Compliance, Corporate Investigations and White Collar Crime – 2019 in Review

Administrative Sanctions

In November 2019, the Central Bank of Ireland (“Central Bank”) published Administrative Sanctions Guidance, which is intended to provide clarity to regulated entities and the public about the Central Bank’s approach to sanctioning. As set out in the Guidance, one of the factors that the Central Bank takes into consideration when determining the appropriate sanction to impose is the conduct of the regulated entity after the contravention. In this respect, the Central Bank expects regulated entities to cooperate in an open manner at all times and to respond to requests promptly, effectively and accurately. In order to be considered a mitigating factor, there will need to be “exemplary cooperation” on the part of the relevant entity.

Over the course of 2019, the Central Bank published seven public statements relating to enforcement actions under the administrative sanctions procedure.  The highest fine imposed was €21 million for regulatory breaches affecting tracker mortgage customers.  Other significant fines included:

• €5,880,000 for serious failings in the relevant firm’s regulatory reporting capabilities and related governance failings;
• €1,600,000 for regulatory breaches relating to the outsourcing of fund administration activities; and
• €1,246,189 for breach of banking licence condition by failing to submit three operational risk returns to the Central Bank and failing to establish and maintain effective processes and internal controls to ensure compliance with this regulatory reporting condition.

Fitness and Probity

In a “Dear CEO” letter, dated 8 April 2019, the Central Bank outlined its concerns regarding regulated financial service providers' (“RFSPs”) understanding of the extent of their legal obligations under the Fitness and Probity Regime. It also raised concerns that RSFPs are not conducting proper due diligence before proposing individuals for senior roles. See our related briefing here.

Much of the discussion around fitness and probity in 2019 was dominated by Central Bank proposals to amend the framework for individual accountability, including by introducing a Senior Executive Accountability Regime (SEAR).  The Bill setting out the new framework is likely to be published in 2020. See our related briefing here.

In light of a number of developments at EU level, we anticipate that AML concerns will be of increased relevance in fitness and probity assessments both at EU and domestic level.

Whistleblowing

The European Union (Money Laundering and Terrorist Financing) Regulations 2019 amended the 2010 Act to impose a new requirement pursuant to which each person who is a “designated person” for the purposes of that Act, must have in place appropriate procedures for their employees, or persons in a comparable position, to report a contravention of the 2010 Act internally through a specific, independent and anonymous channel, proportionate to the nature and size of the designated person concerned. See our related briefing here.

Moreover, on 30 July 2019, the Pensions Authority issued guidance aimed at assisting the making of a report to the Authority of suspected non-remittance of employee pension contributions and non-payment of employer contributions. See our related briefing here.

Reporting

In Sweeney v Ireland [2019] IESC 39, the Supreme Court upheld the constitutionality of section 19 of the Criminal Justice Act 2011, which makes it an offence to fail to report to a member of the Garda Síochána many white collar offences. See our related briefing here.

Anti-Corruption

2019 had a mixed start on the anti-corruption front with the publication, on 30 January 2019, of Transparency International’s Corruption Perception Index (“CPI”). While Ireland moved from 19th to 18th place on the Index, its score has declined marginally from 74 to 73 points out of 100. The CPI ranks 180 countries based on perceived levels of corruption and is based on the findings of up to 13 surveys.

In 2019, The OECD Working Group on Bribery (“WGB”) published its report assessing Ireland’s 2018 anti-corruption legislation in the context of measures dealing with foreign bribery. The WGB was satisfied that Ireland has fully implemented its earlier recommendation on the amendment, consolidation and harmonisation of two overlapping foreign bribery offences. However, in relation to the practical implementation of the new foreign bribery offence, it marked out a number of issues for future review. See our briefing here.

While the difficulties from a due diligence perspective of the General Data Protection Regulation’s prohibition on the processing of personal data relating to criminal convictions and offences have been well signalled, to date, neither Ireland nor the EU have taken the necessary measures to resolve these difficulties. See our briefing here.

For further information on Irish law on bribery and corruption, see our chapter on Ireland in Bribery and Corruption 2020, published by Global Legal Insights (here).

You will find other related briefings here, here, here.

Anti-Money Laundering

On 6 September 2019, the Central Bank published revised 'Anti-Money Laundering and Countering the Financing of Terrorism Guidelines for the Financial Sector'. This followed on from the adoption of an Act which partially transposed the EU’s fourth anti-money laundering directive into Irish law towards the end of 2018 by amending the Criminal Justice (Money Laundering and Terrorist Financing) Act 2010 (the “2010 Act”). See our related briefings here and here.

As a result of these developments a number of firms that are designated persons under the anti-money laundering and counter the financing of terrorism (“AML/CFT”) regime were required to update their related policies and procedures. Moreover, a significant number of entities that are financial institutions for the purposes of the 2010 Act were required to register with the Central Bank of Ireland as a “financial institution” pursuant to a new registration requirement introduced by the amending legislation. See our related briefing here.

2019 also saw the roll out of a new Central Register of Beneficial Ownership which is the central repository of statutory information in respect of the natural persons that are beneficial owners of corporate entities including details of beneficial interests held by them. Entities had until 22 November 2019 to file their beneficial ownership details and must keep this information updated, under the Criminal Justice (Beneficial Ownership of Corporate Entities) Regulations 2019. See our related briefings here and here.

The new Central Register will be of assistance to designated persons when seeking to establish the beneficial owners of their customers. However, it is worth noting that as different Member States have interpreted the concept of beneficial ownership differently, members of the same group may have different beneficial owners.

A similar Central Register of Beneficial Ownership of Trusts is likely to be established this year. Following the adoption of the Criminal Justice (Beneficial Ownership of Trusts) Regulations 2019, the trustees of an express trust are already obliged to keep an internal register of their beneficial owners. See our related briefings here and here.

From a supervisory perspective, we anticipate that AML/CFT is likely to continue to be a key area of focus for the Central Bank including, in particular, the area of transaction monitoring. In this respect, it is also worth noting EU legislators have taken a number of steps to clarify and strengthen the important link between AML/CFT and prudential issues and to complement the Union’s existing legal framework. These steps include amendments to the Capital Requirements Directive (CRD V), which further clarify the link between prudential supervision and AML/CFT supervision and require prudential supervisors to act on AML/CFT information.

Other changes to the AML framework are detailed elsewhere in this briefing. For further information see our AML briefings from 2019 (here and here) and the Irish chapter of The International Comparative Legal Guide to: Anti-Money Laundering 2019 (here).

Criminal Enforcement Actions

In DPP v Casey [2019] IESC 7, the Supreme Court recognised that officially induced error or entrapment by estoppel may prohibit legal proceedings, subject to the fulfilment of a number of conditions. However, it is clear from the rigorous nature of these conditions that such an argument will only prevail in exceptional circumstances. See our related briefing here.

In DPP v Armalou Holdings Limited, Armalou Holdings was ordered to donate €2,000 to the courts “poor box” for failing to notify the Competition and Consumer Protection Commission of Armalou Holdings’ acquisition of a Ford car dealership in 2015.  This was Ireland’s first criminal prosecution involving “gun-jumping” in a merger. See our related briefing here. Airfield Villas Limited, Armalou Holdings co-accused, was subsequently ordered to make a donation of the same amount.

In HSA v Walker, the District Court imposed the first custodial sentence for a breach of the Safety, Health and Welfare at Work Act 2005. Up until this case, the general practice of the courts had been to impose suspended sentences for health & safety breaches. See our related briefing here.

You may also be interested in our article on deferred prosecution agreements (here).

Fair Procedures

The judgment of the Supreme Court in McKelvey v Irish Rail [2019] IESC 79 has clarified the circumstances in which employees may be entitled to legal representation during workplace disciplinary processes.

Clarke CJ stated that the “overarching principle” is that “it is only in those cases where legal representation is necessary to achieve a fair hearing that any implied entitlement to such representation can be said to exist”. See our briefing here.

In Annette Hughes v Irish Blood Transfusion Service [2019] IEHC 439, the High Court considered the extent of fair procedures in a disciplinary process.  See our related briefing here.

Financial Sanctions

On 17 May 2019, the EU put in place a new legal framework for sanctions targeting malicious cyber activities from outside the EU that threaten the Union or its Member States. This is the first time that EU sanctions have targeted those responsible for actual or attempted cyber-attacks and their aim is to enhance the EU's cyber resilience and address cyber-attacks that undermine the "EU's integrity, security and economic competitiveness, including increasing acts of cyber-enabled theft of intellectual property". So far, no-one has yet been listed, and the Council would require unanimity to designate individuals and entities.

The High Court of England and Wales considered a sanctions clause in Lamesa Investments Ltd v Cynergy Bank Ltd [2019] EWHC 1877 (Comm), finding that US secondary sanctions constituted a “mandatory provision of law” excusing non-payment under a Facility Agreement governed by English law. The case is significant in that it acknowledges the extra-territorial effect of US second sanctions, and demonstrates that carefully drafted clauses can allow parties to avoid the ‘double jeopardy’ of being contractually liable to make a payment in one jurisdiction in circumstances where making that payment risks the imposition of criminal or regulatory liability in another.  

In Klyuyev v Council of the European Union Case T‑305/18, the General Court of the European Union emphasised that when imposing sanctions the Council has an obligation to ensure that fundamental rights are respected. See our related briefing here.

Market Abuse

In 2019, the Central Bank employed a range of supervisory tools to assess wholesale market conduct risk, including a thematic review of regulated entities’ effectiveness in identifying and assessing such risk. In a “Dear CEO” letter, published on 21 January 2020, the Central Bank set out its findings from its work in this area.

The central theme underpinning those findings is that entities may not have been adequately identifying the market conduct risk to which they are exposed, and so cannot appropriately mitigate and manage the risk. Regarding, market abuse, the letter states that the Central Bank expects regulated entities, issuers and those who act on behalf of issuers (whether or not they are regulated entities) to have systems and controls in place to ensure compliance with their obligations under the Market Abuse Regulation and related legislation. Where relevant, this includes the establishment and maintenance of effective trade surveillance systems and other arrangements to prevent, detect and report potentially abusive behaviour. For issuers and market participants who contact them it includes the implementation of organisational arrangements that minimise the risk of abusive behaviour.

The Central Bank expects to devote considerable supervisory resources in the year ahead to examining the compliance by regulated entities and issuers with their obligations to recognise and manage inside information and, in the case of relevant regulated entities, to identify suspicious transactions and orders.

The Central Bank’s “Dear CEO” letter follows on from the publication, in December 2019, of an ESMA peer review report  on how national competent authorities (“NCAs”) handle suspicious transactions and order reports (STOR) under the Market Abuse Regulation (MAR). While the Report acknowledges a significant increase in suspicious transaction and order reporting, it also finds that NCAs can do more to ensure all financial participants play their part in combatting market abuse.

In 2019, ESMA also published a consultation on MAR, which includes proposals affecting the investor community as a whole, but which are particularly relevant for issuers of financial instruments admitted to trading or traded on a trading venue and their management, investment firms and asset management companies. ESMA intends to submit a final report to the European Commission by Spring 2020.

Regulatory Powers

In 2019, the Residential Tenancies Board was given a comprehensive suite of powers to investigate landlords for improper conduct. See our briefing here.

Trade Secrets

The legal regime for the protection of commercial/trade secrets in Ireland was bolstered by the entry into operation of the European Union (Protection of Trade Secrets) Regulations 2018. These Regulations give effect to EU Trade Secrets Directive 2016/943 and provide for civil redress measures in respect of the unlawful acquisition, use and disclosure of trade secrets. As set out in our briefing (here), organisations that want to avail of the protections provided by the Regulations need to take reasonable steps to ensure that their trade secrets are kept secret and must continue to implement proper policies, procedures and practices to ensure the protection of trade secrets, eg through limiting access and confidentiality/non-disclosure agreements.

In addition, businesses which are heavily reliant on trade secrets should consider carrying out an audit to determine what trade secrets they hold and what action should be taken to ensure their continued protection.

You may also be interested in…..

McCann FitzGerald regularly publishes briefings on compliance, investigation and white-collar crime.  In addition to the above, you may also be interested in the following briefings:

• Credit Reporting: Identify Verification Simplified (here);
• Health and Safety Enforcement in Ireland (here);
• Disputes – Investigations and White Collar Crime – High Court Inspectors (here);
• The Privilege Against Self-Incrimination in Ireland – A Quick Overview (here).

Investigations Group

The McCann FitzGerald Investigations and White Collar Crime Group is a cross disciplinary group of lawyers that is strategically led and project managed. The Group works with organisations involved in both national and international investigations. The cross disciplinary approach is co-ordinated and designed to deploy the optimum combination of specialist legal skills across various practice areas and at all stages of an investigation (here).