Question Description
I’m working on a business law discussion question and need support to help me learn.
As the global economy expands, the need for knowledge, awareness, and enforcement of business laws is growing. Jurisdictional differences, especially with the rise of technology, may become redefined as more companies pursue international opportunities.
Please read the article and answer the questions below in your initial post.
Setting Your Sights on Business Abroad: Navigating International Laws and Regulations
What are your impressions of the topics addressed?
Do you expect worldwide business practices to change or to develop in the upcoming years?
SElEctED tOpic
Greg Carmean
Setting Your Sights on Business
Abroad: Navigating international
laws and Regulations
46 BuSiNeSS Credit may 2016
For many U.S.-based businesses, expanding into inter- national markets holds the lure of potentially lucrative
growth opportunities. At the same time, domestic busi- nesses may encounter a number of unique obstacles,
including a variety of international laws and regula- tions, when working with customers, merchants and
vendors overseas. Conducting business cross-borders can be fraught with regulatory and compliance risk
challenges. Even the best-intentioned organizations can struggle to navigate myriad complex regulations
found at the national and international level.
For example, failure to fully understand the regulatory environment and comply with the latest data transfer
and data privacy regulations can prove extremely costly. According to the U.S. Department of Treasury (DOT),
$599.7 million in Office of Foreign Assets Control (OFAC) civil penalties were issued in 2015. With a grow- ing
list of global economic and trade sanctions, anti- money laundering (AML) regulations, data protection and
due diligence provisions, it’s little wonder that many companies struggle to stay in compliance. The Treasury
reported that the average OFAC civil penalty grew from $7.4 million in 2010 to nearly $40 million in 2015.
and abroad. In fact, KPMG’s Global Anti-Money Laun- dering Survey 2014 finds that 70% of respondents had
received a regulatory visit focusing on KYC. This has led to a 53% increase in investments for AML processes.
The challenge, however, is that implementing adequate controls and processes can be complex, and current
solutions are often expensive, incomplete and difficult to integrate. No single tool or source of data enables
seamless compliance.
Gaining reliable information about companies and individuals outside the United States is far more diffi- cult
than in this country. Access to data around the globe varies greatly. The U.S. information infrastructure is far
more robust due to stringent regulatory oversight that requires companies to disclose data about themselves and who’s behind the business. Without reliable customer information, it becomes more difficult to
make a good risk assessment of the businesses in an organization’s overseas portfolio.
Adding to the challenge, businesses also must consider the importance of streamlining processes to ensure
that the supplier/customer experience isn’t impacted adversely. Conducting due diligence outside the United
States can create significant friction with clients and suppliers because of the depth of information being
requested. Some may become frustrated with the intru- sive nature of the inquiries and move their business
to companies that manage the process more efficiently. For this reason, working with a vendor—one that has
a global footprint and tier-one credit partners world- wide—can help provide credible, up-to-date information that can automate processes, while meeting KYC requirements, as well as supporting risk management
decision-making.
Data Privacy and Transfer restrictions
For organizations conducting business overseas, trans- ferring data (such as commercial credit reports) back
to the United States can present data privacy challenges. Data being sent from another country or region to
the United States may be subject to restrictions or prohib- ited under regulations such as the European Union
(EU) Data Protection Directive or the U.K. Data Protec- tion Act. Understanding data privacy and transfer
restrictions is critical for both maintaining regulatory compliance and determining the extent to which KYC
functions can be offshored to manage costs.
U.S. businesses would be well advised to gain a clearer
understanding of the regulatory landscape.
On the path toward international expansion, U.S. businesses would be well advised to gain a clearer
understanding of the regulatory landscape to ensure that they’re ready to handle the many complexities of
managing commercial accounts overseas. Business professionals should ask themselves questions such as the
following: What do I need to consider regarding regulatory compliance when expanding abroad? What type of
information on businesses and consumers is available outside the United States, and how can I use it legally?
What types of truly global systems exist in the market to help assist in regulatory compliance and risk
management?
Improving Know-your-Customer Processes
Punitive fines, enforcement actions and reputational risks are driving increased regulatory compliance concerns about know-your-customer (KYC) regulatory requirements for doing business in the United States
Staying abreast of the latest data privacy laws is no simple task, particularly in light of recent changes. For the
past decade and a half, Safe Harbor Privacy Principles have allowed U.S. companies to register with the U.S.
Department of Com- merce, which allowed them to send and receive personal information about EU residents
across EU borders. However, this practice was declared illegal last year. Concerns over dis- closures of
sensitive information, such as those highlighted by the Edward Snowden leaks, potentially could have put U.S.
companies into conflict with the EU’s broadly written privacy directives. Safe Harbor subsequently has been
replaced by the EU-U.S. Privacy Shield. However, it remains to be seen if these new restrictions will be
acceptable with EU authorities.
Today, organizations operating in Europe must either obtain consent of the beneficial owner whose data they
are transfer- ring or utilize model contractual clauses as published by the European Commission. These
standard contractual clauses were developed for the purpose of transmitting personal data from the
European economic area to any third countries. Model clauses are intended to provide safeguards for the protection of the privacy of individuals.
Failure to understand how data must be treated—and what safeguards must be in place to ensure compliance
with data privacy regulations—can result in hefty fines.
Best Practices in mitigating risk
As U.S.-based businesses look to capitalize on international growth opportunities, they need to be aware of
the complex regulatory environment and put strategies in place to mitigate
risks associated with cross-border data transfer to stay com- pliant with data privacy laws.
Organizations should look to implement industry best prac- tices, such as developing plans that take country,
business cli- mate and transparency risks from country to country into account. Conducting regularly
scheduled compliance and risk reviews will enable organizations to stay abreast of the latest regulatory
changes and prepare for future challenges. Compa- nies should strive to gain a better understanding of how
con- sumer legislation may impact checks of sole traders and busi- ness contacts, so they can stay compliant
with pertinent regulations and avoid onerous fines.
It is critical for organizations to choose the right vendor when it comes to supporting global data transfer and
maintaining compliance with data privacy regulations across a range of countries. Such a vendor should
supply current, accurate information for each respective market, allowing organiza- tions to automate
processes while meeting KYC requirements. Some vendors may boast about having extensive online regulatory data for a multitude of countries, but if that data is incomplete or dated, it will prove less than effective.
The right vendor will provide organizations with the most up-to-date information, which will allow them to
make the right deci- sions for their business.
Greg Carmean is a senior product manager for Experian’s Business Information Services. He is responsible for overseeing the
company’s core commercial products, including domestic and international credit reports. Greg can be contact through his
colleague Jordan Takeyama at jordan.takeyama@experian.com.
No Math iNvolved!
Completing the monthly Credit Managers’ Index (CMI) survey is easy. Just indicate if something is better, the
same or worse than the month before. That’s it!
Most importantly, your knowledge and experience can help make the CMI as accurate as possible. The CMI is
a leading economic indicator that has been covered by, among others,
The Washington Post, Bloomberg,
BusinessWeek and
The Wall Street Journal.
Please sign up today for our monthly email reminder at nacm.org/cmi.
may 2016 BuSiNeSS Credit
47
Copyright of Business Credit is the property of National Association of Credit Management, Inc.
and its content may not be copied or emailed to multiple sites or posted to a listserv without the
copyright holder’s express written permission. However, users may print, download, or email
articles for individual use.
Purchase answer to see full
attachment