Here’s what’s been going on in the compliance world this week:
Yahoo settles data breach with the SEC: Yahoo agreed to settle charges with the Securities and Exchange Commission (SEC) that it misled investors by failing to disclose one of the world’s largest data breaches. Reportedly, Russian hackers stole Yahoo’s so-called “crown jewels” – usernames, email addresses, phone numbers, birthdates, encrypted passwords, and security questions and answers for hundreds of millions of user accounts back in late 2014. Yahoo’s security team discovered the intrusion within a few days and reported it to the company’s senior management and legal department. Yet, Yahoo only disclosed the breach in 2016 when it was closing a deal with Verizon Communications, which bought Yahoo’s operating business in June 2017. After the acquisition, Yahoo became known as Altaba Inc. Reportedly, Yahoo had also failed to uphold ‘disclosure controls and procedures” to mitigate and remediate cyber breaches.
Dun & Bradstreet settle FCPA charges: Dun & Bradstreet Corporation agreed to settle FCPA charges with the SEC and pay a USD 9 million fine to resolve charges that it made improper payments through two Chinese subsidiaries, Roadway and HDBC. The fine includes a USD 2 million civil penalty, USD 6 million in disgorgement, and USD 1.1 million in prejudgment interest. Reportedly, the subsidiaries channeled the unlawful payments through third-party agents in return for obtaining data on individuals in China, which, in turn, were crucial for Dun & Bradstreet’ business. Dun & Bradstreet self-reported the alleged FCPA breaches to the SEC and DOJ and the latter resolved the case through an internal administrative order. The DOJ didn’t announce an enforcement action against Dun & Bradstreet.
French billionaire held for questioning in corruption investigation: The French judicial police held back billionaire Vincent Bollore – one of France’s richest men and close friend of Sarkozy – for questioning over allegations of bribery of public officials in two African countries. The investigation is scrutinizing contracts awarded to Bollore’s company to operate container terminals in Togo and Guinea. Allegedly, a Bolloré Group subsidiary had undercharged for work helping two African presidents win power in return for the contracts. The Bollore Group confirmed that one of its units is the target of an investigation over billing for communication services in the two African countries. Reportedly, Bollore’s offices in Puteaux, France, were searched two years ago as part of the investigation.
EU proposes new policy on whistleblower protection: The European Commission has proposed new regulations providing whistleblowers exposing fraud, tax evasion, data breaches and other misdeeds with broader protections. The proposal targets, in particular, whistleblowers reporting misconduct in public procurement, financial services, nuclear safety, food safety, privacy, and data protection among others. The new regulations will require companies to set up internal hotlines and shield whistleblowers from any form of retaliation. The proposal also includes safeguards against malicious or abusive reports as well as sources of investigative journalists. The proposal requires approval from EU countries and the European Parliament before it can become law. Currently, only 10 EU countries offer full protection to whistleblowers.
Former Indonesian speaker of parliament jailed for embezzlement: The Jakarta Corruption Court in Indonesia has sentenced former speaker of parliament Setya Novanto – and former chairman of the Golkar party – to 15 years in prison for his involvement in a scheme to embezzle USD 170 million in public funds. Novanto was only one of 80 government officials who diverted a third of the USD 440 million allocated to an electronic identity card system in 2011 and 2012. Novanto will also be fined USD 36,000 and barred from public office for a period of five years subsequently to serving his prison sentence, as reported by the head of a panel of five judges. Novanto said he was considering appealing the decision.
IMF reveals new framework for fighting corruption: The International Monetary Fund (IMF) published a New Framework for Enhanced Engagement on Governance: a blueprint to crack down on global corruption. The framework is the fruit of a comprehensive examination of the IMF’s approach to corruption over the past two decades, an approach the fund describes as ‘uneven.’ The new framework recognizes corruption as an important economic issue that is well within the fund’s mandate. Under the new policy, the IMF will evaluate the impact of corruption on individual countries by analyzing their financial governance. In cases where corruption is a major deterrent, the IMF will offer policy advice and in some cases – where conditions are met – financial assistance to strengthen governance.