We present the new edition of our “Secure Company” alert, containing information on anti-money laundering (AML) and counter-terrorism as well as cyber security and personal data protection.
In this issue, we want to highlight a few important matters. First of all, the draft act on whistleblowers and their protection. Once enacted, the act will need to be applied also by companies.
The procedures it provides for apply also to reported violations of anti-money laundering and personal data protection regulations. In our first text on this topic (to which we will return in the next issue of the alert), we focus on the proposed sanctions.
We also describe an interesting ruling of the Provincial Administrative Court in Warsaw which overturned the decision of President of the Office for Personal Data Protection (UODO) imposing a fine on a data controller for personal data leak. The court held that – against UODO’s opinion − it is not always the controller who is at fault in such cases. The responsibility may also lie with the processor, i.e. the company on whose servers the data is stored. The ruling may mean a complete change in the approach to controllers’ responsibility.
Equally important are issues related to so-called spoofing, i.e. attacks using the possibility of spoofing the phone numbers of banks or a company’s contractors. This is a growing phenomenon and companies should take care to remain secure in this area.
We hope that the new batch of information contained in our alert will be useful to you, making it easier to navigate the regulations and legislative trends, both on the grounds of Polish and EU regulations.
As usual, we wish you a pleasant reading and in case you need additional, more detailed information, please feel free to contact our firm and experts directly.
Subscribe to receive the latest BDO News and Insights
Please fill out the following form to access the download.