Sheikh Khalifa Issues Amendments to United Arab Emirates Cybercrimes Law

On August 13, Sheikh Khalifa bin Zayed Al Nahyan, President of the United Arab Emirates, issued Emiri Decree Number 2 of 2018, amending Federal Decree-Law no. (5) of 2012, the 2012 UAE Cybercrimes Law.  Decree Number 2 revises only Articles 26, 28, and 42 of the 2012 law.

Here are the provisions of Articles 26, 28, and 42 and the 2018 amendments thereto:

  • Article 26: This Article criminalizes “establish[ing], manag[ing] or run[ning] a website or publishes information on the computer network or information technology means for the interest of a terrorist group or any unauthorized group, association, organization, or body with the intent to facilitate communication with their leaders or members or attract new members, or to promote or praise their ideas, finance their activities or provide actual assistance thereof or for the purpose of publishing methods for manufacturing incendiary devices or explosives or any other devices used in terrorism acts.”  The 2012 version set the penalties for an Article 26 violation at imprisonment for a period of at least five years and a fine not less than Dh 1,000,000  (US$272,294) and not more than Dh 2,000,000 (US$544,588).  The 2018 amendment increases those penalties to imprisonment of at least 10 years and not more than 25 years and a fine not less than Dh2,000,000 and not in excess of Dh4,000,000 (US$1,089,176).
  • The Article 26 amendments also criminalize establishing, managing or running a website or publishes information on a computer network or information technology means with the aim to incite hate details, and sets the penalty at imprisonment for not more than five years and a fine of not less than Dh500,000 (US$136,147) and not in excess of Dh1,000,000 (US$272,294). In addition, for first-time offenders, a court may require an accused to be placed under electronic probation and monitoring, and prevent the accused from using information technology means during a period not more than the maximum penalty prescribed.
  • Article 28: This Article criminalizes “establish[ing], manag[ing] or run[ning] a website or uses information on the computer network or information technology means with intent to incite acts or publishes or transmits information, news or cartoon drawings or any other pictures which may endanger the national security and the higher interests of the State or afflicts its public order.” The 2012 version set the penalties for an Article 28 violation at temporary imprisonment and a fine not in excess of Dh 1,000,000.  The 2018 amendment adds to the intent clause a provisions addressing attacks on any member of the judicial court system.
  • Article 42: This Article authorizes a court to order deportation of a foreigner who is condemned in any of the crimes specified in the 2012 Law upon execution of the punishment adjudged.  The 2018 amendments provide that subject to the second paragraph of Article No. 121 of the UAE Penal Code, the court may order deportation of a foreigner who is convicted of any of the crimes specified in the 2018 amendments upon execution of the sentence adjudged.  Article 121 specifies that a court may order deportation for any felony or misdemeanor conviction and is sentenced to any term restricting the defendant’s freedom, but must order deportation “in crimes against honor.” It also permits a court to order deportation in lieu of sentencing the convicted defendant to a penalty restricting freedom applicable for misdemeanors.

These amendments reflect only relatively minor changes to the 2012 law, as to which one firm credited the UAE as “the first country in the Middle East to implement such a wide-ranging cyber crime law.”

Credit Suisse Froze $5 Billion of Russian Funds in Response to U.S. Sanctions

On August 22, Reuters reported that during the second quarter of 2018, the Swiss-based global financial institution Credit Suisse froze approximately 5 billion Swiss francs ($5 billion) of money linked to Russia to avoid running afoul of U.S. sanctions against Russia.  The Credit Suisse freeze is noteworthy for two reasons, as explained in the article.  First, “[i]t is rare for a Swiss bank to reveal such details.”  Second, “[w]hile U.S. sanctions do not apply to neutral Switzerland, its banks are obliged to follow suit because they depend on access to the dollar and could be blackballed by the United States for any missteps.”  The article, citing Russian central bank data, reported that approximately $6.2 billion (14 percent of total Russian cross-border outflows) “went to Switzerland in 2017 — almost three times as much as went to the United States.”

The Swiss Financial Market Supervisory Authority (FINMA) publicly states that “Switzerland implements and enforces internationally imposed sanctions against states, individuals and legal entities,” using the Embargo Act as its legal basis.  With regard to sanctions by individual countries, FINMA has shown, notably in its 2014 enforcement action against BNP Paribas (Suisse) SA, that it considers Swiss banks to have a duty to identify, limit, and monitor the risks involved in making transactions with business partners in countries subject to U.S. sanctions and will hold a bank responsible for exposing itself “to unduly high legal and reputational risks.”

As Australians’ Corruption Concerns Increase, Griffith University Study Proposes National Integrity Commission Options

Amidst the continuing turmoil within the Australian government’s senior leadership, two developments this week highlight the extent of the Australian public’s trust in government and concerns over corruption.  On August 20, Griffith University announced the results of a Global Corruption Barometer survey that Griffith University and Transparency International Australia jointly conducted:

  • Trust and confidence in all levels of government decreased over the last year to 46 percent for federal and state levels and 51 percent for local government nationally.
  • Fewer than 2 percent of respondents indicated that they had experienced bribery, but 62 percent indicated concerns about officials or politicians using their position to benefit themselves or their families, and 56 percent indicated concerns about officials favoring businesses and individuals in return for political donations or political support.
  • A surprising 85 percent of respondents indicated that at least “some” federal Members of Parliament are corrupt, and 18 percent indicated that “most/all” Members are corrupt.
  • Only 37 percent indicated that the federal government is doing a “good job”, and only 25 percent indicated that that state government is doing a “good job”, in fighting corruption.
  • In contrast, 67 percent — especially in Victoria, New South Wales, and South Australia — support the idea of creating a new federal anti-corruption body, and respondents “strongly supporting” the idea outnumber respondents “strongly opposing” it by a 4-to-1 margin.

On August 21, Griffith University announced the issuance of a paper reviewing options for a national integrity commission. The paper, titled Strengthening Australia’s National Integrity System: Priorities for Reform, has Griffith University Professors A J Brown and Professor Janet Ransley as lead co-authors.  It sets forth three options for a national integrity commission:

  • Option 1: An Integrity & Anti-Corruption Coordination Council. This option, which would be closest to the existing multi-agency system, would report to the Prime Minister or Attorney-General and provide improved, more formalized coordination between the existing agencies involved.
  • Option 2: An Independent Commission Against Corruption. This option “would involve a best-practice independent, broad-based anti-corruption commission for the Commonwealth,” based on lessons from experience in states such as New South Wales.
  • Option 3: A custom-built Commonwealth Integrity Commission model. This option, the most comprehensive of the three proposals, “would represent a major development in an effort to help address all the main weaknesses of the existing multi-agency system.”  “It would involve a best-practice independent, broad-based public sector anti-corruption commission for the Commonwealth, including lessons from State experience, but also with a broader range of functions relevant to the Commonwealth’s role and present needs – jurisdictionally, nationally and internationally.”

In conclusion, the paper states that “a comprehensive approach [to integrity and anti-corruption] is needed.” It notes that such an approach “requires the Commonwealth to take a leadership role, even if not the sole role, to help ensure that subnational anti-corruption bodies are properly coordinated, share information, participate in the type of improved framework envisaged by Option 3, and help identify where strategic oversight and vigilance by Commonwealth agencies will help make the most difference.”  It further states that “this is also the right opportunity for the Commonwealth, through the Attorney-General’s Department, to resume the unfinished task of a comprehensive national strategic plan to combat corruption.”

Kaspersky Lab Report Highlights Spam and Phishing Trends in Q2 2018

On August 14, Kaspersky Lab issued its quarterly report on spam and phishing trends in the second quarter of 2018.  Among other findings, the report addressed the following trends that may be of interest to corporate compliance and information-security professionals:

  • GDPR-Oriented Phishing Attacks: The report noted a surge in email attacks, using the General Data Protection Regulation (GDPR) as the subject matter, that were directed at customers of financial organizations and information technology service providers. The emails falsely “notified email recipients that they were switching to a new GDPR-compliant policy and asked them to confirm permission to store and process personal information . . . and to update their account information. To do this, customers had to click on the link provided and enter the requested data, [which the phishers directly received].”
  • Malicious IQY Attachments: Researchers observed “never-before-seen IQY (Microsoft Excel Web Query) attachments [to malicious spam]. Attackers disguise these files as invoices, order forms, document copies, etc., which is a known ploy that is still actively used for malspamming. The From field contains addresses that look like personal emails, and names of attachments are generated in accordance with the following template: the name of the attachment, and then either a date or a random number sequence. . . . When the victim opens the IQY file, the computer downloads several trojan-downloaders, which install the Flawed Ammyy RAT backdoor.” The report added that “[i]t is rather difficult to detect these attachments because these files look like ordinary text documents which transfer web-inquiry data transfer parameters from remote sources to Excel spreadsheets.”
  • Data Leaks: These included previously reported instances of large-scale data leaks, such as the hacking and theft of personal information of 27 million Ticketfly customers.
  • Cryptocurrency Schemes: The report stated that cybercriminals “continue using the names of new ICO projects to collect money from potential investors that are trying to gain early access to new tokens. Sometimes phishing sites pop up before official project sites.”
  • World Cup 2018 Schemes: Cybercriminals used the World Cup 2018 “in many traditional scamming methods using social engineering.”
  • HTTPS: The reported observed that “more and more phishing pages are now found on certified domains.”
  • Vacation-Oriented Schemes: Cybercriminal used vacation-oriented fake websites, including airline-ticketing and hotel-booking sites.
  • Distribution Channels: The report stated that “most large-scale attacks were found in messengers and on social networks.”
  • WhatsApp: Cybercriminals are using WhatsApp more frequently to distribute their content.
  • Twitter and Instagram: Twitter “has recently become a breeding ground for fake celebrity and company accounts,” the most popular technique being cryptocurrency giveaways on behalf of celebrities. Fake accounts also were found on Instagram.
  • Search Results: Ads with malicious content and links to phishing sites in the search results pages of major search engines “has recently become a popular method of advertising fake ICO project websites.”
  • New Spammer Tricks: New tricks that spammers used to evade filters included double email headers and automatic mailing list subscription confirmations.
  • Other Trends:
    • Proportion of Spam in Email Traffic: The average percentage of spam in world mail traffic is 49.66 percent, which was 2.16 percentage point lower than the preceding quarter.
    • Sources of Spam by Country: The five leading source countries were China (14.36 percent), the United States (12.11 percent), Germany (11.12 percent), France (4.42 percent), and Russia (4.34 percent).
    • Geography of Phishing Attacks: The five countries with the highest percentage of users attacked by phishing were Brazil (15.51 percent), China (14.77 percent), Georgia (14.44 percent), Kyrgyzstan (13.60 percent), and Russia (13.27 percent).  The United States was not among the top ten countries.
    • Types of Organizations Attacked: The top five types of organizations under attack were global Internet portals (25.01 percent), financial and e-pay organizations and bank (21.10 percent), IT companies (13.83 percent), online stores (8.17 percent), and government and taxes (8.17 percent).

Bank of Ghana Takes Regulatory Actions in Ghanaian Banking Sector

On August 15, the Bank of Ghana, Ghana’s central bank (Bank), announced that it was taking additional regulatory actions to address the failure of seven Ghanaian banks whose licenses had been revoked during the past year.  The Bank stated that

persons whose actions contributed to the collapse of the 7 banks will not be shielded, but will be made to face the full rigour of the relevant laws of Ghana. The Bank of Ghana will pursue administrative and civil action against such persons, and will liaise with relevant investigative and prosecutorial agencies of the State to take appropriate action as needed.

The Bank’s Deputy Governor, Elsie Awadzi, added that “[w]e are working very hard on submitting a dossier on each of these banks to the law enforcement agencies . . . to further investigate criminal behaviour or what could potentially be criminal behaviour and to prosecute.”

Since August 2017, when it revoked the licenses of UT Bank Ltd. and Capital Bank Ltd. due to severe deficiencies in capital and liquidity, the Bank initiated additional investigations into five additional banks: Unibank, Royal Bank, Beige Bank, Sovereign Bank, and Construction Bank.  On August 1, 2018, the Bank appointed a receiver to manage the assets of all five banks and revoked their licenses because they had become insolvent.

In announcing the revocations of the latter five banks, the Bank reported severe improprieties regarding each of the banks:

  • Unibank: “Shareholders, related and connected parties had taken amounts totaling GH¢3.7 billion [US$782,550,000] which were neither granted through the normal credit delivery process nor reported as part of the bank’s loan portfolio. In addition, amounts totaling GH¢1.6 billion [US$338,400,000] had been granted to shareholders, related and connected parties in the form of loans and advances without due process and in breach of relevant provisions of Act 930 [the Banks and Specialised Deposit-Taking Institutions Act, 2016]. Altogether, shareholders, related and connected parties of uniBank had taken out an amount of GH¢5.3 billion [US$1.12 billion] from the bank, constituting 75 percent of total assets of the bank.”
  • Royal Bank: “A number of the bank’s transactions totaling GH¢161.92 million [US$34,246,080] were entered into with shareholders, related and connected parties, structured to circumvent single obligor limits, conceal related party exposure limits, and overstate the capital position of the bank for the purpose of complying with the capital adequacy requirement.”
  • Sovereign Bank: “. . . Sovereign Bank’s licence was obtained by false pretences through the use of suspicious and nonexistent capital.”
  • Beige Bank and Construction Bank: “[B]oth banks obtained their banking licences under false pretences through the use of suspicious and non-existent capital.”

In its August 15 release, the Bank also stated that its regulatory actions include an overhaul of the Bank’s supervisory framework and processes.  As part of that overhaul, the Bank established a new office called the Office of Ethics and Internal Investigations.  Significantly, it noted that the new Office was to “investigate all allegations of misconduct by staff including any role in respect of the collapse of the defunct banks.”  Finally, it stated that it issued a number of directives to strengthen corporate governance, risk management, and the capital base of banks.