Monday Compliance News - Around the World

GCSG's Monday Compliance News is a compilation of some of the previous weeks interesting trade compliance, anti-bribery/corruption, fraud, and due diligence news bites, from around the world.

With GDPR looming, key compliance questions still remain | DIGIDAY

"For better or worse, preparing for the General Data Protection Regulation is a do-it-yourself exercise for advertisers in the absence of stronger direction from regulators." (Click here for the article) - European Union

Turkish banker guilty of helping Iran dodge US sanctions  | Reuters TV

WATCH: US jury finds Turkish banker guilty of helping Iran dodge US sanctions (Click here for the video) - Iran, Turkey, United States

Firms can choose not to enter corruption-ridden markets | The Straits Times

"Many well-established multinationals have decent corporate cultures.  Their top managements have been known to decide that if a country operates by practices in keeping with the company ethos, they would not do business in that country." (Click here for the article) - Singapore

Drug Company Allegedly Bribed Doctors to Sell its Powerful Opioid Spray | Gizmodo

"The State of North Carolina is suing a pharmaceutical manufacturer for allegedly bribing doctors and defrauding insurers in order to sell more of its powerful fentanyl spray, fanning the flames of the opioid crisis that has millions addicted and is shortening lifespans." (Click here for the article) - United States

PWC faces negligence claim over $2bn fraud at Colonial Bank | The Times

"Auditors at PWC were negligent and missed a 'Red Flag' over a huge fraud that contributed to the collapse of a bank during the financial crisis, an American court has found." (Click here for the article) - Global

CSA Issues New Code of Conduct for GDPR Compliance

On November 21, the Cloud Security Alliance (CSA) released their Code of Conduct for compliance with the European General Data Protection Regulation (GDPR).  The GDPR Code of Conduct (the "Code") provides cloud service providers, cloud customers, and potential customers with guidance to assist with complying with the new requirements found within the GDPR.    

The CSA About web page states they are the "world's leading organization dedicated to defining and raising awareness of best practices to help ensure a secure cloud computing environment." (1)

The Code is structured to meet the mandatory data protection requirements under Directive 95/46/EC as well as the upcoming requirements of the GDPR.  

"...the CSA Code of Conduct for GDPR Compliance is of fundamental importance as it gives guidance for legal compliance and the necessary transparency on the level of data protection offered by the CSPs (Cloud Service Providers)." - Paolo Balboni, European ICT, privacy and data protection lawyer, and co-chair of the Privacy Level Agreement Working Group (2)   

Key Link(s):