The Paradise Papers underline the need for rigorous and ongoing compliance training as well as the importance of creating and maintaining an industry-wide culture of compliance.
The Paradise Papers were leaked on 5 November 2017 by the German newspaper, Süddeutsche Zeitung.
The leaked information spans the period 1950 to 2016 and comprises in excess of 13.4 million files and 1,400GB of data containing confidential information about the international tax haven industry.
The documents and data constitute the second biggest data leak in history – surpassed only by the 2016 Panama Papers – and expose the financial affairs of many high profile international organizations and high-net-worth individuals, including Apple, Nike, Bono and the Queen. Moreover, the leak brings increased scrutiny to the financial, legal and other institutions that advised these clients.
Much of the data emanates from legal services firm Appleby and corporate services provider Estera. The balance of the information is from corporate registries in 19 jurisdictions, some of them in the Caribbean, and a Singapore-based international trust and corporate services provider.
Anticipating a regulatory response
Given the sheer volume of information involved, it could take months – even years – for the relevant tax authorities to collate and analyze all the data contained in the Paradise Papers, but the regulatory response is likely to be significant and far-reaching.
In order for organizations to keep ahead of anticipated regulatory developments resulting from the leak, it is crucial that all relevant staff members are given thorough and ongoing compliance training on pertinent topics such as anti-money laundering (AML) and countering the financing of terrorism (CFT).
The leak further highlights the importance of data privacy training. Individuals regularly disclose personal information in their day-to-day dealings with both public and private entities. This data is necessary for transactions to proceed and is legitimately requested, but organizations are required to take adequate steps to ensure that personal information in their possession remains secure. Employees need to fully understand how to detect and prevent potential threats to confidential data.
Effective compliance training
We operate in an era where personal liability has become a reality and both companies and compliance professionals need to ensure that they are aware of any and all regulatory changes that could affect them.
To this end, effective compliance training needs to evolve beyond a tick-box approach and should, where possible, be driven by practical examples and interactive scenarios, so that users develop a deep understanding of compliance issues.
Compliance training material should also be continually updated and regularly reviewed to keep abreast of the evolving regulatory landscape. Compliance professionals should retain a comprehensive audit trail to demonstrate effective compliance training to regulators.
Fostering integrity through compliance training
The Paradise Papers open international tax havens up to new scrutiny and demonstrate the need for greater transparency within an industry founded on secrecy.
If we are to achieve this transparency, compliance professionals must ensure that their approach to compliance training not only effectively mitigates the plethora of risks faced by their own organizations, but also seeks to foster a culture of compliance and integrity that permeates the industry as a whole.
Thomson Reuters Compliance Learning
Thomson Reuters offers a variety of compliance training materials to bolster employee knowledge and participation in protecting information and privacy, including Data Privacy and Security training, Information Security and Cyber Risk Awareness training and Electronic Communications training.