay $1.15 million in penalties; (ii) implement remedial measures; (iii) retain an independent monitor for two years; (iv) remove two high-level managers from supervisory roles related to brokering forex options to New York traders; and (v) cooperate in the NYAG’s ongoing criminal investigations of individual managers and brokers at the companies.
DOJ Charges UK Man in $164 Million Securities Scheme
On October 3, 2018, U.K. citizen Roger Knox was arrested on charges of securities fraud and conspiracy. The DOJ (and the SEC in parallel civil charges) alleged that Knox and several co-conspirators — three of whom are cooperating witnesses, including two attorneys — engaged in a sprawling, global scheme to facilitate “pump-and-dump” and other market manipulation schemes that generated approximately $164 million in proceeds. From June 2015 to the present, according to the charges, Knox operated an asset manager in Switzerland that facilitated the manipulation of “microcap” securities — shares in companies that have a low market capitalization. Authorities allege that Knox used brokerages in the U.S., Malta, Dubai, Mauritius, Canada and the U.K. in the scheme, as well as another asset manager in Belize. To date, the authorities have identified over 100 stocks sold by Knox’s asset manager.
FCPA and Bribery
Petrobras Settles Corruption Investigation for $853 Million
On September 27, 2018, the Brazilian state-owned energy company Petróleo Brasileiro S.A. (Petrobras) agreed to pay a total of $853.2 million to resolve multiple investigations arising out of billions of dollars in corrupt payments facilitated by Petrobras and its contractors to Brazilian politicians and political parties. The resolution included a nonprosecution agreement with the DOJ and a cease-and-desist order from the SEC relating to allegations of bribery and failure to maintain accurate books and records and appropriate internal controls in violation of the Foreign Corrupt Practices Act (FCPA). The resolution also included a settlement agreement with the Ministério Público Federal in Brazil, which had been conducting a parallel investigation. The settlement is notable in that the DOJ and SEC were essentially enforcing the FCPA against an arm of a foreign government, as Petrobras is a state-owned entity. In addition to monetary penalties, Petrobras agreed to review and update its compliance policies and procedures, including specific requirements relating to diligence and oversight of Petrobras’ interactions with third parties.
Och-Ziff Reaches $29 Million Settlement in FCPA Probe
On October 2, 2018, Och-Ziff Capital Management Group agreed to pay $28.75 million to settle shareholders’ claims that the company concealed a bribery scheme and subsequent investigations by U.S. regulators that cost Och-Ziff $412 million and caused its stock price to fall. In 2011, the SEC and DOJ opened an investigation into whether Och-Ziff violated the anti-bribery provisions of the FCPA in connection with certain of the company’s investments in Africa. According to the plaintiffs, who filed their class action lawsuit in May 2014 in the U.S. District Court for the Southern District of New York, Och-Ziff and two of its executives hid these probes from shareholders until The Wall Street Journal revealed them in a series of articles starting in February 2014. In September 2016, Och-Ziff entered into a DPA with the DOJ and agreed to pay a $213 million fine. In related proceedings, the SEC filed a cease-and-desist order against Och-Ziff, whereby the company agreed to pay $199 million in disgorgement.
Och-Ziff’s settlement-in-principle with the plaintiffs follows Judge J. Paul Oetken’s decision on September 14, 2018, to certify a class consisting of investors who bought Och-Ziff securities from February 2012 to August 2014. The final settlement approval hearing is scheduled to occur on January 16, 2019.
Sanofi Settles SEC’s International Bribery Claims for $25 Million
On September 4, 2018, Paris-based pharmaceutical company Sanofi agreed to pay $25.2 million to resolve the SEC’s investigation into alleged bribes paid by the company’s subsidiaries in Kazakhstan and the Middle East to obtain business. According to the SEC’s order, the scheme spanned multiple countries and involved corrupt payments made to government procurement officials and health care providers in exchange for winning tenders and increased prescriptions of its products. The SEC found that Sanofi violated the books and records and internal accounting control provisions of the federal securities laws. In a no-admit, no-deny resolution, Sanofi agreed to a cease-and-desist order and to pay a settlement that included disgorgement, prejudgment interest and a civil penalty. Sanofi additionally agreed to two years of heightened reporting requirements.
Oil Executives Sentenced to Prison for Global Bribery Scheme
On September 28, 2018, two former executives of SBM Offshore, N.V., a Dutch oil services company, were sentenced to prison in connection with a scheme to bribe foreign government officials in Brazil, Angola and Equatorial Guinea to win bids with state-run oil companies. Former SBM CEO Anthony Mace, of the U.K., was sentenced to 36 months in prison and fined $150,000. Robert Zubiate, a former sales and marketing executive at SBM’s U.S.-based subsidiary, SBM USA, was sentenced to 30 months in prison and fined $50,000. Although Mace claimed that he “inherited” the scheme since it predated his time as CEO, he admitted that he joined the conspiracy by authorizing payments and deliberately avoiding knowledge that the payments were bribes. In 2014, SBM agreed to pay $240 million to Dutch authorities and in 2017 entered into a $238 million DPA with the U.S. based on the same allegations. Brazil’s Ministério Público Federal, the Netherlands Public Prosecution Service (NPPS) and Switzerland’s Office of the Attorney General and Federal Office of Justice assisted the DOJ with its investigation.
Second Circuit Mulls Unsettled McDonnell Issues in Guinean Case
Mahmoud Thiam, former minister of mines and geology of the Republic of Guinea, was convicted in 2017 in the U.S. District Court for the Southern District of New York for laundering bribes paid to him by executives of a Chinese conglomerate that was seeking mineral rights. At trial, prosecutors argued, among other things, that the bribes were illegal under Guinean law. Thiam was sentenced to seven years in prison. He appealed his conviction to the U.S. Court of Appeals for the Second Circuit, arguing that the U.S. Supreme Court’s decision in McDonnell v. United States, a decision interpreting U.S. bribery law, also applies to foreign statues. Thiam argued that his conviction was invalid because the district court did not require the jury to find that he undertook an “official act,” as defined in McDonnell. In October 2018, a three-judge panel of the Second Circuit heard arguments in Thiam’s appeal. The panel questioned whether the McDonnell ruling extends to statutes other than the federal bribery law that was assessed in that case. Thiam’s lawyer argued that McDonnell should apply, notwithstanding the fact that Thiam’s conviction relied in part on his violation of Guinean law, because he was being prosecuted in a U.S. court. Judge John M. Walker, Jr. noted that the Second Circuit has not held that McDonnell is limited to cases involving the federal bribery statute but questioned whether U.S. courts should avoid interpreting the decisions and laws of other countries through the lens of U.S. law.
Société Générale Settles Sanctions and BSA/AML Investigations for $1.4 Billion
On November 19, 2018, Société Générale SA announced its resolution of investigations by the U.S. Attorney’s Office for the Southern District of New York, the New York County District Attorney’s Office, the U.S. Treasury Department Office of Foreign Assets Control, the Board of Governors of the Federal Reserve System, the Federal Reserve Bank of New York and the New York State Department of Financial Services into Société Générale’s historical compliance with U.S. economic sanctions and other related laws.
As part of the settlements, Société Générale agreed to pay penalties totaling approximately $1.3 billion and entered into deferred prosecution agreements with the U.S. Attorney’s Office for the Southern District of New York and the New York County District Attorney’s Office. Société Générale received significant credit for its cooperation during the investigations, including from OFAC for having voluntarily disclosed the facts of the case.
The bank and its New York branch also reached a separate agreement with the New York State Department of Financial Services relating to its Bank Secrecy Act/anti-money laundering compliance program. As part of that settlement, the bank agreed to pay a penalty of $95 million and to continue to enhance its AML compliance program.
ING Pays €775 Million for AML Failures
On September 4, 2018, ING Bank N.V. paid a €775 million ($885 million) settlement to the NPPS after the agency uncovered failures by the bank’s Dutch unit to prevent money laundering and corrupt practices. ING Netherlands was charged with violating the Dutch Anti-Money Laundering and Counter-Terrorist Financing Act by failing to remedy weaknesses in its AML policies on customer due diligence and the reporting of unusual transactions. NPPS detected “serious shortcomings” in ING’s anti-money laundering (AML) policy, including the bank’s failure to prevent bank accounts held by ING clients from being used to launder hundreds of millions of euros between 2010 and 2016. The NPPS’ criminal investigation examined four cases of misused accounts, including a Curaçao-based women’s underwear trader that allegedly laundered €150 million through bank accounts held with ING. The settlement consists of a €675 million fine and a €100 million disgorgement that represents the “underspend” by the bank on its customer due diligence and financial crime prevention systems. For the first time, NPPS invoked a 2015 law that allows it to fine up to 10 percent of a company’s revenue. The bank suspended senior managers who were responsible for ensuring compliance with policies related to financial crime and customer due diligence at the time of the infractions.
Danske Bank Under Criminal Investigation for AML Failures
On October 4, 2018, Danske Bank disclosed that it had received requests for information from the DOJ in connection with suspicious payments of up to €200 billion ($230 billion) that were authorized by its Estonian branch between 2007 and 2015. In September 2018, Danske Bank published an independent report that disclosed multiple failings in its money laundering controls. The findings led authorities in Denmark and the U.K. to open criminal investigations into the Danish bank. The European Commission has also asked the European Banking Authority to examine the role of Danish and Estonian regulators in relation to this matter. The money laundering allegations are focused on the Estonian branch’s purported execution of billions of dollars of “mirror trades” for Russian customers. Mirror trades involve the purchase of securities in one currency (e.g., Russian rubles) and the sale of identical securities in another currency (e.g., U.S. dollars). These clients are often financial intermediaries, thereby reducing the bank’s visibility over the end-customer. While mirror trades are not illegal, they may raise red flags for regulators.
EU Seeks New Anti-Money Laundering Powers for Watchdog
On September 12, 2018, the European Commission proposed giving the European Banking Authority (EBA) new powers to combat money laundering and terrorist financing, including the ability to step in when national authorities fall short. The commission’s proposals would give the EBA greater enforcement powers and more resources to investigate banks allegedly involved in illicit financing. The plans would enable the EBA to order national regulators to investigate breaches and, where necessary, impose penalties, including sanctions. The EBA would be granted the authority to send instructions directly to banks if national regulators failed to act. Under the proposals, the EBA would also collect information on anti-money laundering risks and trends, and it would facilitate the exchange of information between national bodies and cooperation with non-EU countries in cross-border cases. The push to bolster pan-EU anti-money laundering powers follows recent high-profile revelations of money laundering control failings at Danske Bank and the Dutch bank ING.
New York Financial Services Department Fines UAE Bank for Compliance Deficiencies
In October 2018, the New York State Department of Financial Services (DFS) announced $40 million in fines imposed on United Arab Emirates-based Mashreqbank PSC and its New York branch for failing to address deficiencies in its U.S. Bank Secrecy Act/AML and Office of Foreign Assets Control (OFAC) compliance programs. The bank’s New York branch provides U.S. dollar clearing for clients in a number of high-risk jurisdictions, including Southeast Asia, the Middle East and Northern Africa. A DFS examination in 2016 and joint DFS and Federal Reserve Bank of New York examination in 2017 found that the bank had not satisfied its prior commitments to develop a compliance infrastructure commensurate with the risks posed by its business activities. In addition to the monetary fine and other remedial steps, the DFS consent order requires the bank to hire a third-party compliance consultant for its New York branch for at least six months and a third-party “lookback consultant” to review the branch’s transaction clearing activity between April 2016 and September 2016. The bank cooperated with DFS and has expressed its commitment to enhancing its compliance measures.
Cyberattacks and Data Privacy
Chinese Spies Indicted for Alleged Hacking of US Companies
On October 30, 2018, federal prosecutors in the U.S. District Court for the Southern District of California charged two Chinese intelligence officers and eight co-conspirators for hacking computers in the U.S. and Europe in an effort to steal sensitive data related to aerospace technology. According to the indictment, from January 2010 to May 2015, intelligence officers and hackers from the Jiangsu Province Ministry of State Security, a foreign intelligence arm of China’s Ministry of State Security, worked to steal the technology underlying a turbofan engine used in commercial airliners. The co-conspirators allegedly not only used hacking methods to steal confidential information but also co-opted two Chinese employees who worked for the victim company to assist in the conspiracy. At the time of the alleged intrusions, a Chinese state-owned aerospace company was working to develop a comparable engine for commercial use. This is the third time in recent months that the U.S. has brought charges for stealing U.S. intellectual property against Chinese intelligence officials working for the Jiangsu Province Ministry of State Security.
Russian Cybercriminal Pleads Guilty to Operating Botnet
On September 12, 2018, Peter Yuryevich Levashov, of St. Petersburg, Russia, pleaded guilty in the U.S. District Court for the District of Connecticut to criminal charges stemming from his operation of the Kelihos botnet — a network of thousands of computers infected with malicious software. As found by the court, for over two decades, Levashov used the botnet to harvest login credentials, distribute bulk spam emails and install ransomware and other malicious software. Since the late 1990s and until his arrest in April 2017, Levashov controlled and operated multiple botnets to harvest personal information and means of identification (such as email addresses, usernames and passwords) from infected computers. At the time of Levashov’s arrest, the Kelihos botnet alone had infected at least 50,000 computers around the world. Levashov pleaded guilty to (i) causing intentional damage to a protected computer; (ii) conspiracy; (iii) wire fraud; and (iv) aggravated identity theft. He is scheduled to be sentenced on September 6, 2019, and is detained pending sentencing.
Hacker Behind Largest Breach in US History Extradited to US
On September 7, 2018, the DOJ announced that Andrei Tyurin, a Russian national, was extradited to the U.S. from Georgia on charges arising from his participation in a computer hacking campaign that targeted U.S. financial institutions, brokerage firms, financial news publishers and other U.S. companies. Tyurin’s alleged hacking activities lay claim to the largest theft of U.S. customer data from a single financial institution in history, accounting for over 80 million victims. The cyber breaches are alleged to have furthered an array of criminal activities including securities fraud, money laundering, illegal online gambling and fake pharmaceuticals. Tyurin pleaded not guilty in the U.S. District Court for the Southern District of New York. His three co-conspirators have been arrested and were also extradited to the U.S.
Man Who Sold Bank Info to Russian Trolls to Serve Six Months
On October 10, 2018, Richard Pinedo, a resident of Southern California, was sentenced to six months in prison and six months’ home detention for his role in operating an online auction service in which he acquired and sold fraudulent bank account information. Pinedo pleaded guilty in February 2018 to one count of identity fraud. As found by the court, from 2014 to 2017, Pinedo operated a website that enabled customers to set up “stealth accounts” with online payment processors like eBay and Amazon that were “designed to circumvent the security features of large online digital payment companies.” Pinedo obtained the bank account information that he later sold either by registering accounts in his own name or by purchasing accounts in the names of other people. He earned between $40,000 and $90,000 from the operations. His buyers, who were anonymous, included Russian operatives who used the information in an attempt to influence the 2016 U.S. presidential election.
Trader Sentenced to 15 Months for Stealing $1.1 Million in Cryptocurrencies
On November 13, 2018, Joseph Kim, a 24-year-old trader, was sentenced in the U.S. District Court for the Northern District of Illinois to 15 months in prison for misappropriating $1.1 million in bitcoin and litecoin, in the first U.S. criminal case involving cryptocurrency trading. Kim formerly worked as an assistant trader for a proprietary trading firm that had recently formed a cryptocurrency group. As found by the court, over two months in fall 2017, Kim misappropriated at least $600,000 of his trading firm’s cryptocurrencies for his own benefit. After being terminated, Kim engaged in another fraud scheme in which he incurred $545,000 in losses by trading cryptocurrencies on behalf of at least five investors, including friends who invested retirement savings.
Theft and Import/Export Controls
Iranian Man Pleads Guilty to Violating US Export Law
On November 7, 2018, Arash Sepehri, an Iranian national, pleaded guilty in the U.S. District Court for the District of Columbia to conspiring to unlawfully export U.S. goods to Iran in violation of the International Emergency Economic Powers Act and the Iranian Transactions and Sanctions Regulations. According to the indictment, between 2010 and 2011, Sepehri and his co-conspirators sought to evade legal controls through a variety of means, including the use of aliases, United Arab Emirates-based front companies and an intermediary shipping company based in Hong Kong. The exports included laptop computers and a portable side-scan sonar system, among other products. The conspiracy charge carries a statutory maximum of five years imprisonment and possible financial penalties.
California Man Sentenced to Nine Years for Russian Export Scheme
On November 13, 2018, Naum Morgovsky, a naturalized U.S. citizen originally from the Ukraine, was sentenced in the U.S. District Court for the Northern District of California to 108 months in prison and three years of supervised release for conspiring to violate export laws. Morgovsky is charged with conspiring to export to Russia numerous night vision rifle scope components and thermal devices without the required licenses, in violation of the Arms Export Control Act. On October 31, 2018, Morgovsky’s spouse, Irina, was sentenced to 18 months in prison for her role in the scheme. The court has ordered the Morgovskys to self-surrender on January 4, 2019, to begin serving their respective sentences.
Second Circuit Curtails Use of Conspiracy and Complicity Statutes in FCPA Actions
In a decision with implications for the extraterritorial reach of the Foreign Corrupt Practices Act (FCPA), the U.S. Court of Appeals for the Second Circuit held in United States v. Hoskins that a person may not “be guilty as an accomplice or a co-conspirator for an FCPA crime that he or she is incapable of committing as principal.”1 In doing so, the court rejected co-conspirator liability as a basis for the Department of Justice (DOJ) to assert jurisdiction over foreign nationals with no other connection to the United States. However, the government may still base jurisdiction on the fact that a defendant acted as an agent of a U.S. domestic concern, and such a person can be liable of “conspiring with foreign nationals who conducted relevant acts while in the United States.”2
In general, the anti-bribery provisions of the FCPA prohibit U.S. persons and businesses (U.S. domestic concerns), issuers of U.S. securities (issuers) or any other person while in the territory of the U.S. from making corrupt payments to obtain or retain business.3 The FCPA also applies to any officer, director, employee or agent thereof. A non-U.S. national who is not an agent of a U.S. domestic concern or issuer and who never takes actions in furtherance of the alleged corrupt scheme within the territory of the U.S. falls outside of the substantive provisions of the statute.
The DOJ has long used conspiracy and aiding-and-abetting charges to extend the jurisdictional reach of the FCPA to such persons. Its position was clearly espoused in the 2012 Resource Guide to the FCPA, jointly issued with the Securities and Exchange Commission:
Individuals and companies, including foreign nationals and companies, may also be liable for conspiring to violate the FCPA — i.e., for agreeing to commit an FCPA violation — even if they are not, or could not be, independently charged with a substantive FCPA violation.4
In doing so, the government asserted it was following the well-established rule in federal criminal law that “[a] person ... may be liable for conspiracy even though he was incapable of committing the substantive offense.”5
In Hoskins, the government charged Lawrence Hoskins, a non-U.S. citizen who worked for a U.K. subsidiary of the French company Alstom S.A. (Alstom), with conspiracy to violate the FCPA and aiding and abetting others in doing so. Alstom’s U.S. subsidiary allegedly “retained two consultants to bribe Indonesian officials who could help secure a $118 million power contract.”6 The government alleged that although Hoskins never traveled to the U.S. during the scheme, he was one of the persons responsible for approving the selection of the consultants and authorizing payments to them with knowledge that portions of the payments were intended as bribes.
The district court dismissed portions of the indictment, in relevant part, finding that Hoskins could not be liable for conspiracy if he could not be liable for a direct violation of the statute.7
Assuming for the purposes of its analysis that Hoskins was neither an employee nor agent of Alstom’s U.S. subsidiary, the court examined whether he could nonetheless be liable, under a conspiracy or complicity theory, for violating the FCPA. In finding he could not, the court applied an exception, derived from Gebardi v. United States, providing that “conspiracy and accomplice liability will not lie when Congress demonstrates an affirmative legislative policy to leave some type of participant in a criminal transaction unpunished.”8
In Gebardi, the U.S. Supreme Court concluded that a woman could not be charged with conspiracy to transport a woman (herself) across state lines for the purpose of prostitution because the text of the statute showed that Congress intended to leave unpunished women who merely consented to their transport.9 Hoskins argued that similarly, Congress did not intend for the FCPA to apply to non-U.S. natural persons who “(1) do not act within the territory of the U.S., and (2) are not officers, directors, employees or agents of a U.S. domestic concern or U.S. issuer.”10
The Second Circuit agreed, noting the “obvious omission” in the text for “jurisdiction over a foreign national who acts outside the United States, but not on behalf of an American person or company as an officer director, employee, agent, or stockholder.”11 After reviewing the FCPA’s text, structure and legislative history, the court held:
The carefully tailored text of the statute, read against the backdrop of a well-established principle that U.S. law does not apply extraterritorially without express congressional authorization and a legislative history reflecting that Congress drew lines in the FCPA out of specific concern about the scope of extraterritorial application of the statute, persuades us that Congress did not intend for persons outside of the statute’s carefully delimited categories to be subject to conspiracy or complicity liability.12
Other Potential Theories of Liability
Despite concluding that the government was barred from using conspiracy or complicity statutes to charge Hoskins with any offense not punishable under the FCPA itself, the court found that the government could potentially charge him as an agent of Alstom’s U.S. subsidiary because there was no indication of a legislative policy against punishing that class of persons, nor would doing so involve an extraterritorial application of the FCPA. Therefore, the court ruled, the government is free to argue at the trial court that, as an agent of a U.S. domestic concern, Hoskins “conspir[ed] with employees and other agents of [Alstom’s U.S. subsidiary].”13 However, it remains to be seen how useful this theory will be for the government against Hoskins and other similarly situated defendants. Given that the DOJ will pursue at trial the theory that Hoskins was an agent of a U.S. domestic concern that participated in the bribery scheme (as Hoskins was not an employee of the entity that allegedly paid the bribe), the FCPA’s jurisdictional reach may be further clarified.
Revisions to Yates Memorandum Policy Announced
On November 29, 2018, in a speech at the 35th International Conference on the Foreign Corrupt Practices Act, U.S. Deputy Attorney General Rod Rosenstein announced the Department of Justice’s (DOJ or the Department) revised policy concerning individual accountability. The revised policy maintains much of the guidance in its predecessor policy — the DOJ Memorandum on Individual Accountability for Corporate Wrongdoing, referred to as the Yates Memorandum — but departs from the prior policy by no longer requiring companies to provide “all” evidence to obtain cooperation credit in criminal matters and by similarly reducing companies’ self-disclosure burdens in civil matters.
The revised policy, consistent with the prior policy, continues to prioritize individual accountability for wrongdoing. As Rosenstein explained in the speech — and on a number of other occasions — “the most effective deterrent to corporate criminal misconduct is identifying and punishing the people who committed the crimes.” Accordingly, the revised policy requires that, absent extraordinary circumstances, corporate resolutions not seek to protect individuals from criminal liability. Relatedly, the revised policy continues to require that corporations identify individuals who are responsible for the subject conduct to receive credit for cooperation.
But the new approach departs from the Yates Memorandum by reducing the burden companies bear when seeking credit for cooperation in criminal cases. Specifically, the Yates Memorandum required corporations to “provide to the Department all relevant facts about the individuals involved in corporate misconduct” if they wished to receive any cooperation credit. The revised policy no longer requires identification of “all” individuals involved to receive cooperation credit, and instead allows companies and the DOJ to focus resources on identifying those who were “substantially involved in or responsible for” the potential criminal misconduct. Rosenstein explained that as a practical matter, to require a corporation to locate and report every person involved in alleged misconduct, particularly in cases where the alleged violations took place throughout the company over a long period of time, would be a waste of resources and unnecessarily delay resolutions. Indeed, he noted that the prior policy was not strictly enforced in this respect, for this and other reasons. It thus would appear that the revised policy formalizes existing practice.
Furthermore, the revised policy allows for cooperation credit in criminal cases even where a company “is unable to identify all relevant individuals or provide complete factual information despite its good faith efforts to cooperate fully” if it can explain the restrictions it is facing to the prosecutor. On the other hand, where a company “declines to learn such facts or to provide the Department with complete factual information” it will receive no credit and, as Rosenstein’s speech emphasized, concealment of misconduct or a lack of good faith representations to the Department also will preclude any credit.
The revised policy also differs from the Yates Memorandum in its approach to civil investigations. The Yates Memorandum essentially required the same level of cooperation from companies in civil investigations as in criminal investigations. The revised policy, by contrast, provides credit for at least some cooperation in a civil case where a company “identif[ies] all wrongdoing by senior officials, including members of senior management or the board of directors.” If a company wants maximum credit in a civil case, it must “identify every individual person who was substantially involved in or responsible for the misconduct,” but the policy restores the Department’s ability to grant at least some credit in circumstances where it would previously have been unavailable. As in criminal matters, when a company conceals misconduct by senior officials, cooperation credit is precluded. As Rosenstein explained in his speech, the revised policy allows flexibility that does not exist on the criminal side. He noted that the goal of affirmative civil enforcement cases is to recover money, and therefore the government must use its resources efficiently in pursuing them. According to Rosenstein, prior “all or nothing” policy was not productive in civil cases, and was not strictly enforced.
The revised policy, in contrast to the Yates Memorandum, also returns discretion to civil Department of Justice lawyers to negotiate civil releases for individuals who do not warrant additional investigation as part of corporate civil settlement agreements, with appropriate supervisory approval, and to consider an individual’s ability to pay in deciding whether to seek a civil judgment. These measures similarly recognize the practical need for the responsible government agencies to have discretion to cease pursuit of litigation unlikely to yield a benefit, or to resolve litigation efficiently without requiring further investigation of individual wrongdoing.
Taken together, these policy revisions signal that the DOJ intends to use its resources to focus its attention on senior corporate personnel and/or individuals who were substantially involved in misconduct, and to continue to require companies to disclose the facts regarding their complicity. The Department does not appear to be backing away from its prior focus on individual prosecutions; indeed, Rosenstein made clear in his November speech that the pursuit of responsible individuals will be a “top priority,” and that individual cases may be more effective than corporate prosecutions, where the deterrent impact is “attenuated” and where innocent employees and shareholders may be unfairly penalized. It remains to be seen whether that shift — described largely as making the policy consistent with practice — will truly impact the size or burden of investigations that companies must undertake to cooperate effectively in civil and criminal cases. But the revisions are consistent with a number of this Department’s recent policies — such as the “Piling On” policy and last year’s November 29, 2017, FCPA Policy release — that are intended to facilitate cooperation and remediation, and to ensure that cooperation, even if somewhat more limited, is rewarded.
DOJ Memo Suggests Diminishing Use of Corporate Monitors in Criminal Matters
On October 11, 2018, Assistant Attorney General Brian A. Benczkowski issued a guidance memorandum regarding the selection and use of corporate monitors in criminal matters (the Benczkowski Memo).14 The memo supplements a 2008 memorandum issued by then-Acting Deputy Attorney General Craig S. Morford (the Morford Memo) that set out a framework for the selection and use of monitors in deferred prosecution agreements (DPAs) and nonprosecution agreements (NPAs), and supersedes a 2009 memorandum issued by then-Assistant Attorney General Lanny A. Breuer. The Benczkowski Memo clarifies existing principles for determining whether a monitor is needed in individual cases and provides additional guidance. The Benczkowski Memo instructs prosecutors to favor the imposition of a monitor where there is a demonstrated need for, and clear benefit to be derived from, a monitorship relative to the projected costs and burdens to the company.
The Benczkowski Memo differs from prior guidance on the selection and use of corporate monitors in several notable respects. First, unlike the Morford Memo, which applied only to DPAs and NPAs and specifically excluded plea agreements, the Benczkowski Memo instructs that the same principles should apply to plea agreements, provided that the presiding court approves the agreement.
The memo describes the cost-benefit considerations prosecutors must weigh when assessing the need for and propriety of a monitor. The Morford Memo instructed prosecutors to consider in monitorship selection “the potential benefits that employing a monitor may have for the corporation and the public” and “the cost of a monitor and its impact on the operations of a corporation,” but it was silent on the specific factors to consider in assessing these two considerations.15 The Benczkowski Memo clarifies that prosecutors should consider the following “potential benefits”:
- whether changes in corporate culture and leadership following misconduct are enough to safeguard against future misconduct;
- whether adequate remediation/termination occurred to address problematic behavior of certain employees, management or third-party agents; and
- any unique risks and compliance challenges the company faces (region, industry, clientele).
The memo further notes that the “potential costs” prosecutors should consider include not only the projected monetary costs to a business but also whether the proposed scope of a monitor’s role is appropriately tailored to avoid unnecessary burdens on the business’ operations.
The Benczkowski Memo suggests that the scope of monitorships will be more closely regulated, as will the transparency of the monitor selection process — a significant departure from past practice. This increased focus on scope, coupled with heightened emphasis on cost-benefit analyses, suggests that the new guidance will likely lead to a reduction in the imposition of corporate monitorships, reinforcing monitorships “as the exception, not the rule.”
‘China Initiative’ Promises to Investigate and Prosecute Chinese Companies
On November 1, 2018, then-Attorney General Jeff Sessions announced the U.S. Department of Justice’s (DOJ) “China Initiative”16 with the objective of countering perceived national security threats to the United States from China. The initiative promises to investigate and prosecute Chinese companies aggressively for alleged trade secret theft, economic espionage, Foreign Corrupt Practices Act (FCPA) offenses and other violations of U.S. law.
In his speech announcing the initiative and an accompanying fact sheet, then-Attorney General Sessions cited a number of recent prosecutions for economic espionage and referenced several reports by the Trump administration on China’s allegedly unfair trade practices and theft of U.S. intellectual property.17 Alleged threats to the United States’ “critical infrastructure” from foreign direct investment, supply chain threats and “foreign agents seeking to influence the American public and policymakers without proper registration” also will be vigorously investigated and prosecuted.
The China Initiative is being led by the DOJ’s National Security Division and includes senior FBI and DOJ officials, and U.S. Attorneys from five different federal judicial districts.
Among other things, the initiative seeks to:
- identify priority trade secret theft cases and bring them to fruition in a timely manner;
- apply the Foreign Agents Registration Act to unregistered agents who seek to advance China’s political agenda and bring enforcement actions where appropriate;
- implement the Foreign Investment Risk Review Modernization Act for the DOJ;
- identify FCPA cases involving Chinese companies that compete with American businesses; and
- increase efforts to improve Chinese responses to requests under the Mutual Legal Assistance Agreement with the U.S.
The China Initiative reflects growing tensions between China and the U.S. in areas of trade and intellectual property protections, as well as the Trump administration’s enforcement focus on Chinese companies. The DOJ’s China Initiative comes on the heels of recent efforts by Chinese authorities to assert sovereignty over cross-border data transfer under the Chinese Cybersecurity Law and to restrict companies’ ability to provide information, even on a voluntary basis, to foreign authorities under the International Criminal Judicial Assistance Law.
These developments promise to make the international enforcement landscape even more challenging and complex for multinational companies, and they underscore the importance of continued vigilance, proactive assessment of relevant legal risks and contingency planning.
Multijurisdictional Anti-Corruption Enforcement Developments
A number of countries, including Argentina, Brazil, France, Mexico, South Korea and Vietnam, have expanded their anti-corruption enforcement laws in recent years, and are working — both with the United States and independently — to investigate and prosecute bribery and corruption.
In a recently released volume of the Journal of Federal Law and Practice, Daniel Kahn, chief of the U.S. Department of Justice’s (DOJ) Foreign Corrupt Practices Act (FCPA) Unit, acknowledged this trend:
Over the past several years, there has been a significant uptick in activity by foreign authorities in the investigation and prosecution of white collar crime. This upward trend has been particularly conspicuous in the context of transnational corruption. Over the past several years, a number of countries successfully resolved their first corporate foreign bribery case, and a number of countries have coordinated resolutions with the Department of Justice, Criminal Division, Fraud Section’s FCPA Unit.
Kahn highlighted that in 2017 alone, the DOJ “received significant cooperation from approximately 20 different countries in FCPA cases.”
Kahn’s observations echo public comments by other U.S. enforcement regulators about increased coordination of anti-corruption investigations with other countries. In 2014, then-Assistant Attorney General for the DOJ’s Criminal Division Leslie Caldwell commented, “’[W]e increasingly find ourselves shoulder-to-shoulder with law enforcement and regulatory authorities in other countries. Every day, more countries join in the battle against transnational bribery. And this includes not just our long-time partners, but countries in all corners of the globe.”
In a November 2017 speech, Steven Peikin, co-director of the Securities and Exchange Commission’s Division of Enforcement, also drew attention to the trend and the need for cross-border cooperation:
[I]n my view, in an increasingly international enforcement environment, the U.S. authorities cannot — and should not — go it alone in fighting corruption. As global markets become more interconnected and complex, no one country or agency can effectively fight bribery and corruption by itself. Anti-corruption enforcement is a team effort. The Enforcement Division’s fight against corruption is much more effective when our international colleagues join us in a shared commitment to eradicating corruption and bribery and leveling the playing field for businesses everywhere. Fortunately, I have observed that the level of cooperation and coordination among regulators and law enforcement worldwide is on a sharply upward trajectory, particularly in matters involving corruption. In fact, in the past fiscal year alone, the Commission has publicly acknowledged assistance from 19 different jurisdictions in FCPA matters . . . .
I fully expect the trend of the Enforcement Division working closely with foreign law enforcement and regulators in anti-bribery actions to continue its upward trajectory in the coming years.
In addition to these types of remarks, FCPA settlements in recent years have also highlighted the results of enforcement agencies’ cross-border cooperation efforts. Indeed, the DOJ has worked with other jurisdictions’ authorities on twice as many resolutions since 2016 as it had in all previous years combined. Recent examples of significant resolutions include:
- a deal with U.S. and Brazilian authorities under which Petróleo Brasileiro S.A. (Petrobras) agreed to pay $853.2 million in penalties to resolve the U.S. government’s FCPA investigation and a related Brazilian investigation;
- a global settlement that Swedish telecommunications company Telia Company AB and its subsidiary in Uzbekistan reached in September 2017 with the SEC, the DOJ, and authorities in Sweden and the Netherlands for more than $965 million in combined penalties;
- a global settlement that Keppel Offshore & Marine Ltd., a shipyard operator in Singapore, and its U.S.-based subsidiary reached in December 2017 with authorities in the United States, Brazil and Singapore, agreeing to pay more than $422 million in combined penalties to those authorities in “the first coordinated FCPA resolution with Singapore”; and
- a settlement that French financial services institution Société Générale S.A. and its subsidiary reached in June 2018 with the DOJ and French authorities, with approximately $585 million being paid in penalties for FCPA violations in “the first coordinated resolution with French authorities in a foreign bribery case.”
As a result of this cross-border cooperation and coordination, focus on the FCPA alone is inadequate for companies that may be subject to anti-corruption laws in multiple jurisdictions because legal requirements differ from country to country. For example, both the FCPA and the U.K.’s Bribery Act 2010 prohibit offering or paying bribes to foreign officials, but only the latter prohibits commercial or private sector bribery and agreeing to receive bribes. In December 2016, France enacted a new anti-corruption law, Sapin II, under which a new French anti-corruption agency, L’Agence française anticorruption, published guidance for companies on implementing and maintaining effective compliance programs to detect and prevent corruption. Significantly, unlike the FCPA and the Bribery Act, companies that are subject to Sapin II can be held liable under that law for failure to map corruption risks and implement an effective compliance program — even when there is no evidence of corrupt activity. Argentina’s new anti-corruption laws also require certain companies to implement policies and procedures to mitigate corruption risks.
Cooperation and coordination among regulatory authorities across borders is likely to continue and expand. Given these developments and the global expansion of anti-corruption laws, companies should endeavor to determine which measures apply to their operations; understand applicable legal obligations; re-examine their compliance programs and controls; and develop policies, procedures and training programs that enable company personnel to meet compliance requirements.
An earlier version of this article was published in the October 10, 2018, issue of The Review of Securities & Commodities Regulation.
Brazil Passes Its First General Data Protection Law
On July 10, 2018, Brazil’s Federal Senate unanimously approved the country’s first General Data Protection Law (Lei Geral de Proteção de Dados, or LGPD),18 which was signed into law by Brazilian President Michel Temer on August 14, 2018. Much like the European Union’s General Data Protection Regulation (GDPR), the LGPD establishes a comprehensive data protection system in Brazil and imposes detailed rules for the collection, use, processing and storage of electronic and physical personal data. The regulation will go into effect in February 2020.
Key Elements of the LGPD
Like the GDPR, the LGPD broadly defines “personal data” to include any information, whether by itself or in the aggregate, that is relatable to an identifiable natural person, and includes certain provisions that govern the collection and use of “sensitive personal data,” which is defined as data that inherently places a data subject at risk of discriminatory practices. Sensitive personal data may include information on racial or ethnic origin, religious belief, political opinion, health and other information that allows unequivocal and persistent identification of the data subject, such as genetic data. Anonymized data is not considered personal data.
The LGPD also is similar to the GDPR in its broad extraterritorial application. The Brazilian law applies to companies that: (i) carry out processing of personal data in Brazil; (ii) collect personal data in Brazil; (iii) process data related to natural persons located in Brazil; or (iv) process personal data for the purpose of offering goods or services in Brazil.
This article originally appeared in October 2018 in Who’s Who Legal.
To read the full article click here
1 United States v. Hoskins, 16-1010-CR, 2018 WL 4038192, at 18 (2d Cir. Aug. 24, 2018).
2 Id. at 72.
3 15 U.S.C. § 78dd-1;-2;-3.
4 A Resource Guide to the U.S. Foreign Corrupt Practices Act (2012) at 34.
5 Hoskins at 19 (quoting Salinas v. United States, 522 U.S. 52, 64 (1998).
6 Hoskins at 6.
7 United States v. Hoskins, 123 F. Supp. 3d 316, 327 (D. Conn. 2015).
8 United States v. Hoskins, 16-1010-CR, 2018 WL 4038192, at 28 (2d Cir. Aug. 24, 2018) (citing Gebardi v. United States, 287 U.S. 112 (1932)).
9 Id. at 25.
10 Brief of Appellee at 6.
11 Hoskins at 41.
12 Id. at 36-37.
13 Hoskins at 7.
14 Memorandum from Assistant Attorney General Brian Benczkowski, “Selection of Monitors in Criminal Division Matters” (Oct. 11, 2018).
15 Memorandum from Acting Deputy Attorney General Craig Morford, “Selection and Use of Monitors in Deferred Prosecution Agreements and Non-Prosecution Agreements With Corporations” (Mar. 7, 2008).
16 “Attorney General Jeff Sessions Announces New Initiative to Combat Chinese Economic Espionage,” DOJ (Nov. 1, 2018).
17 “Attorney General Jeff Sessions’ China Initiative Fact Sheet,” DOJ (Nov. 1, 2018).
18 No official English translation of the LGPD has been provided.
19  EWCA Civ 2006.
20  EWHC 1017 (QB). For a detailed discussion of this previous decision, see the May 17, 2017, Skadden client alert, “ English Court Questions the Application of Litigation Privilege in Criminal Investigations.”
21 With the exception of two emails falling within Category 4.
22 Paragraph 93.
23 Three Rivers District Council and Others v. Governor and Company of the Bank of England (No. 5)  QB 1556.
24  EWHC 2368 (Admin).
25  EWHC 2368 (Admin), at paragraph 12.
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.