On March 6, the FTC released a memorandum of understanding (MOU) it signed with the UK’s Information Commissioner’s Office (ICO), which is designed to strengthen the agencies’ privacy enforcement partnership. The FTC stated that over the last several years it has worked with the ICO on numerous investigations and international initiatives to increase global privacy cooperation. The MOU establishes a formal framework for the agencies to provide mutual assistance and exchange of information for the purpose of investigating, enforcing, and/or securing compliance with certain privacy violations. The FTC also announced a joint project with the European Union (EU) and Asia-Pacific Economic Cooperation (APEC) economies to map together the requirements for APEC Cross Border Privacy Rules and EU Binding Corporate Rules, which is designed to provide a practical reference tool for companies that seek “double certification” under the APEC and EU systems, and shows the substantial overlap between the two.
On April 3, Martin Wheatley, Chief Executive of the UK Financial Conduct Authority (FCA), which took over responsibility for overseeing consumer credit markets in the UK on April 1, 2014, identified the FCA’s most “immediate priority” as ensuring “providers of credit, as well as satellite services like credit broking, debt management and debt advice, have sustainable and well-controlled business models, supported by a culture that is based on ‘doing the right thing’ for customers.” He explained that the FCA wants to expand financial service providers’ focus on compliance with specific rules to include “wider FCA expectations of good conduct.” Referencing a paper the FCA published on April 1, the day it began overseeing consumer credit markets, Mr. Wheatley stated that consumer credit providers need to consider how they engage with consumers in vulnerable circumstances. On this issue, the FCA also announced a “competition review” of the UK credit card market to determine, among other things, “how the industry worked with those people who were in difficult financial situations already.”
On March 4, the UK FCA released the results of its most recent review of sales incentives at retail financial firms. The FCA’s review revealed that retail banks have made progress in changing their financial incentive structures in response to the FCA’s supervisory focus on the issue starting in September 2012, which led to new guidance issued in January 2013. The FCA’s initial focus on the issue derived from its concerns about incentive structures that, among other things, allegedly fueled the sale of payment protection plans and other add-on products. Despite the broad progress, the FCA reports that roughly one in 10 firms with sales teams had higher-risk incentive scheme features where it appeared they were not managing the risk properly at the time of the FCA’s assessment. It believes firms should concentrate on, among other things (i) checking for spikes or trends in the sales patterns of individuals to identify areas of increased risk; (ii) better monitoring behavior in face-to-face sales conversations; and (iii) managing risks in discretionary incentive schemes and balanced scorecards, including the risk that discretion could be misused. The FCA states that given the progress made, it is not proposing any rule changes at this time, but it intends to keep financial incentives on its agenda for 2014.
On February 28, the UK Financial Conduct Authority (FCA) announced final rules for consumer credit providers, including new protections for consumers in credit transactions. The FCA states that the most drastic changes relate to payday lending and debt management. For example, with regard to “high-cost short-term credit,” the new rules will (i) limit to two the number of loan roll-overs; (ii) restrict to two the number of times a firm can seek repayment using a continuous payment authority; and (iii) require creditors to provide a risk warning. Among other things, the new rules also establish prudential standards and conduct protocols for debt management companies, peer-to-peer lending platforms, and debt advice companies. The policy statement also describes the FCA’s risk-based and proactive supervisory approach, which the FCA states will subject firms engaged in “higher risk business” that “pose a potentially greater risk to consumers” to an “intense and hands on supervisory experience” and will allow the FCA to levy “swift penalties” on violators. The new rules take effect April 1, 2014. The FCA plans next to propose a cap on the cost of high-cost, short-term credit.
On January 17, the Russian Federation became the fourth party to the United Nations Convention on the Use of Electronic Communications in International Contracts, joining The Dominican Republic, Honduras, and Singapore. The Convention will take effect for Russia on August 1, 2014. It is intended to enhance legal certainty and commercial predictability where electronic communications are used in relation to international contracts, including by addressing, among other things, (i) the determination of a party’s location in an electronic environment; (ii) the time and place of dispatch and receipt of electronic communications; and (iii) the use of automated message systems for contract formation. The Convention builds on the fundamental legal principles and provisions contained in the UNCITRAL Model Law on Electronic Commerce by providing criteria for establishing functional equivalence between electronic communications and paper documents, as well as between electronic authentication methods and hand-written signatures. Fifteen other states have signed the Convention but have not yet ratified it.
On January 15, the Basel Committee on Banking Supervision issued final guidance regarding anti-money laundering/counter-terrorism financing (AML/CTF) risk management. The Committee states that the guidelines are consistent with and supplement the 2012 International Standards on Combating Money Laundering and the Financing of Terrorism and Proliferation issued by the Financial Action Task Force. The guidelines supersede two previously-issued Basel Committee publications: Customer due diligence for banks (October 2001) and Consolidated KYC management (October 2004). The final guidelines detail the “essential elements” of sound AML/CTF risk management, including those related to (i) assessing and understanding risks; (ii) customer acceptance policies; (iii) customer and beneficial owner identification; (v) ongoing monitoring; (vi) information management and record keeping; and (vii) reporting suspicious transactions and asset freezing. The guidelines also address AML/CTF in the group-wide and cross-border context, and outlines expectations for banking supervisors.
On October 18, the U.S. Court of Appeals for the Second Circuit vacated and remanded a district court’s judgment and held that subjecting a foreign bank to personal jurisdiction in New York was within the reach of New York’s long-arm statute and comported with due process protections provided under the U.S. Constitution. Licci v. Lebanese Canadian Bank SAL, No. 10-1306, 2013 WL 5700963 (2d Cir. Oct. 18, 2013). The complaint, brought by individuals who were harmed by rocket attacks in Israel carried out by the terrorist group Hezbollah, alleges that the foreign bank used its correspondent bank account in New York to wire millions of dollars to Hezbollah, knowing that the money would enable the group to carry out terrorist attacks. The New York Court of Appeals had accepted the Second Circuit’s certification question concerning the scope of New York’s long-arm statute and explained that a foreign bank’s use of a New York correspondent account to execute dozens of wire transfers is sufficiently purposeful conduct to constitute a “transaction of business” under the state’s long-arm statute. After resolving the question of personal jurisdiction under state law, the Second Circuit also held that subjecting the defendant bank to personal jurisdiction did not violate due process under the Constitution, finding that the alleged conduct—the deliberate and “repeated use of New York’s banking system” for the purpose of “repeated, intentional execution of U.S.‐dollar‐denominated wire transfers”—satisfied the minimum contacts test established by the Supreme Court in International Shoe. The court further noted that the bank should have foreseen that “it might be subject to the burden of a lawsuit” in that same forum for wrongs related to, and arising from, that use. The Second Circuit specifically noted that a foreign defendant’s “mere maintenance” of a correspondent account in the U.S. is not by itself sufficient to support the constitutional exercise of personal jurisdiction over the account-holder.
On October 21, the EU Parliament civil liberties committee voted overwhelmingly to adopt amendments to EU data protection rules and to require stiffer fines for non-compliance. The rules are designed to increase individual control over personal data while at the same time making it easier for companies to move across Europe, the committee explained. Under the adopted amendments, if a third country requests a company (e.g., a search engine, social network, or cloud provider) to disclose personal information processed in the EU, the firm would have to seek authorization from the national data protection authority before transferring any data and would have to inform the individual of the request. The amendments would grant any person the right to have their personal data erased if he/she requests it. It also would require that, where processing of personal information is based on consent, an organization or company could process the information only after obtaining clear permission from the data subject, who could withdraw his/her consent at any time. Finally, the amendments would increase the cap for penalties for violations to $136.7 million or up to 5 percent of the violating company’s annual worldwide turnover, whichever is greater. The committee directed the EU Parliament to start negotiations with national governments in the European Council, which would be followed by inter-institutional talks. According to the committee release, Parliament aims to reach an agreement on this major legislative reform before the May 2014 European elections. The 91 amendments are available in two parts, here and here.
On October 3, the U.K. Financial Conduct Authority (FCA) proposed a framework for its regulation of consumer credit when those authorities transfer to the FCA from the Office of Fair Trading on April 1, 2014. As part of the U.K.’s ongoing regulatory reform and restructuring, after that date the FCA will supervise more than 50,000 firms who have existing credit licenses. The FCA proposes, among other things, (i) requiring lenders to conduct affordability checks on borrowers, (ii) requiring clear, fair and not misleading advertisements, and (iii) banning misleading advertisements. The regime would include additional new rules for payday lenders, which would: (i) restrict loan roll-overs to a maximum of two, (ii) require lenders to provide borrowers who roll-over loans with information about debt advice resources, (iii) restrict to two the number of times an automatic payment deduction authority can be used, and (iv) restrict the content of payday lending advertisements. The Consultation Paper is open for comment through December 3, 2013. The FCA plans to publish the final rules and guidance in February 2014.
On August 29, the DOJ announced a program to encourage Swiss banks to cooperate in its ongoing efforts to prosecute offshore tax evasion. The program—which, according to a joint statement with the Swiss Federal Department of Finance, Switzerland will encourage Swiss banks to consider participating in—requires, among other things, Swiss banks to make significant disclosures to the DOJ about cross-border activities and accounts that affect U.S. taxpayers in exchange for non-prosecution agreements or non-target letters.
On June 19, the U.K. Parliamentary Commission on Banking Standards published a report titled “Changing Banking for Good.” The Commission, established in July 2012 after the alleged rigging of LIBOR was revealed, was tasked “to conduct an inquiry into professional standards and culture in the U.K. banking sector and to make recommendations for legislative and other action.” The report covers a broad range of banking sector issues, but focuses on the impacts of a perceived misalignment of incentives in banking. Some of the key recommendations include: (i) establishing a new regime to ensure that the most important responsibilities within banks are assigned to specific, senior individuals so they can be held fully accountable for their decisions and the standards of their banks ; (ii) creating a new licensing regime underpinned by Banking Standards Rules; (iii) creating a new criminal offense of reckless misconduct in the management of a bank for senior bank officers; (iv) adopting a new remuneration code to better align risks taken and rewards received that would also defer more remuneration for a longer period of time; and (v) giving the bank regulator a new power to cancel all outstanding deferred remuneration for senior bank employees in the event their banks require taxpayer support.
On May 23, the State Department announced that the Office of Management and Budget approved the final Burma Responsible Investment Reporting Requirements. Effective immediately, pursuant to General License No. 17, all U.S. persons with aggregate investment in Burma over $500,000 are subject to the reporting requirements, which generally cover a range of policies and procedures with respect to investments in Burma, including human rights, labor rights, land rights, community consultations and stakeholder engagement, environmental stewardship, anti-corruption, arrangements with security service providers, risk and impact assessment and mitigation, payments to the government, any investments with the Myanmar Oil and Gas Enterprise (MOGE), and contact with the military or non-state armed groups. The State Department will use the information collected to conduct to encourage U.S. businesses to develop robust policies and procedures to address a range of impacts resulting from their investments and operations in Burma.
On March 12, the European Commission announced that the European Parliament voted to support new legislation governing the out-of-court resolution of contractual disputes resulting from online transactions for the sale of goods or services, referred to as Online Dispute Resolution (ODR). The ODR legislation establishes a single EU-wide platform to handle disputes between traders and consumers arising from cross-border online transactions. The platform, which would not be applicable to offline transactions, will: (1) allow consumers and traders to electronically submit complaints related to online transactions along with related documents to an alternative dispute resolution entity; (2) allow alternative dispute resolution entities to receive and transmit information electronically; and (3) allow the parties to conduct and resolve the dispute resolution process via the platform. The platform is intended to be operational by 2015.
On March 6, the U.K. Financial Services Authority (FSA) issued a consultation paper (CP) to outline the regulatory regime for consumer credit markets after its regulatory powers transfer to the Financial Conduct Authority (FCA). The FCA is a new regulatory body that will succeed the FSA later this year, and will assume regulatory responsibility over the U.K.’s consumer credit and retail markets regulatory responsibilities. In addition to those markets, the FCA also will regulate conduct in wholesale markets, supervise the trading infrastructure that supports retail and wholesale markets, and prudentially regulate firms not regulated by the new Prudential Regulatory Authority. The CP outlines (i) the supervision of and reporting by covered firms, (ii) the interim permission for OFT license holders to continue operations, (iii) the supervision of credit advertising being subject to the Financial Services and Markets Act financial promotions regime, (iv) prudential requirements for debt management firms, (v) the Consumer Credit Act provisions that survive under the new FCA credit regime, and (vi) the sources of funding for the regime. Comments on the proposal are due by May 1, 2013.
On March 6, the U.K. Office of Fair Trading (OFT) announced that it will institute enforcement actions and seek to revoke the licenses of payday lenders that do not change certain business practices within 12 weeks. The action applies to the leading 50 payday lenders who account for 90 percent of the U.K. payday market. The OFT action comes in a final report on a broad payday lending investigation, which revealed widespread irresponsible lending and a failure to comply with the standards set out in the OFT’s Irresponsible Lending Guidance. The OFT also proposed to refer the payday lending market to the Competition Commission to investigate competition in that market.