The Fifth Directive – The compliance officer’s guide to AML

Nick Henderson, Director of Course Development at VinciWorks
Nick Henderson, Director of Course Development at VinciWorks

The UK is obligated to transpose Directive (EU) 2018/843, commonly known as the Fifth Money Laundering Directive (5MLD), into national law by 10 January 2020. Despite Brexit and the flexible date of Britain leaving the EU, the terms of the implementation of 5MLD are set out in the Withdrawal Agreement between the UK and European Commission. Even if such an agreement doesn’t end up being the foundation of Brexit, the 5th Directive will need to become law in the UK.

The UK is obligated to transpose Directive (EU) 2018/843, commonly known as the Fifth Money Laundering Directive (5MLD), into national law by 10 January 2020. Despite Brexit and the flexible date of Britain leaving the EU, the terms of the implementation of 5MLD are set out in the Withdrawal Agreement between the UK and European Commission. Even if such an agreement doesn’t end up being the foundation of Brexit, the 5th Directive will need to become law in the UK.

In April 2019, the UK government launched its consultation on transposing the Fifth Directive into UK law. It contains a number of important expected changes and additional obligations all compliance officers should know about. For those who wish to respond, the consultation is running until 10 June 2019.

Here, we provide a comprehensive accounting of all the key changes compliance officers should know about the Fifth Directive.

Continue reading

Updated GDPR guide to compliance

The General Data Protection Regulation (GDPR) has been in full force across the EU since 25 May 2019. As of 25 January, 2019, eight months to the day since GDPR came into force, national data protection authorities reported nearly 100,000 complaints from concerned citizens. Google has already been fined by French authorities and several social media giants are currently being investigated.

The law applies to all businesses with customers in the EU, no matter where in the world they are based, and mandates much stricter data protection rules than ever before.

GDPR compliance should be an ongoing process and business must regularly review and, when necessary, update their policies, procedures and training to maintain compliance.

As a companion to our GDPR training suite, we have updated our GDPR compliance guide. The guide is suitable for both organisations who are fully compliant and would like to review the requirements of GDPR and those who have yet to reach full compliance.

Fill out your details below to access the guide:

Fill out my online form.

GDPR Compliance Myth #11: There’s no such thing as free will

Thinking statue
When it comes to GDPR, do users have free will?

Is free will an illusion? Determinist philosophers might think so. Ancient Greek thinkers Leucippus and Democritus were two of the first to theorise that all processes in the world were due to a mechanical interplay at an atomic level, precluding the idea of human beings exercising any kind of free will in a universe operated by deterministic forces.

Aristotle, however, stated that we have the power to do or not to do, and free will can exist when we are aware of the particular circumstances of our actions. However, he still left unanswered the question of defining the choices we make based on causes outside of our control.

On-demand webinar – GDPR Mythbusters 2019

Continue reading

New course release – Phishing Challenge 3.0

Screenshot of VinciWorks' interactive phishing training
VinciWorks’ Phishing Challenge 3.0 can be fully customised to contain emails related to your industry and staff

Periodic phishing training reduces the risk to your organisation

Data from 16,000 completions of the VinciWorks Phishing Challenge shows that 15% of users are at high risk of falling for a phishing scam. That risk level dropped to 5% for users who completed at least two challenges.

VinciWorks has released Phishing Challenge 3.0 with a brand new set of emails to reinforce phishing education. In this simulation, users are presented with a series of suspicious emails and must identify red flags.

Demo Phishing Challenge 3.0

Continue reading

Three Phishing Challenges to assess employee risk

Phishing micro-course banner

Employees are the weakest link in most cyber security attacks. VinciWorks’ Phishing Challenges address this weakness by training employees to spot phishing emails.

This five-minute, mobile-friendly challenges:

  • Educate users on how to spot suspicious emails
  • Produce a report with each employee’s phishing risk score
  • Enable you to identify high-risk employees
  • Challenge users to spot red-flags in real phishing emails

Demo Phishing Challenge 1.0

Demo Phishing Challenge 2.0

Demo Phishing Challenge 3.0

The Phishing Challenges are designed as “micro-courses”, a five-minute, SCORM-compliant e-learning course that can be used in any learning management system to track user completions and risk score.

It is available for free, whether or not you are a VinciWorks client.

Continue reading

On-demand webinar: GDPR Mythbusters 2019 – Are you compliant?

As we approach a year since GDPR came into force, in a recent webinar we revisited our popular GDPR Mythbusters series with a new round of questions and answers about data protection. Our Director of Best Practice Gary Yantin and Director of Course Development Nick Henderson answered the following questions:

  • Are huge GDPR fines a myth?
  • Does anyone actually care about GDPR compliance?
  • Does enforcement really go beyond EU borders?
  • Does GDPR apply to me if I’m not based in the UK?
  • Does GDPR require me to appoint a DPO?

Watch now

Continue reading

GDPR Compliance Myth #10: Like the Bible, GDPR is not meant to be taken literally

Creation of Adam painting

Was the General Data Protection Regulation handed down on tablets of stone? Were its articles intended to be revered, venerated and feared for all time? Or, as many businesses might prefer, is GDPR more of a set of guidelines, good ideas for living a moral life that don’t really matter if they aren’t actually followed?

One could be forgiven for mistaking some GDPR compliance professionals for wandering clerics; preaching the gospel of data protection and warning of the world to come. Yet, like every prophecy, the date of the apocalypse came and went, and nothing much happened… Or did it?

On-demand webinar – GDPR Mythbusters 2019

Continue reading

2018 UK gender pay gap reporting deadline today

Image showing gender pay gap
In the 2017 report, the was no sector where women were being paid more than men

Today is the deadline for reporting the gender pay gap. If you are a private organisation or charity with 250 or more employees, then you must report your 2018 gender pay gap figures to the Government Equalities Office by today. Failure to comply can lead to enforcement action from the Equality and Human Rights Commission, as well as a potentially unlimited fine. Businesses are also required to publish those figures on their website by midnight. This is the second year that organisations are required to report their gender pay gap following changes to the Equality Act.

Last year, data on the gender pay gap submitted showed women in 78% of organisations in the UK were paid more than women, and that there is no sector where, on average, women are paid more than men. With 25%, the construction sector had the worst average gender pay gap. The Equality and Human Rights Commission (EHRC) will hope that the requirement to submit and make publicly available gender pay gaps will help encourage fairness and equality across all sectors.

Continue reading

VinciWorks’ risk-based antitrust law training

Screenshot from the course, Antitrust: Know Your Market

VinciWorks has released a new course as part of our “Know Your Compliance” series. Antitrust Law: Know Your Market is a scenrio-based course that presents the user with a set of realistic characters and scenarios from all walks of life, some of whom may be trying to engage in anticompetitive practices. It is up to users to assess the risk of each situation and decide on the best course of action based on company procedures and the law.

Demo course

Continue reading

GDPR Compliance Myth #9: No one really cares about GDPR compliance

Screenshot from a newspaper article
As GDPR came into force in May 2018, many people questioned the hype around compliance with the regulation

VinciWorks has revisited our popular GDPR mythbusters series to separate the data protection facts from fiction.

GDPR received the kind of hype normally saved for a celebrity meltdown or an Avengers movie. In 2018, the eponymous EU directive, otherwise known as Regulation 2016/679, scored higher in Google search rankings than Beyoncé and Kim Kardashian. GDPR notched up over 300,000 media mentions, three times as many as Mark Zuckerberg managed. It even spawned a sub-culture of memes as EU citizens drowned under a flood of emails informing them of privacy policy updates and “click here to re-subscribe”.

On-demand webinar – GDPR Mythbusters 2019

Continue reading