by Juan Manuel González | Apr 8, 2024 | Noticias-en
On March 26, the Cybersecurity Framework Law was promulgated , an initiative that creates a National Cybersecurity Agency (ANCI) , which will have the purpose of regulating, supervising and sanctioning all public and private organizations that provide essential services and that are subject to to this regulation.
For the purposes of this law, essential services are those that are fundamental for the functioning of the country and the quality of life of society. The following sectors are included within this regulation:
- Electrical generation, transmission or distribution.
- Transportation, storage or distribution of fuels.
- Supply of drinking water or sanitation.
- Telecommunications and digital infrastructure.
- Digital services and information technology managed by third parties.
- Land, air, rail or sea transportation.
- Banks, financial services and means of payment.
- Administration of social security benefits.
- Postal and courier services.
- Institutional provision of health services.
- Production and/or research of pharmaceutical products.
This standard establishes a minimum compliance standard , requiring companies to adopt better tools to protect the rights of people in cyberspace , as well as to avoid the commission of crimes related to identity theft and other computer crimes, such as access illegal activity, sabotage, interception of services and other attacks that compromise security in the digital environment.
The supervisory work of the ANCI also implies sanctioning powers, being able to impose fines that could reach 40,000 UTM , that is, close to $2.6 billion pesos .
This Agency will dictate norms, protocols and minimum standards that must be considered by the subjects bound by this law in order to prevent, report and resolve cybersecurity incidents and attacks through computer means.
The promulgation of this new law turns out to be an important step in the construction of comprehensive national legislation on cybersecurity, and is inserted within a regulatory framework that, in general terms, seeks to guide public and private organizations to improve standards. of security in an increasingly globalized and connected world .
For more information, you can contact our Compliance team :
Francisca Franzani | Compliance group director | ffranzani@az.cl
Caterina Ravera | Senior Associate | cravera@az.cl
Jaime Viveros | Associate | jviveros@az.cl
by Juan Manuel González | Apr 1, 2024 | Noticias-en, Opinions
As women in the Compliance field, we understand that gender equality is, in addition to an essential right, the fundamental basis for building a prosperous and equitable world. This approach is closely aligned with Sustainable Development Goal No. 5 (“SDG 5”) of the United Nations Global Compact, which seeks to promote gender equality and the empowerment of all women and girls in all aspects of life. .
Despite the progress made in recent decades, women and girls around the world still face significant barriers to enjoying this equality, especially in key areas such as education, healthcare, employment and participation in decision-making. political and economic decisions. The reality that comes from being exposed reflects a challenge that requires continuous commitment from all sectors of society.
In the corporate context, companies have a crucial role to play in promoting gender equality. It is not only about adopting internal policies and procedures to guarantee equal rights and employment opportunities, but also about investing in economic empowerment programs that benefit women and girls in the communities where they operate, aiming to build more inclusive work environments, fair and productive.
In accordance with SDG 5, some of the practices that companies can implement include, but are not limited to:
- Create an Equality Plan with specific commitments, measures and objectives to promote and achieve gender equality within the organization.
- Monitor and ensure that all company policies include a gender perspective and that the business culture promotes equality and integration.
- Implement procedures aimed at promoting an increase in the number of women at all levels and positions within the organization, especially in positions of responsibility and management.
- Develop a training plan on gender, which includes topics such as human rights and non-discrimination, for all departments and areas of the organization.
These actions not only meet the objectives of SDG 5, but also contribute to building a more equitable and sustainable environment for present and future generations. Additionally, they foster a more productive and enriching work environment for all employees, regardless of gender.Principle of the form.
By Lucía Rodríguez Wikman, Lawyer | CIEMSA
by Juan Manuel González | Mar 25, 2024 | Noticias-en, Opinions
Introduction
The choice of the title is not arbitrary and advances our opinion that giving space in these areas and, in all, to women is not an exercise for diversity, because, among other reasons, not even numerically, women are a minority. If this is not the case, it does not seem reasonable that, in specific areas, gender should be treated this way.
We chose this topic because we frequently see spaces for discussion about the inclusion of women in the Latin American labor market. However, there are fewer spaces that deal with the inclusion of women in the administration and representation bodies of public or private legal entities.
Data
The World Economic Forum report, in reference to the “Global Gender Gap” of June 2023, indicated that, in general terms, it will take 53 years to close the gender gap in Latin America and the Caribbean.
In particular, the push to increase the role of women on boards may be even slower, compared to that in other areas of activity. In a work by the OECD2 “OECD Corporate Governance Factbook 2023” the following data is indicated in relation to the participation of women on the boards of directors of listed companies in the following Latin American countries:
As can be seen, inclusion in these forums is low. The acceleration of the inclusion of women in these areas has been handled in different ways depending on the country. Some propose state intervention through regulations (for example, with the establishment of mandatory quotas). Other countries have opted to disclose the gender composition of board members; while another group has established less rigorous mechanisms, such as the setting of voluntary objectives or goals or simply a collaborative approach.
To mention a case that is familiar to us, in India, according to the Companies Act, 2013 as amended, the participation of at least one woman on the boards of directors of companies is required.
According to a Harvard Business Review article “What Happened When India Mandated Gender Diversity on Boards”3, this movement began in 2003 in Norway, which established that boards should have 40% women in their composition. However, as also noted in the aforementioned work, it has been suggested that the response to these initiatives may result in the election of women to join the boards of directors with the sole purpose of complying with the law with the quota requirements without their presence can be considered legitimate. Likewise, one of the effects of the original Norwegian quota is that a small group of prominent women were appointed as directors in multiple companies.
According to the same work, this effect did not occur in India, where the law managed to significantly expand the group of different women who served as directors.
Some reflections
We asked ourselves, then, whether the issuance of standards would be the most effective way to increase the real participation of women on company boards.
It seems clear that a regulation of this nature requires, among other measures, prior attention to the issue of women’s participation in leadership positions, to avoid the repetition of phenomena such as the reports of concentration of appointments in few women or of lack of legitimacy. It is necessary, then, to educate and encourage the occupation of these spaces and not only impose participation.
And in all this, companies have a main role in adjusting their organizational culture and business administrative perspective. A company with a perspective of integration, diversity and gender focus should be a pioneer in these issues, enhance and promote it from its basic core, without waiting for the existence of an obligation. And this reflection is even more applicable to business conglomerates that are established. in different jurisdictions since it would not make sense to adopt a gender quota according to legislation if active and global policies for the participation of women in all positions and also on boards of directors are not maintained. This will imply a change and will generate resistance, but it cannot be postponed.
By Ana Cristina Peña, Crime Prevention Officer Latin America at Tata Consultancy Services.
—————————————————————-
1 World Economic Forum “Global Gender Gap 2023” retrieved from https://www.weforum.org/publications/global-gender-gap-report-2023/ consulted on March 18, 2024.
2 OECD (2023), OECD Corporate Governance Factbook 2023, OECD Publishing, Paris, https://doi.org/10.1787/6d912314-en consulted on March 18, 11, 2024.
3 HBR “What Happened When India Mandated Gender Diversity on Boards”, February 2021 retrieved from What Happened When India Mandated Gender Diversity on Boards (hbr.org)
by Juan Manuel González | Mar 22, 2024 | Noticias-en
Uruguay leads international rankings in terms of transparency and lower perception of corruption in the region.
According to the Corruption Perception Index for the year 2023, prepared by the non-governmental organization Transparency International , Uruguay is perceived as the most transparent country in Latin America, with a total of 73 points out of 100 possible (where 0 is equivalent to a perception of high levels of corruption), consolidating its leadership position in the region as it has done in previous years. With this score, Uruguay is placed in 18th place out of a total of 180 countries, with Canada being the only American country that surpassed Uruguay with a score of 76 points.
According to the Transparency International report, “ more than two-thirds of countries obtain a score of less than 50 out of 100, which indicates that they have serious corruption problems. The global average is stuck at just 43 points, while the vast majority of countries have made no progress or have declined in the last decade .”
Likewise, according to the 2023 Democracy Index (prepared by The Economist Intelligence Unit ), Uruguay ranks 14th globally, and is positioned as the leading nation in democracy in Latin America. The report analyzes the situation of 165 countries, evaluating measures such as the electoral process and pluralism, government functioning, political participation, political and democratic culture, and civil liberties. According to this last index, Uruguay obtained a score of 8.66 out of 10 and placed first in the Latin American ranking.
The Economist assures in its report that at a global level there is a fall in democracy, while in Latin America the fall is dramatic. The index shows that just over 1% of the population of Latin America and the Caribbean lives in a full democracy, 54% in defective democracies, 35% in a hybrid regime (between imperfect and authoritarian), and 9% in authoritarian regimes.
Uruguay seems to be an exception in the global and regional panorama. Without a doubt, this privileged place in international rankings will be another of the attractive advantages to be appreciated by investors when considering their installation or stay in Uruguay.
For more information contact:
Carla Arellano | Counselor Ferrere | carellano@ferrere.com
by Juan Manuel González | Mar 19, 2024 | Noticias-en, Opinions
In the field of corporate compliance, the effective implementation and implementation of programs and systems for the prevention and management of risks such as money laundering and corruption is increasingly important. One of the most recent documents from the United States Department of Justice (DOJ) points to this conclusion, which consists of a guide for the evaluation of corporate compliance programs, aimed at federal prosecutors in charge of prosecuting companies for participating in acts of corruption and transnational bribery, in application of the Foreign Corrupt Practices Act (FCPA).
The aforementioned guide is intended to give prosecutors tools to “make informed decisions about whether, and to what extent, the company’s compliance program was effective at the time of the crime and is effective at the time of the accusation” in order to determine its merit to exonerate liability or mitigate the penalty imposed on the company. The second of the three cardinal aspects that the guide gives to evaluate the programs, inquires about whether the company’s compliance program has adequate resources and powers to function effectively, and the third of the criteria to answer this question is directly related with compensation and consequence management structures, in other words, establishing incentives for compliance and disincentives for non-compliance.
The Superintendency of Companies of Colombia, as regulator of the most extensive compliance programs in the country (SAGRILAFT and PTEE), shares the opinion that sanctions and compensation schemes are an important, even essential, element of an effective compliance program. Therefore, both Circular 016 of 2020 (SAGRILAFT) and Circular 011 of 2021 (PTEE) instruct obligated subjects to include this element in their programs, as follows:
– Section 5.1.2. of Circular 016 of 2020 says that: “The SAGRILAFT must include sanctions or consequences for employees, administrators, associates or third parties, for non-compliance or non-observance of its provisions.”
– Section 5.1.5.3.2, literal g, establishes that the compliance officer must implement “internal investigation procedures in the Obligated Entity to detect non-compliance with the PTEE and Acts of Corruption”; and section 5.1.2. It says that “the PTEE must include, in a clear and simple way, the consequences of violating it.”
Additionally, the Superintendency clarified, in Official Letter 220-091819 of July 11, 2021, that “the obligated subjects will determine the mechanisms that will allow them to evaluate, monitor and control the risks and, in turn, will establish the relevant sanctions for non-compliance with the system in accordance with its organizational structure, sanctions that must cover both employees, administrators, associates or third parties. (…) Therefore, it is up to each obligated company to determine, in each particular case and in accordance with the characteristics of its organization, the sanctions applicable to associates who fail to comply with SAGRILAFT.”
Colombian companies that have been implementing these programs since 2016 have focused on following the regulations’ instructions to the letter, including simple sanctioning regimes in their compliance systems. In practice, the most common scheme consists of classifying non-compliance with the duties and obligations derived from compliance policies and procedures as disciplinary offenses, and the compliance area, in these cases, usually plays the role of investigator who presents the case. before the disciplinary authority. The consequences for non-compliance have then been limited, with good judgment, to what is permitted by labor regulations, from reprimands to suspensions from their duties without remuneration, and in serious cases even the termination of the employment contract with just cause, after developing a disciplinary due process. It is worth remembering that, according to the substantive labor code, disciplinary sanctions with pecuniary consequences are completely prohibited, except in cases in which the worker has unjustified delays or absences, in which case the hours or days not worked can be deducted from the salary. Such regulation completely prevents the imposition of economic sanctions for lack of compliance.
On the other hand, incentive or compensation schemes to encourage compliance seem to still be a field insufficiently explored by companies, which is a real shame because, although there are currently insufficient parameters to measure the effectiveness of adopting compensation schemes in compliance programs, the truth is that in other areas of the development of corporate culture, incentives have proven to be useful tools to promote cultural changes and the internalization of corporate values, so, from the perspective of corporate compliance, it would be a practical recommended to help translate paper compliance programs into the reality of companies.
Contrary to the situation in the United States, Colombian regulations do not require or suggest specific models of incentives and sanctions as a mandatory requirement in compliance programs. The assessment of these programs within the framework of the administrative sanctioning procedure lacks detailed government guidelines, and there is nothing to indicate that the compensation and sanction schemes are rigorously evaluated as a component of effectiveness to mitigate the administrative responsibility of legal entities in the framework of the sanctioning procedures initiated under the Anti-Corruption Statute (Law 1474 of 2011) and the Transnational Bribery Law (Law 1778 of 2016). However, Colombian regulation tends to imitate North American trends, which have become a true compliance standard for Latin America, therefore, it makes sense that we begin to take the tools seriously to make our compliance programs true instruments. for the prevention and management of risks in companies.
BONUS: Some ideas on incentive and sanction schemes to reinforce the compliance culture in your company:
Incentives:
• Public recognition: Reward ethical and transparent employees in meetings or internal communications.
• Ethical bonus program: Offer financial bonuses to employees who demonstrate outstanding ethical behavior.
• Ongoing training: Provide ethics and compliance training opportunities, with incentives for completing courses and certifications.
• Extra days off: Provide extra days off as a reward for maintaining high ethical and compliance standards.
• Participation in decision-making: Invite ethical employees to participate in key decision-making processes to foster their commitment.
Sanctions:
• Temporary suspension: Impose temporary suspensions on those who violate ethics or compliance policies.
• Affected performance review: Link performance evaluation to ethical conduct, so that those who do not comply face consequences in their reviews.
• Phased removal process: Implement a system of progressive warnings before termination for cases of unacceptable ethical conduct.
• Prohibition of promotions: Prevent promotions and promotions for those who have violated ethical policies until they demonstrate a change in their behavior.
It is important to adapt these measures according to the culture and specific needs of the company, promoting a balanced approach between incentives and sanctions to achieve effective results.
By Nicolás Castro Márquez, corporate criminal lawyer, Posse Herrera Ruiz.