6th October 2019
US: LACK OF IN-HOUSE CYBER EXPERTISE LEADS TO $1.5M CFTC PENALTY
The blog of the Program on Corporate Compliance and Enforcement at New York University School of Law reports that, as regulators ramp up their cybersecurity enforcement, one area of increasing focus is in-house expertise and that regulators are starting to explicitly require companies to have qualified data protection personnel. An example if given of the US CFTC, which on 12th September agreed a $1.5 million settlement with Phillip Capital Inc over a cyber breach. It is said that CFTC made clear that the firm’s lack of cybersecurity training and expertise played a significant role in the decision to bring an enforcement action, finding that the firm had violated Regulation 166.3 by failing to supervise implementation and compliance with cybersecurity policies and procedures. The blog post says that having technical and non-technical personnel responsible for cybersecurity who have little or no experience and training is becoming a red flag for regulators in these cases.
HOW NORTH KOREAN FRONT COMPANIES SELL THEIR SOFTWARE TO THE WORLD
On 4th October, NK News published an article says that difficulties in tracking sources of digital wares pose challenges to those complying with sanctions. Supply chain management isn’t exactly the hottest of topics, it says, but it is crucial to ensuring compliance with national and international sanctions regimes on North Korea. Companies must know where they source components of their products from as well as where those products may end up. It points out that US controls effectively ban any engagement with North Korean cyber actors – and while these are unilateral measures taken by the US, they have international reach given the centrality of the US financial system. It provides some examples of cases where such supply chain checks would have helped avoid sanctions breaches. It says that the cases show is that products made even in the US or its partner countries may find their way to North Korea and vice versa – and this is certainly true for digital products as well. It then goes on to consider the Future TechGroup case, this being an IT company linked to Glocom, a front for North Korea’s export of military equipment, that claimed to have supplied software to law enforcement in at least 2 countries. A method explained is where a company is incorporated outside of North Korea, and then creates an online presence for itself to sell products worldwide, and — if necessary — reinvents itself to advertise under multiple names on different sites.
AUSTRALIA REJECTS US PLEA FOR EXTRADITION OF IRANIAN STUDENT ACCUSED OF SMUGGLING MILITARY DEVICES
On 6th October, the Straits Times reported that Australia has rejected a United States extradition request for Dehbashi Kivi, an Iranian student who had been accused of conspiring to smuggle electronic military devices to Iran. This occurred on the same day that Iran released 2 Australian students accused of spying in that country.
BANK OF IRELAND ALLEGEDLY IMPLICATED IN $300 MILLION CRYPTO SCAM MONEY LAUNDERING;
Cryptopolitan on 5th October reported that Bank of Ireland was allegedly involved in laundering money acquired from the OneCoin crypto scam for a US lawyer, Mark S Scott. He allegedly used the bank for laundering proceeds worth €273 million from the multi-billion dollar scam of OneCoin cryptocurrency.
IRELAND: GARDA CORRUPTION INQUIRY IN SOUTH WIDENS TO 30 MEMBERS
On 6th October, the Irish Times reported that a major investigation into alleged Garda corruption in the south has been significantly extended to examine the actions of up to 30 members of the force. An initial criminal investigation was established to determine if a small number of Garda members had been supplying information to a criminal gang in the south, and while that inquiry into the alleged leaking of information is continuing other spin-off inquiries are now under way.
UKRAINE: US “INVESTIGATES ILLEGAL ACTIVITY OF OLIGARCHS KOLOMOISKY AND BOGOLIUBOV”
On 6th October, 112 UA reports claims that the Ukrainian billionaires created a system of “fictitious” loans that went through the US steel plant and brought it to bankruptcy.
This blog is primarily for my own use, to keep informed and up to date. However, if you would like to say thank you (and perhaps help me get a new, better laptop when I am away…) you can “buy me a coffee” at https://www.buymeacoffee.com/KoIvM842y