This month’s Red Flag Bulletin includes the following stories:
- The US imposes sanctions on key members of the Gupta family, which is accused of corruption in South Africa;
- A lender admits to the largest data breach in Russia’s banking history; and,
- The Cayman Islands to introduce a register of beneficial ownership.
SUB-SAHARAN AFRICA
South Africa: US sanctions imposed on Gupta family
On 10 October, the US Department of the Treasury’s Office of Foreign Assets Control imposed sanctions on three key members of the Gupta family, and an associate, for their alleged involvement in grand corruption in South Africa. The Guptas are one of the highest profile business families in South Africa. Brothers Ajay, Atul and Rajesh Gupta are alleged to have leveraged their close connections to former South African President Jacob Zuma (2009-2018) to benefit from lucrative state contracts linked to South Africa’s parastatal organisations. They have since fled the country, and are currently the subject of a commission of inquiry in South Africa focused on corruption during the Zuma years. A decision is expected soon as to whether the UK will follow suit by imposing its own sanctions against the Guptas.
CENTRAL & NORTH AMERICA
Cayman Islands: Government to introduce public register of beneficial ownership
In October, the government of the Cayman Islands announced its intention to introduce a public register of beneficial ownership of companies by 2023. The government said that this reflects its commitment to align with global standards on transparency and international efforts to tackle financial crime, including the EU’s Fifth Anti Money Laundering Directive. This is one of a series of steps taken by the Cayman Islands’ government following a critical assessment of its current measures by the Caribbean Financial Action Task Force in March 2019.
ASIA PACIFIC
PRC: Companies and officials blacklisted by US over human rights violations
On 7 October, the US Department of Commerce blacklisted 28 People’s Republic of China (PRC)-based organisations for their alleged involvement in human rights violations, reportedly committed as part of the government’s repression of the Uighur, Kazakh and other Muslim minorities in Xinjiang province. The organisations have been put on the Entity List, meaning that they now require approval from the US government before buying products from any US company. The blacklisted organisations include Hangzhou Hikvision Digital Technology Company Limited, the world’s largest supplier of surveillance products, the Xinjiang Public Security Bureau, as well as 19 other government organisations. The US government also placed visa restrictions on PRC government officials who are reportedly responsible for – or complicit in – the abuse of Uighurs and other minorities in Xinjiang; their family members will also face restrictions.
PRC: Former securities commission chairman guilty of corruption but avoids jail
On 21 October, the former chairman of the China Securities Regulatory Commission (CSRC), Liu Shiyu (Liu), was found guilty of corruption by the National Supervisory Commission, the PRC’s anti-corruption body. Liu, who served from 2016 to 2018, was found to have fast-tracked IPOs of banks from his home town and facilitated bond purchases by family members at below-market prices. Despite the guilty verdict, Liu will not face criminal charges or be expelled from the Communist Party of China. Such leniency has been rare during President Xi’s anti-corruption campaign, which began in 2012. The decision is seen as an attempt from Communist Party’s leadership to incentivise co-operation by public officials in its ongoing anti-corruption drive.
LATIN AMERICA
Brazil: Supreme Court criticised for watering down powers to investigate financial crime
There has been international criticism of a ruling by the Brazilian chief justice, which suspended all criminal investigations that were using detailed financial data from government entities without specific judicial authorisation. Chief Justice Dias Toffoli made the decision in July following a request filed by Senator Flávio Bolsonaro, the son of the current Brazilian President Jair Bolsonaro, who has been investigated for allegedly embezzling public funds. Following the ruling, the Financial Action Task Force, an intergovernmental organisation to combat money laundering, has expressed serious concerns over Brazil’s ability to comply with international standards and combat money laundering and terrorist financing. The OECD’s anti-bribery commission also said that such a decision “seriously threatens” Brazil’s ability to fight corruption, and announced that members of the organisation will visit the country in November for discussions with Brazilian authorities.
EUROPE
EU: Six member states call for central anti-money laundering authority
On 9 November, six EU countries declared that the bloc needs a central supervisor to tackle money laundering, following a string of high profile investigations into lax controls at European banks. In a joint statement, Germany, France, Italy, the Netherlands, Spain and Latvia claimed that a new watchdog, or an empowered European Banking Authority, should take over from national bodies which may be “influenced directly or indirectly by supervised institutions or interest groups”. Closer financial supervision was high on the agenda at a meeting of EU finance ministers in October, and this announcement marks a toughening in Germany’s stance on the issue. A common approach is expected to be decided in December.
United Kingdom: Supreme Court hears supermarket’s appeal over data breach ruling
Morrisons, the supermarket chain, has asked the UK Supreme Court to overturn a ruling which found it liable for the actions of a disgruntled employee, who leaked the payroll data of over 100,000 staff in 2014. This is the latest development in the first class action lawsuit over a data breach in the UK. In 2017, the High Court found Morrisons vicariously liable for the misuse of the data by a senior internal auditor who published names, addresses, salaries and bank details online. The ruling was upheld last year. If its bid to convince the Supreme Court fails, the supermarket chain may face compensation claims by thousands of its staff.
RUSSIA & CIS
Ukraine: State wins key decision in legal battle against former owners of largest bank
On 15 October, the Court of Appeal in London ruled that UK courts have jurisdiction to hear a case brought by Privatbank, Ukraine’s largest bank, against its former owners, Ihor Kolomoyskyi and Hennadiy Boholiubov. Privatbank was nationalised in 2016 following an audit which found a USD 5.5 billion hole in its balance sheet. The now state-owned bank is seeking to recover USD 3 billion from its former owners, whom it accuses of large-scale fraud and embezzlement. A worldwide freeze on USD 2 billion of the oligarchs’ assets will remain in place until the case is heard, likely in mid 2021 at the earliest. The decision follows the Ukrainian government’s announcement that it was open to seeking a settlement with Kolomoyskyi over compensation for losses incurred by the nationalisation. The IMF, Ukraine’s principal financial backer, has warned that any moves to reverse Privatbank’s nationalisation will put its loan programme with the country in jeopardy.
Russia: Sberbank reveals largest data breach in Russian banking history
In early October, Sberbank, Russia’s biggest bank, admitted to having suffered the largest ever data breach in Russian banking history. The personal information of up to 60 million credit card holders, including the details of 18 million active cards, was leaked onto several internet forums and put up for sale. Russian media sources reported that customers’ personal information, rather than their funds, was the target. The bank stated that the leak is likely to have been the result of criminal wrongdoing by one of its employees. Russian authorities have reportedly blocked the forums selling the leaked information and have opened a formal investigation.