Welcome to This Week In Compliance: GAN’s weekly news roundup, where we curate the latest stories on compliance and anti-corruption to keep you informed. This week we cover the fine British Airways is facing over a data breach. Read the full story and more news below:
British Airways facing GBP 183 million fine for passenger data breach:
The Information Commissioner’s Office (ICO) in the UK intends to fine British Airways GBP 183 million for a customer data breach. The data was stolen after hackers managed to access the personal data of half a million of the airway’s customers including their login information, payment card, names, addresses and travel booking information. According to the ICO, British Airways had failed to put in place proper security arrangements to protect customer information and comply with the General Data Protection Regulation (GDPR). Under the proposed scheme, the amount British Airways would be fined represents about 1.5% of the British Airways’ GBP 11.6 billion worldwide turnover. Since the incident, BA has reportedly bolstered web security efforts and has stated that they will take all steps necessary to appeal the fine and defend the airline’s position. READ MORE
U.S. probes Deutsche Bank’s dealing with Malaysia’s 1MDB:
Deutsche Bank is currently being investigated by the U.S. Justice Department for potential violations of anti-money laundering and foreign corruption laws for its involvement in the state fund 1Malaysia Development Berhad (1MDB). Deutsche Bank’s connection to 1MDB included helping the fund raise USD 1.2 billion via the help of Tan Boon-Ke, a former Goldman Sachs Inc executive who headed Deutsche Bank’s Asia-Pacific banking section for financial institutions clients. Tan ceased working for Deutsche last year after the bank discovered communications between her and one of the Malaysian financiers managing the 1MDB. Deutsche Bank said it has complied with all regulations and cooperated with the law enforcement agencies involved in the probe.
Marriott faces USD 124 million fine for GDPR breach:
Marriott International Inc. is facing a USD 124 million fine by the UK ICO after hackers infiltrated the reservation databases of the company last year. The information, which included 339 million guest records, has been redirected by the hackers into a fraudulent website where customer details were being harvested. Marriott is being criticized for not conducting sufficient due diligence on its acquisition of Starwood Hotels & Resorts and failing to appropriately manage risks during the acquisition process. The breach reportedly occurred in 2014 in Starwood’s database, two years before the acquisition took place. According to the ICO, Marriott cooperated with their investigation and has reinforced their security efforts and is planning to dispute the proposed fine.
SEC defends pace of Volkswagen suit after emissions scandal:
This past Monday, the U.S. Securities and Exchange Commission (SEC) defended the pace of its investigation into Volkswagen AG after being asked by a judge to justify why the agency took two years to sue the automaker after the recent global emissions scandal. The SEC waited until March 2019 to file a civil suit accusing VW and its previous CEO of defrauding investors in U.S. bond offerings. Volkswagen AG was caught using illegal software to cheat U.S. pollution tests in their diesel vehicles. Since then, the company has spent USD $33.65 billion in fines, penalties and buyback costs. Statements by the SEC attribute the timing of their decision to extensive settlement talks with the automaker as well as to a lengthy investigation process involving extensive evidence on the case and “uncooperative witnesses”. Volkswagen has stated that it has “cooperated fully with the SEC’s investigation, and today’s filing confirms that the SEC is now piling on.”
Former Mexican oil chief Emilio Lozoya accused of corruption:
A warrant for the arrest of the former CEO of Pemex, the Mexican state oil company, has been issued this week. Emilio Lozoya, who was the CEO of Pemex until 2016, is accused of accepting USD 10 million in bribes from Brazilian construction giant Odebrecht. His wife, sister and mother are also being indicted under the same corruption case for making use of the money to buy property. Lozoya’s lawyers have rejected all corruption allegations.
U.K. authorities ‘neglecting fraud cases’:
According to the Fraud Advisory Panel (FAP), domestic fraud in the UK is being neglected as UK authorities are reportedly increasingly focused on international rather than national cases. A report from FAP revealed that from 327 recorded cases related to bribery, only a third resulted in charges while the remainder did not lead to any action. The report, which compiled data from the Office of National Statistics, also revealed that 84% of corruption cases from 2016 to 2018 occured in public office and that only 16% of those were prosecuted.
Former Rio governor admits to bribing olympic officials:
Sergio Cabral, former governor of Rio de Janeiro, pled guilty to spending USD 2 million on bribes to secure the 2016 Summer Olympic Games for his city. The testimony was revealed two years after Carlos Nuzman, the head of the Brazilian Olympic Committee was charged for bribery related misconduct in 2016. Cabral’s testimony involved a detailed account of how both the former president of the International Athletics Federation (IAAF) and Carlos Nuzman, who both sat on the committee that made the decision on the location of the 2016 Olympic Games, helped Cabral secure votes for the location in exchange of bribes. The testimony also implicated Rio’s former mayor Eduardo Paes and Lula da Silva who were both allegedly aware of the arrangement but were not involved in it first hand. The International Olympic Committee released a statement on Friday saying it is following up on Cabral’s allegations.