UK-Based biopharmaceutical company AstraZeneca agreed to pay the U.S. Securities and Exchange Commission (SEC) $5.5 million to settle claims that its Chinese and Russian subsidiaries had made improper payments to state-controlled health care providers in violation of the Foreign Corrupt Practices Act (FCPA).

In an order released earlier this week, the SEC outlined both the claims against AstraZeneca and the company’s cooperative and remedial efforts which were taken into account as part of the settlement.

Between 2007 and 2010 in China, sales staff made payments and gave gifts to physicians and administrators to ensure that state-owned health care providers would purchase AstraZeneca products. In one scheme described in the SEC Order, Chinese sales staff paid individuals for their appearance at fabricated speaking engagements. The conduct in Russia occurred between 2005 and 2010 and similarly paid members of state-owned health care providers to use AstraZeneca products.

AstraZeneca did not self-report its violations; however, it was still able to work toward a settlement based on its cooperation with the SEC. The SEC specifically noted that AstraZeneca disclosed documents and information collected during its own internal investigation including translations of key documents. The SEC also cited AstraZeneca’s remedial efforts including creation of a centralized compliance program with key compliance individuals placed in high-risk markets. AstraZeneca also took appropriate steps with regard to the employees involved ranging from trainings and reassignment to lower-risk areas of responsibility to voluntary separations and dismissals.

Yet again, full and complete cooperation appears to be the key to forging settlement of FCPA claims. Even after failing to self-report, the SEC lauded AstraZeneca’s cooperation and the information that the company’s internal investigation provided which would not have been discernable without the company’s assistance. In addition, the SEC recounted the numerous remedial steps that AstraZeneca undertook. If a company does not have the capacity to guide its own internal investigation or plan and implement remedial measures, it should contact a law firm that has the knowledge and resources to help the company make meaningful contributions to the investigation of any claims that arise.

Copyright: maxkabakov / 123RF Stock Photo
Copyright: maxkabakov / 123RF Stock Photo

The U.S. Department of Commerce and the European Commission announced the Privacy Shield framework to replace the invalidated U.S-E.U. Safe Harbor Agreement, but the agreement has not yet been committed to paper.

The Safe Harbor Agreement between the United States and the European Union permitted the importation of personal data from the E.U. by American businesses that self-certified as complying with the E.U. data protection laws. However, the E.U. Court of Justice (EUCJ) ruled in its October 6, 2015 decision in Schrems v. Data Protection Commissioner (Case C-362/14), that the Safe Harbor failed to protect Europeans and invalidated the Safe Harbor.  After the Safe Harbor was invalidated, businesses have been unsure how to legally continue to import data from the European Union to the United States.

The Privacy Shield is a new framework intended to govern the flow of data between the U.S. and the E.U. As of now, the details are still being worked out, but the negotiators involved in creating the Privacy Shield have outlined its broad principles.  The Privacy Shield will have three main components: (1) new corporate obligations for U.S. businesses to commit to robust obligations on data processing, (2) granting E.U. citizens redress to challenge alleged misuse of their data, and (3) limitations on U.S. government access to personal data.

The Article 29 Working Party (Working Party) will need to approve the Privacy Shield before it can go forward. The Working Party is an independent and enforcement oriented advisory board composed of representatives of the national data protection authorities (DPA), the European Data Protection Supervisor (EDPS) and the European Commission. It expects to have the documents to review the new Privacy Shield by the end of February.

In the meantime, the Working Party has announced that the DPAs will not be enforcing actions until March or April against businesses that rely on the invalidated Safe Harbor while the details of how to proceed are still being worked out. The Working Party provided some assurances that during the period of review and assessment transfer mechanism such as the Standard Contractual Clauses and Binding Corporate Rules (BCRs) can still be used to transfer personal data to the U.S. The Standard Contractual Clauses are form data transfer agreements approved by the European Commission, and BCRs are internal data processing rules binding on all members of a global corporate group to permit intragroup transfers of personal data.

However, virtually all transfers of E.U. personal data to the U.S. are still at risk as there is no guarantee of how things will shape out during this critical interim time. Thus, until the Privacy Shield is finalized, much uncertainty regarding the transfer of personal data from the European Union still exists.

spirits4The European Union (EU) has requested consultations, a World Trade Organization (WTO) dispute proceeding, with Colombia to address what it believes are discriminatory practices against spirits being imported from the EU into Colombia. The EU says that Colombian authorities treat imported alcoholic beverages from the EU in a manner that is inconsistent with the WTO.

The EU spirits face higher taxes than local brand spirits, and Colombia’s regional authorities impose market-access restrictions for imported spirits. The EU believes this creates a competitive disadvantage against EU spirits and is inconsistent with the non-discrimination obligations of the WTO rules.  Because the EU is the number one exporter of spirits into Colombia, it is most impacted by these discriminatory practices.

The EU and Colombia signed a comprehensive free trade agreement in 2013. The trade agreement aims at opening up both markets and committed Colombia to creating a level market for imported and local goods.  The August 2015 deadline has passed for these arrangements to come into effect, which has spurred the EU to initiate the consultations.

The objective of the consultations is for the parties to resolve the dispute themselves, without litigation. The bilateral consultation is the first step in the settlement process.  If the consultations fail, and the parties are unable to resolve the dispute within 60 days, the EU can request adjudication by a panel to rule on the compatibility of Colombia’s trade practices with the WTO rules.