Tag: EU

Financial Services Sector Implications of ‘Brexit

Should Britain decide to leave both the EU and EEA as a result of a “Brexit” vote on 23 June 2016, the impact on UK and EU financial services firms could be significant.

The City of London is Europe’s key financial centre and one of the world’s leading financial centres. As such, asset managers, investment banks, retail banks, broker-dealers, corporate finance firms, and insurers choose the United Kingdom to headquarter their businesses, anchoring themselves in a convenient time zone and location from which to access the European and global markets.

A central plank of the European Union’s vision for a single market in financial services is that financial services firms authorised by their local member state regulators may carry on business in any other member state by establishing a local branch or by providing services on a cross-border basis without the need for separate authorisation in every host state. UK-based regulated asset managers (e.g., long-only, hedge fund, and private equity), banks, broker-dealers, insurers, Undertakings for Collective Investment in Transferable Securities Directive (UCITS) funds, UCITS management companies, and investment managers of non-UCITS (known as alternative investment funds or AIFs) have a passporting right to carry on business in any other state in the European Economic Area (EEA) in which they establish a branch or into which they provide cross-border services, without the need for further local registration. Passporting also facilitates the marketing of UCITS and AIFs established in the EEA (EEA AIFs) into other member states.

Members of the EEA (which comprises the 28 EU member states and Norway, Liechtenstein, and Iceland) are subject to the benefits and burdens of the financial services single market directives and regulations, including passporting rights. One outcome of a vote to leave the European Union in the UK referendum to be held on 23 June 2016, would be that the UK leaves the EU but decides to remain in the EEA (with a similar status to, say, Norway)—in which case the impact of a “Brexit” on the financial sector would likely be minimal. Another outcome would be that the UK finds it unpalatable politically to leave the EU whilst remaining in the EEA and therefore decides to leave both the EU and the EEA; it is this scenario that would have significant impact on both UK and EU financial services firms.

Effect on Passporting for UK Financial Services Firms

According to figures released by the European Banking Authority (EBA) in December 2015, more than 2,000 UK investment firms carrying on Markets in Financial Instruments Directive (MiFID) business (e.g., portfolio managers, investment advisers, and broker dealers) benefit from an outbound MiFID passport, and nearly 75% of all MiFID outbound passporting by firms across the EEA is undertaken by UK firms into the EEA. Notably, according to the EBA, 2,079 UK firms use the MiFID passport to access markets in other EEA countries, and the next two highest totals in the EBA list are Cyprus (148 firms) followed by Luxembourg (79 firms). EEA-wide, there are around 6,500 investment firms authorised under MiFID. The United Kingdom, Germany, and France are the main jurisdictions for more than 70% of the MiFID investment firm population of the EU; more than 50% are based in the UK.

We consider that these figures suggest that Continental consumers potentially stand to lose more than UK consumers in terms of the cross-border provision of financial services in the event of a Brexit, which could be a driver for the UK being given a special deal to permit access to continue, although this needs to be weighed against the political imperative that the remaining EU countries would likely feel against being seen as being too accommodating to a country leaving the EU.

In the event of a Brexit where the United Kingdom leaves the EEA, unless special arrangements for the UK were to be agreed between the UK and the EU, and subject to the more detailed comments below, UK firms would cease to be eligible for a passport to provide services cross-border into, or establish branches in, the remaining EEA countries (rEEA) and to market UCITS and AIFs across the rEEA. Instead, local licences would be required, and the use of relatively low-cost branches in multiple member states may have to be reassessed. UK-authorised firms no longer able to passport into the rEEA but wishing to do so would need to consider moving sufficient of their main operations to an rEEA jurisdiction in order to qualify for a passport.

Effect on UK Financial Services Regulatory Law

The EU is a major source of UK financial services regulatory law. Recent UK parliamentary research estimates that EU-related law constitutes one-sixth of the UK statute book. That figure does not include the deposit of more than 12,000 EU “regulations” which take direct effect in each member country (including the UK) in contrast to EU “directives” which must be implemented or “transposed” in local law by each country; EU regulations would cease to apply in the UK post-Brexit. In addition, it would be necessary for the UK to renegotiate or reconfirm a series of EU negotiated free-trade deals that would not automatically be inherited by the UK upon Brexit. Post-Brexit, the UK would need to legislate to “renationalise” voluminous laws rooted in the EU and fill any regulatory gaps in UK legislation once the EU treaties ceased to apply.

It would be open to the UK merely to incorporate directly applicable EU regulations into UK law. This might be the easiest course of action, given the volume and breadth of issues which would need to be addressed by the UK government in the event of a vote to leave the EU.

Accordingly, in contrast to the impact that the UK leaving the EEA would have on passporting, the UK regulatory environment for financial services firms may not change dramatically in the event of a Brexit, at least in the short-term. Furthermore, any subsequent changes to the UK regime are more likely than not to be deregulatory in nature and therefore favourable to UK firms. In relation to the AIFMD, to take one example, the UK government would have the option to introduce a more tailored and proportionate regime for fund managers managing AIFs with lower risk profiles.

Pre-Referendum Planning

Planning for a Brexit is difficult without knowing what a post-Brexit landscape would look like (as yet, this is a “known unknown”). However, in the run up to the UK referendum, it seems prudent for UK financial institutions to consider the impact of a Brexit on the terms of any new contracts being entered into and, if relevant, seek to make provision for a Brexit (e.g., by including Brexit in a force majeure provision; providing for termination rights in the event of a Brexit and adapting references to the EEA to continue to cover the UK, if appropriate).

Passporting aside, UK firms will also need to assess the practical issues that would arise in the event of a Brexit. For instance, investment strategies that permit investments in the EEA may need to be amended in order for investments in the UK to continue to be permitted. Similarly, a Brexit may impact the terms of product distribution agreements and other service agreements.

Alternative Investment Fund Managers Directive (AIFMD)

If the UK were to leave the EEA, then, potentially: UK AIFMs would be treated as non-rEEA AIFMs, marketing by UK AIFMs of AIFs to rEEA investors would have to be undertaken on the basis of member state private placement regimes, and UK AIFMs would no longer be able to manage (from the UK) an AIF established in an rEEA member state without being locally authorised in that member state to do so. Further, UK AIFMs that utilise AIFMD passports for MiFID investment services to provide segregated client portfolio management and/or advisory services on a cross-border basis would cease to be able to use those passports. Conversely, rEEA AIFMs that seek to manage or market AIFs in the UK or provide MiFID investment services to clients in the UK in reliance on AIFMD passports would no longer be able to do so.

However, unlike other single-market directives, the AIFMD provides for its regime to be extended to non-EEA managers, and this offers a potential “third way” should the UK not remain in the EEA. If the UK were to leave its current AIFMD compliant regime in place, it ought to be technically straightforward, following a Brexit, for the AIFMD to be extended to the UK. In this scenario, UK AIFMs could continue to be authorised under the regime and be entitled to use the AIF marketing and management passports (a non-rEEA manager passport). This possibility may influence the UK government to leave the current UK regime unchanged in the event of a vote to leave the EU. However, any such extension of the AIFMD would require a positive opinion from the European Securities and Markets Authority (ESMA) and a decision by the EU Commission, so there would be a political dimension to it that would likely introduce uncertainty.

It is important to note, though, that the use by a UK AIFM of a non-rEEA manager passport would be subject to a number of conditions prescribed by the AIFMD that would have material practical implications. In particular,

  • a UK AIFM would need to be authorised by the regulator in its rEEA “member state of reference” (this would be determined in accordance with the AIFMD by reference to where in the rEEA the manager is proposing to manage and/or market funds). This regulator could not be the Financial Conduct Authority (FCA), so the use of a non-rEEA manager passport would involve dual regulation and supervision—by the FCA in the UK and by a regulator in an rEEA country in relation to compliance with the directive for funds managed or marketed in rEEA countries (the guidance and approach to application and interpretation of the directive by the regulator and local rules in the member state of reference may well differ from that of the FCA);

  • it would be necessary to establish a legal representative in the member state of reference in order to be the contact point between the manager and rEEA regulators, and the manager and rEEA investors. The legal representative would be required to perform the compliance function relating to funds managed or marketed in rEEA countries; and

  • disputes with rEEA investors in a fund managed/marketed by a manager using a non-rEEA manager passport would need to be “settled in accordance with the law of and subject to the jurisdiction of a Member State”—this would preclude the use of UK courts as a forum for disputes with investors.

UK AIFMs should also note that the AIFMD does not provide for a non-rEEA manager passport to cover the provision of MiFID investment services on a cross-border basis. Accordingly, even if the AIFMD were to be extended to the UK so that UK AIFMs could use a non-rEEA manager passport to manage and/or market AIFs in the rEEA, in the event of the UK not remaining in the EEA, UK AIFMs providing cross-border MiFID investment services within the rEEA (e.g. discretionary management/advisory services for separate account clients) may need to think about where the services are in fact being provided and whether local authorisation would be required to continue the provision of those services. For the provision of MiFID investment services, this would re-establish the position prior to the implementation of the Investment Services Directive (the precursor of MiFID) in the mid-1990s.

Undertakings for Collective Investment in Transferable Securities Directive (UCITS)

A UCITS fund must by definition be EEA domiciled, as must its management company. Currently, both UCITS funds and their EEA managers benefit from the passport. UCITS funds are passportable into any other member state for the purposes of being marketed locally to the public and management companies can set up branches and/or provide services cross-border into other member states (e.g., a UK-based management company can provide management services to a UCITS fund based in any other EEA country such as, for example, Ireland or Luxembourg). UK UCITS funds and management companies established pre-Brexit would no longer qualify as UCITS post-Brexit. UK-based UCITS funds would no longer be automatically marketable to the public in the rEEA and would therefore become subject to local private placement regimes. Conversely, a UCITS fund established, say, in Ireland or Luxembourg, would no longer be marketable in the UK to the general public, and a management company based in Ireland or Dublin would no longer be entitled to provide management services to a UK-based UCITS fund.

Accordingly, consideration would need to be given to migrating UK UCITS funds to an rEEA country. Otherwise, UK UCITS funds would become subject to the AIFMD regime instead of the UCITS regime and would be subject to additional restrictions and unavailable to most types of retail investor. UK UCITS management companies would have to migrate to rEEA in order to continue to benefit from the passport.

The Markets in Financial Instruments Directive (MiFID)

MiFID gives EEA investment firms authorised in their home EEA country a passport to conduct cross-border business and to establish branches in other EEA countries, free from additional local authorisation requirements. MiFID prohibits member states from imposing any additional requirements in respect of MiFID-scope business on incoming firms that provide cross-border services within their territory, but does allow host territory regulators to regulate passported branches in areas such as conduct of business.

UK-regulated firms that undertake MiFID business would no longer be able to rely on the passport to undertake MiFID business in rEEA and might have to restructure accordingly. Conversely, rEEA firms that seek to undertake MiFID business in the UK would no longer be able to do so and might also have to restructure. However, in contrast to UCITS, that outcome is potentially leavened by the new third-country regime indicated by the recast Markets in Financial Instruments Directive (MiFID II).

The impact on the provision of cross-border MiFID investment services might be diluted by the regime under MiFID II permitting non-EEA firms to provide investment services to professional clients on a pan-EEA basis upon registration with ESMA, but this would not be an immediate solution, as it would be subject to ESMA making an equivalence determination under MiFID II in relation to the UK, and the timing would be highly uncertain (in particular, MiFID II seems unlikely to come into effect until January 2018, which will be 18 months after the UK referendum). The UK could implement an equivalent regime (in practice, largely by not repealing or amending its EU-generated legislative inheritance and “renationalising” it) to secure its status as an “equivalent” third country with which EEA firms can do business. However, it seems unlikely, given the technical difficulties and delays being experienced generally by ESMA in relation to MiFID II implementation, that an equivalence determination for any non-EEA firms will be high on the agenda until sometime following January 2018.
UK financial institutions would need to consider the regulatory perimeter in each rEEA country in which a financial institution wishes to undertake business. Conversely, rEEA financial institutions would need to consider the UK perimeter to identify what activities by them in the UK would engage a registration requirement locally in the UK.

On the other hand, equivalency considerations aside, the proposals under MiFID II for the unbundling of research and trading fees would fall away in the UK and remain in the rEEA. The unpopular cap on bonuses for systemically important banks and investment firms brought in by the Capital Requirements Directive (CRD) would also fall away in the UK but remain in the rEEA. Notably, the EBA has recently indicated that the bonus cap should be imposed on all firms subject to the CRD, which would implicate a huge increase in the number of banks and investment firms subject to the cap. On 29 February, it was announced that FCA and the Prudential Regulation Authority had decided to reject that advice on the basis of proportionality. Accordingly, even without a Brexit, the UK is already implementing a policy which should put it at a competitive advantage to other EEA countries that decide to follow the EBA’s guidelines.

Under MiFID, EEA countries must permit investment firms from other EEA countries to access regulated markets, clearing and settlement systems established in their country. Post-Brexit, UK investment firms would no longer be able to rely on those provisions, but nor would rEEA firms looking to access the UK. It is precisely this possibility of “mutually assured destruction”—combined with the UK’s status as Europe’s leading financial centre—that could drive some hard bargaining post-Brexit by both sides towards a constructive outcome in favour of continuing integrated financial markets and services.

The European Market Infrastructure Regulation (EMIR)

EMIR applies to undertakings established in the EEA (except in the case of AIFs, wherever established, where it is the regulatory status of the manager under AIFMD which is key) that qualify as “financial counterparties” or “non-financial counterparties.” Since, post-Brexit, a UK undertaking would no longer be established in the EEA, under EMIR, UK undertakings that are currently financial counterparties or non-financial counterparties would become third-country entities (TCEs) for EMIR purposes.

Post-Brexit, UK undertakings—along with other TCEs—would not be able to avoid EMIR altogether, as a number of its provisions have extraterritorial effect, including in relation to key requirements such as margin for uncleared trades and mandatory clearing. The trade reporting obligation, however, does not apply to TCEs. The UK government would need to consider whether to introduce similar reporting requirements domestically, particularly given the size and importance of the UK derivatives market. If UK undertakings became TCEs, they would be required to determine whether they would be financial counterparties or non-financial counterparties if they were established in the rEEA, an exercise which would be straightforward.

In any event, UK undertakings subject to the clearing and margin requirements of EMIR pre-Brexit would remain subject to such requirements when entering into derivatives transactions with rEEA firms post-Brexit. Importantly, the exemption from the forthcoming mandatory clearing requirement for UK pension scheme trustees would cease to apply post-Brexit. Accordingly, a UK pension scheme would no longer be able to rely on the EMIR exemption when entering an OTC derivative contract with an rEEA counterparty.

The City of London boasts some of the world’s largest clearing houses, and at least three of them are currently permitted under EMIR to provide clearing services to clearing members and trading venues throughout the EEA in their capacity as ESMA-authorised central counterparties (CCPs). Post-Brexit, however, a UK CCP would become a third-country CCP. Under EMIR, a third-country CCP can only provide clearing services to clearing members or trading venues established in the EEA where that CCP is specifically recognised by ESMA. This would require, among other things, clearing houses operating out of London to apply to ESMA for recognition, the European Commission to pass an implementing act on the equivalence of the UK’s regime to EMIR, and relevant cooperation arrangements to be put in place between the rEEA and the UK—a lengthy process overall. Financial institutions based in rEEA will certainly want to continue to access UK regulated markets and CCPs.

Article By Simon Currie & William Yonge of Morgan, Lewis & Bockius LLP

Copyright © 2016 by Morgan, Lewis & Bockius LLP. All Rights Reserved.

Department of Commerce Releases Fact Sheet on EU-U.S. Privacy Shield

As we reported yesterday, the United States and the European Commission have reached a political agreement on a new framework for transatlantic data flows, referred to as the EU-U.S. Privacy Shield.  The U.S. Department of Commerce (“Commerce”) released a fact sheet yesterday to coincide with the announcement of the agreement.

The fact sheet includes a series of bullet points listing ways in which the Privacy Shield (1) “significantly improves commercial oversight and enhances privacy protections,” and (2) “demonstrates the U.S. Commitments to limitations and safeguards on national security.”  On the first point, Commerce states that “EU individuals will have access to multiple avenues to resolve concerns,” including alternative dispute resolution at no cost to individuals.  In addition, Commerce “will step in directly and use best efforts to resolve referred complaints” using a “special team with significant new resources.”  On the second point, the fact sheet references President Obama’s executive actions to enhance privacy protections and oversight relating to U.S. government surveillance activities.  Finally, Commerce states that “the United States is making the commitment to respond to appropriate requests” regarding U.S. intelligence activity, in a manner that is consistent with national security obligations.

Article By David J. Bender of Covington & Burling LLP
© 2016 Covington & Burling LLP

Agreement Reached on New EU-U.S. Safe Harbor: the EU-U.S. Privacy Shield

On February 2nd, 2016, the European Commission and U.S. Government reached political agreement on the new framework for transatlantic data flows.  The new framework – the EU-U.S. Privacy Shield – succeeds the EU-U.S. Safe Harbor framework (for more on the Court of Justice of the European Union decision in the Schrems case declaring the Safe Harbor invalid, see our earlier post here).  The EU’s College of Commissioners has also mandated Vice-President Ansip and Commissioner Jourová to prepare the necessary steps to put in place the new arrangement.

The EU-U.S. Privacy Shield

According to the Commission press release, there will be several new elements to the EU-U.S. Privacy Shield, as compared with the invalidated EU-U.S. Safe Harbor framework.  For instance, in addition to subjecting participating U.S. companies to certain as-yet unspecified safeguards, the Privacy Shield will include:

  • An annual joint review of the program performed by the European Commission and U.S. Department of Commerce – to which European data protection authorities will be invited – to ensure its proper functioning.  This will include a review of access by U.S. intelligence agencies to EU-originating data.

  • Enhanced rights of redress for European data subjects, including (i) subjecting U.S. organizations to firmer deadlines when responding to complaints, (ii) allowing EU citizens and EU data protection authorities to refer complaints to the U.S. Department of Commerce and the U.S. Federal Trade Commission, (iii) establishing, as a last resort, a new binding alternative dispute resolution mechanism to resolve complaints that will be voluntary and free to data subjects, capable of issuing binding injunctive orders, and subject to judicial review consistent with the U.S. Federal Arbitration Act, and (iv) creating a new “Ombudsperson” within the U.S. State Department to handle complaints – channeled through EU Member State representatives – that relate to U.S. intelligence agencies’ access to data.  Disputes relating to human resources/employee data will remain subject to an alternative process that entails somewhat closer involvement of EU data protection authorities, similar to the current Safe Harbor.

Moreover, it is reported that the U.S. Director of National Intelligence will confirm by official letter to the EU that U.S. intelligence agencies do not engage in “indiscriminate mass surveillance” of data transferred under the new arrangement.

The Privacy Shield is expected to retain or enhance many of the elements contained in the original Safe Harbor framework, including substantive commitments made by U.S. companies on such matters as furnishing appropriate notices to EU citizens, maintaining the security of transferred data, and tightened restrictions on onward transfers.  The precise nature of these obligations is not yet known, but will become clearer in the weeks ahead.

Next steps

The EU College of Commissioner’s has mandated Vice-President Ansip and Commissioner Jourová to, over the coming weeks, prepare a draft Decision declaring the U.S. to ensure an adequate level of protection.  The adoption of such a Decision by the Commission must follow a “comitology” procedure which will involve:

  • a proposal from the Commission;

  • an opinion by EU Member States’ data protection authorities and the European Data Protection Supervisor (“EDPS”), in the framework of the Article 29 Working Party;

  • an approval from the “Article 31 Committee”, composed of representatives of Member States, under the comitology “examination procedure”;

  • the formal adoption of the Decision by the College of Commissioners;

  • at any time, the European Parliament and the Council may request the Commission to maintain, amend or withdraw the adequacy decision on the grounds that its act exceeds the implementing powers provided for in the Directive.

The effect of such a Commission Adequacy Decision is that personal data can flow from the 28 EU countries and three EEA member countries (Norway, Liechtenstein and Iceland) to the U.S. without any further safeguards being necessary.

Commissioner Jourová hopes for the new arrangement to be in force in approximately 3 months’ time.  The U.S. Government, in the meantime, will make the necessary preparations to put in place the new framework, monitoring mechanisms, and new Ombudsperson.

Tomorrow (February 3rd, 2016), Commissioner Jourová will attend the plenary meeting of the Article 29 Working Party to discuss the role of the EU data protection authorities under the EU-U.S. Privacy Shield.  The U.S. Department of Commerce is, in parallel, planning further briefings about the text.

Article By Daniel P. CooperPhilippe Bradley-Schmieg & Joseph Jones of Covington & Burling LLP
© 2016 Covington & Burling LLP

ECJ Rules EU-US Safe Harbor Programme Is Invalid

The powers of EU data protection authorities are significantly strengthened by the decision, allowing them to suspend some or all personal data flows into the United States in certain circumstances.

In Maximillian Schrems v. Data Protection Commissioner (case C-362/14), the European Court of Justice (ECJ) has ruled[1] that the European Commission decision approving the Safe Harbor programme is invalid. Further, the ECJ ruled that EU data protection authorities do have powers to investigate complaints about the transfer of personal data outside Europe (whether by Safe Harbor-certified organisations or otherwise, but excluding countries deemed as having “adequate” data protection laws according to the EU). Finally, the ECJ ruled that data protection authorities can, where justified, suspend data transfers outside Europe until their investigations are completed.

Safe Harbor Programme

According to the European Commission, the United States is a country with “inadequate” data protection laws. The European Commission and the US Department of Commerce, therefore, agreed in 2000 to a self-certification programme for US organisations that receive personal data from Europe. Pursuant to the self-certification programme, a US organisation receiving personal data from Europe must certify that it adhered to certain standards of data processing comparable with EU data protection laws such that the EU citizens’ personal data was treated as adequately as if their personal data had remained in Europe. The Safe Harbor programme is operated by the US Department of Commerce and enforced by the Federal Trade Commission. Over 4,000 organisations have current self-certifications of adherence to Safe Harbor principles.[2]

The Schrems Case

Mr. Schrems complained in Irish legal proceedings that the Irish Data Protection Commissioner refused to investigate his complaint that the Safe Harbor programme failed to protect adequately personal data after its transfer to the US in light of revelations about the National Security Agency’s (NSA’s) PRISM programme. The question of whether EU data protection authorities have the power to investigate complaints about the Safe Harbor programme was referred to the ECJ. Yves Bot, Advocate General at the ECJ, said in an opinion released on 23 September 2015 that the Safe Harbor programme  does not currently do enough to protect EU citizens’ personal data because such data was transferred to US authorities in the course of “mass and indiscriminate surveillance and interception of such data” from Safe Harbor-certified organisations. Mr. Bot was of the opinion that the Irish Data Protection Commissioner, therefore, had the power to investigate complaints about Safe Harbor-certified organisations and, if there were “exceptional circumstances in which the suspension of specific data flows should be justified”, to suspend the data transfers pending the outcome of its investigation.

The ECJ followed Mr. Bot’s opinion and, further, declared that the European Commission’s decision to approve the Safe Harbor programme in 2000 was “invalid” on the basis that US laws fail to protect personal data transferred to US state authorities pursuant to derogations of “national security, public law or law enforcement requirements”. Furthermore, EU citizens do not have adequate rights of redress when their personal data protection rights are breached by US authorities.

The EU-US Data Protection Umbrella Agreement

In the last two years, the European Commission and various data protection working parties have discussed ways to improve the Safe Harbor programme and strengthen rights for EU citizens in cases where their personal data is transferred to the United States. Recently, the United States and European Union finalised a data protection umbrella agreement to provide minimum privacy protections for personal data transferred between EU and US authorities for law enforcement purposes. The umbrella agreement will provide certain protections to ensure that personal data is protected when exchanged between police and criminal justice authorities of the United States and the European Union. The umbrella agreement, however, does not apply to personal data shared with national security agencies.

The umbrella agreement also provides that EU citizens will have the right to seek judicial redress before US courts where US authorities deny access or rectification or unlawfully disclose their personal data. Currently, US citizens have the right to seek judicial redress in the European Union if their data—transferred for law enforcement purposes—is misused by EU law enforcement authorities. EU citizens, however, do not have corresponding rights of redress in the United States. A judicial redress bill has been introduced in the US House of Representatives; adoption of the bill would allow the United States and European Union to finalise the umbrella agreement.

Key Findings of the ECJ Decision

The key findings of the ECJ decision are as follows (quotes indicate excerpts from the ruling itself):

“The guarantee of independence of national supervisory authorities is intended to ensure the effectiveness and reliability of the monitoring of compliance with the provisions concerning protection of individuals”.

The powers of supervisory authorities include “effective powers of intervention, such as that of imposing a temporary or definitive ban on processing of data, and the power to engage in legal proceedings”.

The Safe Harbor programme “cannot prevent persons whose personal data has been or could be transferred to a third country from lodging with the national supervisory authorities a claim. . .concerning the protection of their rights and freedoms”.

National courts can consider the validity of the Safe Harbor programme, but only the ECJ can declare that it is invalid.

Where the national data protection authorities find that complaints regarding the protection of personal data by Safe Harbor-certified companies are well-founded, they “must. . .be able to engage in legal proceedings”.

Organisations self-certified under the Safe Harbor programme are permitted to “disregard” the Safe Harbor principles to comply with US national security, public interest, or law enforcement requirements.

There is no provision in the Safe Harbor programme for protection for EU citizens against US authorities who gain access to their personal data transferred to the United States pursuant to the Safe Harbor programme. There is only a provision for commercial dispute resolution.

The EU Data Protection Directive[3] “requires derogations and limitations in relation to the protection of personal data to apply only in so far as is strictly necessary”, but there is no such requirement applicable in the United States following the transfer of personal data pursuant to the Safe Harbor programme.

The Safe Harbor programme “fails to comply with the requirements” to protect personal data to the “adequate” standard required by the EU Data Protection Directive and is “accordingly invalid”.

Other Options to Transfer Personal Data to the United States

Safe Harbor-certified organisations should note that there are other options to transfer personal data to the United States, including express consent and the use of Binding Corporate Rules or EU-approved model clause agreements. Organisations using Safe Harbor-certified vendors may wish to discuss these other options with their vendors. There is, however, a risk that this decision could affect these other options, as national security derogations are likely to override the protection of personal data regardless of how it is transferred, with the only exception being the specific and informed consent of an individual to the transfer of his or her personal data to governmental authorities for national security purposes.

Conclusion

The ECJ decision is likely to take the European Commission by surprise.

The powers of national data protection authorities are significantly strengthened by this decision. They could allow data protection authorities to suspend some or all personal data flows into the United States in serious circumstances and where there is a justifiable reason to do so. There is a risk that a data protection authority could order that the data transfers by an international organisation outside of Europe be suspended from that jurisdiction, whereas data transfers in other European jurisdictions are permitted. To mitigate this risk, the European Commission is entitled to issue EU-wide “adequacy decisions” for consistency purposes.

The European Commission has today announced that it intends to release guidance for Safe Harbor-certified companies within the next two weeks.

Article By Stephanie A. “Tess” BlairDr. Axel Spies & Pulina Whitaker of Morgan, Lewis & Bockius LLP
Copyright © 2015 by Morgan, Lewis & Bockius LLP. All Rights Reserved.

[1] See Judgment of the Court (Grand Chamber) (6 October 2015)

[2] See Safe Harbor List.

[3] Directive 95/46/EC

EU Official Calls for Invalidation of EU–U.S. Safe Harbor Pact

A European Court of Justice (ECJ) advocate general, Yves Bot, has called for the European Union–U.S. Safe Harbor Agreement to be invalidated due to concerns over U.S. surveillance practices (press release here, opinion here). The ECJ has discretion to reject the recommendation, but such opinions are generally followed. A final decision on the issue is expected to be issued late this year or next year.

The issue arises out of the claims of an Austrian law student, Max Schrems, who challenged Facebook’s compliance with EU data privacy laws. (The case is Schrems v. (Irish) Data Protection Commissioner, ECJ C-362/14.) He claims that the Safe Harbor Framework fails to guarantee “adequate” protection of EU citizen data in light of the U.S. National Security Agency’s (NSA) surveillance activities. Although the Irish data protection authority rejected his claim, he appealed and the case was referred to the ECJ.

The European Data Protection Directive prohibits data of EU citizens from being transferred to third countries unless the privacy protections of the third countries are deemed adequate to protect EU citizens’ data. The U.S. and EU signed the Safe Harbor Framework in 2000, which permits companies self-certify to the U.S. Department of Commerce (DOC) annually that they abide by certain privacy principles when transferring data outside the EU. Companies must agree to provide clear data privacy and collection notices and offer opt-out mechanisms for EU consumers.

In 2013, former NSA contractor Edward Snowden began revealing large-scale interception and collection of data about U.S. and foreign citizens from companies and government sources around the globe. The revelations, which continue, have alarmed officials around the world, and already prompted the European Commission to urge more stringent oversight of data security mechanisms. The European Parliament voted in March 2014 to withdraw recognition from the Safe Harbor Framework. Apparently in response to the concern, the Federal Trade Commission (FTC) has taken action against over two dozen companies for failing to maintain Safe Harbor certifications while advertising compliance with the Framework, and in some cases claiming compliance without ever certifying in the first place. For more, see here (FTC urged to investigate companies), here (FTC settles with 13 companies in August 2015), and here (FTC settles with 14 companies in July 2014).

Advocate General Bot does not appear to have been mollified by the U.S. efforts, however. He determined that “the law and practice of the United States allow the large-scale collection of the personal data of citizens of the [EU,] which is transferred under the [S]afe [H]arbor scheme, without those citizens benefiting from effective judicial protection.” He concluded that this amounted to interference in violation of the right to privacy guaranteed under EU law, and that, notwithstanding the European Commission’s approval of the Safe Harbor Framework, EU member states have the authority to take measures to suspend data transfers between their countries and the U.S.

While the legal basis of that opinion may be questioned, and larger political realities regarding the ability to negotiate agreements between the EU and the U.S. are at play, if followed by the ECJ, this opinion would make it extremely difficult for companies to offer websites and services in the EU. This holds true even for many EU companies, including those that may have cloud infrastructures that store or process data in U.S. data centers. It could prompt a new round of negotiations by the U.S. and European Commission to address increased concerns in the EU about surveillance.

Congressional action already underway may help release some tension, with the House Judiciary Committee unanimously approving legislation that would give EU consumers a judicial right of action in the U.S. for violations of their privacy. This legislation was a key requirement of the EU in an agreement in principle that would allow the EU and U.S. to exchange data between law enforcement agencies during criminal and terrorism investigations.

Although the specific outcome of this case will not be known for months, the implications for many businesses are clear: confusion and continued change in the realms of privacy and data security, and uncertainty about the legal rules of the game. Increased fragmentation across the EU may result, with a concomitant need to keep abreast of varying requirements in more countries. Change and lack of harmonization is surely the new normal now.

Article By Sheila A. MillarTracy P. Marshall & Nathan A. Cardon of Keller and Heckman LLP

© 2015 Keller and Heckman LLP

FIVE MINUTES ON… Anti-Bribery and Corruption Laws in Europe

Anti-bribery and corruption has been a hot topic in the US for almost 40 years. The topic has historically however received much less attention within Europe. That is now changing as Europe is beginning to catch up and many European countries have already implemented anti-bribery laws much stricter than those in the US. Recent events have put the topic back on the agenda and we can expect further debate on the effectiveness and efficacy of enforcement in Europe.

The levels of perceived corruption within Europe are generally quite good. Transparency International publish an annual Corruptions Perceptions Index which shows the perceived levels of corruption in 175 countries globally. In its 2014 report, the average score across the EU and Western Europe was 66 (with 0 being highly corrupt and 100 being very clean), much better than the global average of 43. Even those countries with the lowest scores in the EU and Western Europe, being Greece, Romania and Italy, had a score of 43, consistent with the global average. Seven of the top 10 least corrupt countries are actually in Europe (Denmark, Finland, Sweden, Norway, Switzerland, Netherlands and Luxembourg).

Over the last five or so years, countries within Europe have been overhauling their existing, in many cases insufficient, anti-bribery regimes and some countries have implemented anti-bribery laws for the first time. We consider some of the specific regimes below along with their differences and similarities. The majority, if not all, are actually stricter than the laws in the US. The differences of the laws in Europe to the laws in the US have been somewhat of a surprise to many organisations who currently comply with the laws in the US and who don’t necessarily realise that they now need to enhance their practices to comply with more stringent regimes.

What’s Been Happening Across the Pond?

In the US, the Foreign Corrupt Practice Act (FCPA) came into force on 19 December 1977. The FCPA criminalises the paying or offering of a bribe to a foreign official, although the public official themselves do not commit an offence by receiving the bribe. The FCPA requires organisations to have accounting and other controls in place to prevent and detect bribery, but does not specifically require broader anti-bribery programmes. As well as US organisations, the FCPA has extraterritorial reach and catches any other organisation that uses any means of US commerce, including mails, emails, faxes, bank transactions, and similar acts.

Top of the Class: the Uk

Much of the change in approach within Europe and indeed further afield has arguably been led by the introduction in the UK of the Bribery Act 2010 (Bribery Act), which came into force on 1 July 2011, and which is thought to be the strictest anti-bribery legislation in the world.

Similarities between the FCPA and the Bribery Act Differences between the FCPA and the Bribery Act

Territorial Reach

The Bribery Act has a wide territorial reach. It extends not only to offences committed in the UK but also to offences committed outside the UK where the person committing them has a close connection with the UK by virtue of them being a British national or ordinarily resident in the UK, a body incorporated in the UK or a Scottish partnership. For corporations, the corporate offence in the Bribery Act extends to UK as well as non-UK organisations that carry on business or part of a business in the UK. So, for example, a Spanish company that exports to the UK can be in breach of the corporate offence for bribery occurring in Spain, even though that bribery does not involve any UK connected person.

Penalties

The penalties available for breaches of the Bribery Act are severe. They include an unlimited fine, up to 10 years in prison, and orders for directors to be disqualified. Companies can also be prohibited from public procurement and the proceeds from the bribe, for example the monies gained from a contract obtained through corruption, can be confiscated. Penalties under FCPA are slightly less severe with fines being capped to US$2 million (for corporations) and imprisonment for individuals being limited to a maximum of five years.

All Bribes Are Caught, Even Business-to-Business!

Arguably the single most important difference between the Bribery Act and the FCPA is that the Bribery Act prohibits the offering or receiving of a bribe and the bribery of Foreign Public Officials. Unlike the FCPA, the Bribery Act therefore captures private (business to business) bribery and also makes it an offence to receive a bribe as well as pay/offer to pay one. Directors and senior managers can also be found guilty of an offence if their organisation commits one of these offences with their consent or connivance.

Facilitation Payments

Facilitation Payments are payments made to expedite or secure the performance of a “routine government action”. The FCPA expressly authorises such payments. In the UK, such payments are prohibited under the Bribery Act.

The Corporate Defence

The Bribery Act also introduces a corporate offence of failing to prevent a bribe being paid, for which it will be a defence for an organisation to show that it has “adequate procedures” in place to prevent such bribery. Guidance produced by the UK Ministry of Justice explains that these “adequate procedures” need to be guided by six principles: Top-level commitment; Risk assessment; Proportionate procedures; Due diligence; Communication (including training) and Monitoring and review. As stated above, FCPA only requires accounting and other controls to prevent and detect bribery, nothing broader.

Other EU Member States

Most EU Member States have enacted anti-bribery laws with heavy fines. When compared to the Bribery Act, however, such laws are generally more limited in scope and tend to focus on bribery of public officials. Most are however at least consistent with FCPA.

In France, most of the French anti-corruption provisions relevant to businesses are laid down in the French Criminal Code and relate to both the public and private sector and both the offeror and the recipient. Like the UK, the law in France also has an extraterritorial reach and will interestingly apply amongst other situations, where the victim of the bribe is a French national. Penalties for breach of French laws include imprisonment for, in some cases, up to 15 years and financial penalties including, for companies, fines of, in some cases, up to €5 million or twice the amount of the proceeds stemming from the offence. Unlike the UK, there are in France, however, no legal requirements for implementing preventive procedures.

Germany’s anti-bribery laws are contained in the Criminal Code, which prohibits offering, paying or accepting a bribe in domestic or foreign transactions. Separately, civil liability can, if certain criteria are met, attach to companies for offences committed on their behalf due to the Administrative Offences Act. Owners/managers can also be found liable in certain situations. Penalties include five years’ imprisonment (10 years’ imprisonment in severe cases involving a member/official of a public body), a criminal fine and confiscation of monies obtained from the bribe. The Criminal Code also applies to offences committed abroad. One of the key cases to be enforced in Germany was that against Siemens AG, who paid German authorities almost €600 million in fines after they were investigated for paying bribes to secure public-works contracts in a number of countries. This was in addition to fines paid in the US for breaching FCPA.

In the Netherlands, anti-corruption and bribery laws are predominantly aimed at attempts to bribe public officials. Unlike the UK, Dutch law has relatively limited jurisdictional reach. For example, a foreign non-Dutch company that has committed acts of bribery of a non-Dutch foreign official outside the Netherlands is not subject to the criminal laws of the Netherlands. The maximum penalty under Dutch law is a fine of €740,000 for each case of bribery and for individuals, imprisonment for four years (one year for private commercial bribery) and a fine of up to €74,000.

Outlook

While most Member States have clearly improved their anti-bribery regimes in recent years, what seems to be the biggest hurdle is insufficient enforcement and the considerable differences in the enforcement levels across Europe, in particular when it comes to bribery abroad. Relying on the UK (or the US) will soon stretch the already limited resources that individual countries can bring to bear. It seems that the European Union itself will take action in the foreseeable future. Certainly there would be jurisdictional concerns as regards the criminal aspects for individuals, but the Commission’s war on cartels has shown that it is well-suited to enforcing policy. Currently, however, the Commission contends itself with issues in a biannual report on corruption in each Member State.

Given the extra-territorial reach discussed above, European businesses need to make sure that they are compliant with all the different antibribery laws that could affect their business. This is not only the laws in their own countries, but also the laws abroad. Many organisations acting internationally and globally are seeking compliance with the Bribery Act as compliance with the Bribery Act should be sufficient to also achieve compliance with any other anti-bribery legislation.

ARTICLE BY Rob ElvinLouise Roberts & Tim Wünnemann of Squire Patton Boggs (US) LLP

© Copyright 2015 Squire Patton Boggs (US) LLP

EU Investigating Geo-Blocking of Online Video Games

On May 6, 2015, the European Competition Commission released a new Digital Single Market Plan, and simultaneously launched a broad antitrust investigation into e-commerce.  The DSM plan, consisting of sixteen proposals, seeks to create a single digital European market where access to digital goods and services is unfettered across all 28 member states.  The European Competition Commission will investigate whether firms’ restrictions on cross-border online trade violate the EU competition laws, and attempt to remedy them through enforcement mechanisms.  High on the list is the geo-blocking of online content, including video games.  The impending probe will likely target some large U.S. technology companies.

Geo-blocking is a technical barrier that allows online merchants to charge different prices or restrict users’ access based on physical location or credit card information.  For example, a German resident may have to pay more for a pair of shoes purchased online from an Italian retailer than someone living in Italy.  With respect to gaming, the investigation will focus on the geo-blocking of video games that are sold online for use on personal computers.  The Digital Single Market plan is highly critical of geo-blocking―which it describes as violating the EU’s goal of free movement of commerce within its borders―and proposes to eliminate the practice altogether.  But the Competition Commission cannot seek to change a firm’s business practice unless it violates EU antitrust law, necessitating a rigorous investigation.

To determine whether certain geo-restricting practices are anticompetitive, the Commission will analyze game publishers’ business practices, probing into their contractual limitations on the distribution of online video games.  EU Competition Chief Margrethe Vestager said that geo-restrictions “are often the result of arrangements that are included in contracts between manufacturers and content owners on one side and their distributors on the other.”  Accordingly, the Commission is willing to go as far as “examining the clauses in their contracts.”  But the Commission also recognizes that companies use geo-blocking for legitimate and procompetitive reasons, like restricting information to paying customers and protecting copyrighted material.

The probe will begin with comprehensive questionnaires sent to companies involved in e-commerce within the EU and could potentially lead to formal inquiries and enforcement actions.  Commissioner Vestager hopes to have preliminary findings by mid-2016.

The probe may target large U.S. technology companies, especially if they are suspected of abusing their dominant position to restrict trade.  EU competition law places certain duties on companies that are “dominant” in their markets (a fairly low bar compared to US standards), and abuse of a dominant position can be illegal.  American technology companies tend to be larger and more successful than their European counterparts, so they may trigger the Commission’s scrutiny.  Accoring to Vestager, “every company that sells products online, including their suppliers and their technology providers, will be affected. Potentially, the scope will be very wide.”  On the gaming front, the probe may affect large online game developers.

The Commission hopes that the creation of a single digital market will boost European startups by making it easier for them to launch and grow quickly across borders, similar to the advantage American companies have to rapidly gain a national user base in the U.S.  “We want companies in Europe to use the Digital Single Market to scale up, not move out,” said Andrus Ansip, the EC’s Vice President of Digital Single Market.  So it’s not surprising that the proposal and investigation come on the heels of the EU’s crackdown on American tech giants, the re-opening of the Google investigation being the most recent example.  Indeed, some commentators have characterized the move as protectionist, given Europe’s recent concerns over the increasing power of large U.S. web companies.

The ramifications of the DSM plan are not yet clear, but game companies that use geo-blocking may have to look for other solutions in the future.

ARTICLE BY

Nadezhda Nikonova of Sheppard, Mullin, Richter & Hampton LLP

European Union’s New Regulation to Attach Bank Accounts Pre and Post Judgment

HMB Chartered B

Applicable as of January 18, 2017, a recently adopted European regulation facilitates cross-border debt recovery by enabling creditors to obtain a “European Account Preservation Order” (the “EAPO”) given by one judge in a member state and attach a debtor’s bank accounts in another EU member state without further court proceeding. The EAPO will enable creditors to obtain an order (i) before the creditor initiates proceedings on the merits against the debtor, (ii) at any stage during the proceedings until a judgment or settlement is entered, and (iii) after a judgment or court settlement that requires the debtor to pay a claim. Before a judgment is entered, the national courts that have jurisdiction to rule on the merits will also have jurisdiction to issue an EAPO. If the creditor has already obtained a judgment, then jurisdiction lies with the courts of the member state where the judgment was obtained.

An EAPO is an alternative remedy. The order will only be available in matters that have cross-border implications and may only serve preservation purposes. This means the debtor’s bank account is provisionally frozen and the amount seized is transferred to a dedicated account kept by the competent enforcement authority. To get the pre-judgment order, the creditor must show that he will probably obtain a favorable judgment against the debtor in the proceedings on the merits. No notice is given in seeking the order. The debtor may also not be informed of the order before it is enforced. An EAPO will not apply where claims are against a debtor in bankruptcy and where funds are exempt from attachment under the laws of the member state of enforcement.

ARTICLE BY

Eric (Rick) S. Rein
OF
Horwood Marcus & Berk Chartered

Is Obesity the Next Pivotal Employment Discrimination Issue Within the European Union?

Greenberg Traurig Law firm

Introduction

Obesity is one of the greatest health challenges worldwide. During the last decade, the population that is overweight in the European Union (EU) Member States has increased significantly, which has resulted in more than half of the EU population being overweight or obese.1  According to a recent study published in The Lancet, more than one-third of the population worldwide is overweight or obese, of which 36.9 percent are men and 38 percent are women.2  The aforementioned development has led to a growing discussion on how to deal with obese (severe overweight) employees in the workplace. That discussion includes the question whether obesity is a ground for unlawful discrimination.

In 2013, the European Court of Justice (ECJ) was asked in a preliminary ruling in a Danish case – for the first time – which provisions of EU law, if any, apply to discrimination based on obesity. The ruling of the ECJ is expected at the end of 2014. Meanwhile the Advocate General (AG) delivered his opinion on the matter on 17 July 2014.3  The AG’s opinion basically revolved around two questions:

  • can obesity be considered as a self-standing ground of unlawful discrimination under EU law?
  • does obesity fall within the scope of the notion of disability as referred to in the Equal Treatment Framework Directive (Directive)?4

The aforementioned Directive has the objective of creating a level playing field, where equality in employment and occupation in both the public and the private sectors are concerned.5  Based on recent case law, the ECJ appears to have adopted, following the approach of the UN Convention, a social and not a (purely) medical model of disability.6

In this respect, it is important to understand that the Directive provides for minimum rules to be implemented by EU Member States with regard to their national laws. Member States are free to implement and execute provisions more favorable than the Directive so long as they are in line with the Directive, specifically and and EU law, in general. As a result, there are a variety of laws in place in the respective EU Member States regarding this topic, among many others, in combination with general EU law.

Given these developments, the topic of obesity in the context of employment discrimination is receiving greater scrutiny, and thus, the Danish case being closely watched by the employment law community in Europe. Indeed, obesity might be the next frontier in employment discrimination law.

This article is intended to highlight the most relevant aspects of the Danish case. It is likely that some of the issues will seem surprising to readers in the United States, inasmuch as, since the 2008 amendments to the Americans with Disabilities Act, the Equal Employment Opportunity Commission and the courts have already begun to rule that severe or morbid obesity is a disability regardless of whether or not it was caused by a psychological disorder.7

Facts

An employee, Mr. Kaltoft, has been employed since 1996 as a childminder (taking care of other peoples´ children in their own homes) in the Municipality of Billund, Denmark. Mr. Kaltoft has been obese during the entirety of his employment. Although he performed his job to everyone’s satisfaction, he was dismissed in 2010. According to the notice of dismissal, the termination was due to a decline in the number of children to be taken care of.

The dismissal followed an internal hearing in which the obesity of Mr. Kaltoft was discussed. The parties disagree as to whether and if so, how, his obesity constituted part of the basis for the dismissal. Mr. Kaltoft argued that his employment was terminated due to his obesity, and that this amounted to discrimination based on obesity.

Obesity as a self-standing ground of unlawful discrimination?

Mr. Kaltoft basically argued that the open-ended nature of certain provisions in the European Charter of Human Rights (ECHR), Protocol 12 of the ECHR and the EU Charter of Fundamental Rights of the European Union (EU Charter) as well as other general EU law principles, requires the conclusion that any form of discrimination should be protected.

The AG disagrees. In his analysis, he asserts that EU legislation prohibiting discrimination addresses specific grounds of discrimination within specific subject areas without an existing general prohibition on discrimination. Thus, since obesity  is not specifically mentioned as a prohibited ground of discrimination in the EU treaties, nor in any EU legislation, it cannot be seen as a self-standing ground of unlawful discrimination. If at all, according to the AG, obesity discrimination could only be grounded on Article 21 of the EU Charter, which prohibits ‘discrimination based on any ground such as (…).’ On this particular wording (such as) it might be argued that there is a general principle of non-discrimination in EU law covering grounds of discrimination not explicitly mentioned in the Charter. In this respect, the AG refers to an ECJ ruling in a previous case where the ECJ ruled that the discrimination within the scope of Directive 2000/78 should not be extended by analogy beyond those grounds listed- exhaustively – in Article 1 of the Directive.8  Therefore, the AG concludes that there is no general principle of EU law prohibiting discrimination in the labor market that would cover discrimination on grounds of obesity as a self-standing ground of unlawful discrimination.

Disability under Directive 2000/78

According to Article 1 of the Directive, discrimination on the grounds of disability is prohibited. The term ‘disability’ is not defined by the Directive, but a ‘notion’ of disability is being developed via case-law.  This case-law is consistent with the concept of disability as laid down in Article 1 of the United Nations Convention on the Rights of Persons with Disabilities (U.N. Convention), which is an evolving concept, and the U.N. Convention’s case-law. The U.N. Convention has been approved by the EU in its Decision 2010/48 and as a result the provisions of the U.N. Convention are an integral part of the European Union legal order.9  This means that EU legislation, such as directives, have to be interpreted, as far as possible, in a manner that is consistent with the U.N. Convention.

According to the ECJ, this notion of disability must be understood as referring to a limitation which results, in particular, from (i) long-term (ii) physical, mental or psychological impairments (iii) which in interaction with various barriers (iv) may hinder (v) the full and effective participation of the person in professional life (vi) on an equal basis with other workers.10

As to the scope of the term “disability,” the ECJ has held that disability cannot be defined by reference to the source of the impairment, because that would run against the very aim of the Directive, which is to implement equal treatment.11  Therefore, the notion of disability does not depend on whether the disability is self-inflicted or not. Disability can also include an illness, if the illness entails a limitation as described in the foregoing paragraph.12  In this respect it should be noted that an illness requiring particular attention, continuous medication and control may be a psychological or psychosocial burden to the person concerned, but that in itself does not necessarily hinder participation on an equal basis in professional life in general.13  Moreover, the protected disability may even be that not of the employee, but of a person in the care of the employee who seeks to rely on the Directive.14  The latter situation is described as ‘associative discrimination.’

According to the AG, it is sufficient that a long term condition causes limitations in full and effective participation in professional life in general on equal terms with persons not having that condition.  No link has to be made between the specific work concerned and the disability in issue as a precondition to application of the Directive.

With regard to the Danish case at issue here, one should note that the Municipality of Billund argued that it cannot be contended that Mr. Kaltoft’s obesity entails a limitation that may hinder his full and effective participation in professional life on an equal basis with other workers because he had already worked for 15 years as a childminder with the Municipality, and had participated in professional life on an equal footing with other childminders in the Municipality’s employ.  In other words, the Municipality asserts, Mr. Kaltoft’s obesity cannot be deemed to have impeded his work as a childminder. On the other hand, in light of the AG’s position, as set forth above, an employee such as Mr. Kaltoft could assert that it does not matter whether he could carry on his work as a childminder before he asserts a claim under the Directive; rather, if the disability, here obesity, causes limitations on his ability to participate in professional life generally, he can assert a claim of disability discrimination pursuant to the Directive.  Further, the notion of disability must be understood as referring to a hindrance to the exercise of professional activity, not only the impossibility of exercising such activity.15

Does obesity amount to a disability?

In addressing the question of whether obesity amounts to a disability, the AG refers to the Body Mass Index (BMI) classification of the World Health Organization.16  According to that measurement, persons can be divided in three categories: Obese class I (BMI of 30.00-34.99), Obese class II (BMI of 35.00 to 39.99) and Obese class III (BMI over 40.00). The latter category is also called ‘morbid obesity.’17  Although obesity is classified as an illness by the WHO, as set out above, an illness does not per se amount to a ‘disability’ as described in the Directive.18  With these categories in mind, the AG is of the opinion that most probably only WHO class III obesity (referred to by the AG as severe obesity) will create limitations that amount to a disability under the Directive and only when the situation fulfils all of the criteria set out in the ECJ’s case-law on the notion of disability. It is for the national Court to verify whether this is the case with respect to Mr. Kaltoft.19

Will the outcome matter for the Netherlands and the other EU Member States?

The Netherlands

The Directive was implemented in the Netherlands via the Equal Treatment Handicapped and Chronically Ill People Act (Act). According to this Act, discrimination on the grounds of handicap or chronical illness is prohibited. The terms ‘handicap’ and ‘chronical illness’ are not defined in the Act, and review of the legislative documents suggests that this omission was intentional, so as to be consistent with the Directive, which does not provide for a definition of ‘disability.’ Having said this, a handicap is considered to be irreversible and a chronical disease a long-term affliction.

As to the Dutch legal practice, it seems that the Act and the practice developed in the Netherlands are not completely in line with the ‘notion of disability’ in the sense of the Directive. There are elements that point in the direction of a wider scope, but there are also elements that seem to be narrower. The first (that is, a more expansive view) would be, as discussed earlier, permissible, while the latter (a narrower construct) would not. As an example, there are cases that seem to take the underlying (medical) cause into the equation in assessing whether the situation falls within the scope of a handicap or a chronic disease, which would seem to provide for analysis based on the source of the impairment, which, as described above, runs counter to the aim of the Directive.

Severe obesity is being interpreted as a chronic disease under Dutch case-law, by the Netherlands Institute for Human Rights (NIHR) as well as by the few courts that have rendered rulings on this topic so far. They all (directly or indirectly) refer to the aforementioned WHO classification regarding obesity and conclude that because morbid obesity is regarded as a chronical disease by the WHO it also qualifies as a handicap or chronical disease under the Act.20  Having said this, whether the outcome of the Danish case before the ECJ will change current practice will have to be seen, and may well depend on specific wording. If the ECJ rules in line with the AG’s opinion, the Dutch practice with regard to morbid obesity will not be affected; however, if the ECJ goes further, the ruling could broaden the nature of the protection.

Elsewhere in the EU

As described above, the EU Member States all have their own national legislation and in case of ECJ developments in this area, each will need to assess whether or not they fulfil the obligations that arise from the Directive and its case-law. By way of example, in the UK ‘disability’ is one of the protected characteristics under the Equality Act. There has been case-law, which held that while obesity is not a disability in itself, it may lead to an impairment which, if it meets the ‘disability’ test, would amount to a disability. If the ECJ rules that obesity per se amounts to a disability under the Directive, the UK courts may have to interpret ‘disability’ as including obesity or consider whether any changes to legislation are required.

Practical considerations

Just to be clear, the Directive does not impose an obligation to maintain in employment an individual who is not competent to perform the essential functions of the position concerned, notwithstanding the obligation for the employer, as laid down in Article 5 of the Directive, to provide reasonable measures where needed in a particular case to enable a person with a disability to have access to, participate in, or advance in employment, unless such measures result in the imposition of a disproportionate burden on the employer.21  This also applies to impairments such as alcoholism and drug addiction where these conditions amount to an illness. An employer may expect employees suffering from obesity to take reasonable steps themselves to ensure that they carry out their work properly. If that is or might become a problem, both the employer and the employee should address this in a timely and adequate manner to improve the situation, which will be a joint responsibility. In this context, looking at EU case-law as it currently stands, it is advisable for employers to consider reasonable adjustments (e.g., ergonomics of the workplace) where obesity leads to an impairment having an impact on an individual’s ability to perform their job. Furthermore, employers may also want to ensure a safe environment, addressing (in)appropriate behaviors toward those who are obese, not only because harassment based on obesity may in the future qualify as discrimination on the grounds of a “disability,” but more importantly to ensure that the employees feel good about themselves and their working environment, which will enhance their commitment to their colleagues and their employer and hence will create better results for all involved. With the latter, and the previously cited statistics in mind, employers might want to consider creating a healthy working environment that goes further than the regular health and safety regulations by, for example providing for healthy (lunch) food, health club arrangements, awareness programs and well-being programs among their workforces.

ARTICLE BY

Jerrold F. Goldberg
Johan Nijmeijer
T.M.J. (Dorothé) Smits
OF
Greenberg Traurig, LLP

1 According to: Eurostat, Statistics Explained: Overweight and obesity – BMI statistics (data from November 2011)

2 Global, regional, and national prevalence of overweight and obesity in children and adults during 1980-2013: a systematic analysis for the Global Burden of Disease Study 2013, The Lancet, Vol. 384, Iss. 9945, pages 766 – 781 (http://dx.doi.org/10.1016/S0140-6736(14)60460-8).

3 Karsten Kaltoft v. Municipality of Billund, Opinion of Advocate General Jääskinen 17 July 2014, Case C-354/13.

4 Directive 2000/78/EC of 27 November 2000.

5 ECJ 17 July 2008, Case C-303/06 (Coleman), EU:C:2008:415, par. 38 and 47.

6 ECJ 18 March 2014, Case C-363/12 (Z), EU:C:2014:159, par. 83-85.

7 Federal district courts in Louisiana and Mississippi and the Montana Supreme Court had already held that severe obesity not based on a physiological disorder can be deemed a protected disability (see EEOC v. Resources for Human Development, Inc., 827 F. Supp. 2d 688 (E.D.La. 2011); Lowe v. American Eurocoptor, LLC, 2010 U.S. Dist. LEXIS 133345 (N.D. Miss. Dec. 16, 2010); Feit v. BNSF Ry. Co., Op. 11-0436 (Mont. July 6, 2012).

8 ECJ 11 July 2006, Case C-13/05 (Chacón Navas), EU:C2006:456, par. 56.

9 Council Decision of 26 November 2009 concerning the conclusion, by the European Community, of the United Nations Convention on the Rights of Persons with Disabilities (2010/48/EC).

10 ECJ 11 April 2013, Joined Cases C-335/11 and C-337/11 (HK Danmark), EU:C:2013:222, par. 38 and 39.

11 HK Danmark, par. 41.

12 Kaltoft, par. 58.

13 Z, par 79 and 80.

14 Coleman, par. 56.

15 Z, par. 159.

16 Kaltoft, par. 50.

17 http://apps.who.int/bmi/index.

18 HK Danmark, par. 44.

19 Kaltoft, par. 56 and 60.

20 See for example NIHR 13 May 2011, 2011-78 (regarding a hiring and selection process).

21 Chacón Navas, par. 49 and 50

U.S. And EU Significantly Expand Sanctions and Export Control Restrictions Targeting Russia

In response to Russia’s continuing actions to destabilize Ukraine, the United States and EU took coordinated and significant steps on September 12, 2014, to expand and intensify sanctions targeting the Russian energy, defense, and financial services sectors. In tandem, the United States and EU also imposed additional restrictions on energy-related exports to certain entities in Russia, and the EU introduced new trade controls relating to certain dual-use exports.

In the United States, the Treasury Department’s Office of Foreign Assets Control (“OFAC”) and the Commerce Department’s Bureau of Industry and Security (“BIS”) took three steps that target the Russian energy sector:

  • First, OFAC imposed a prohibition on the following activities by U.S. persons or within the United States: the provision, export, or reexport of goods, services (other than financial services), or technology in support of deepwater, Arctic offshore, or shale exploration or production projects that: (1) have the potential to produce oil in or offshore of Russia; and (2) involve any of five major Russian energy companies: Gazprom, Gazprom Neft, Lukoil, Rosneft, or Surgutneftegas. U.S. parties impacted by these new sanctions have two weeks to wind down their activities with these Russian firms, under the terms of a new general license.

  • Second, BIS imposed a license requirement for the export, reexport, or foreign transfer to these same five Russian companies of any item subject to the U.S. Export Administration Regulations (“EAR”) if the exporter, reexporter, or transferor knows that the item will be used directly or indirectly in exploration for, or production from, deepwater, Arctic offshore, or shale projects in Russia. This action – achieved by naming these companies to the BIS Entity List – represents an expansion of the previous BIS restrictions relating to Russian deepwater, Arctic offshore, and shale oil and gas projects, which we reviewed in our e-alert of July 30, 2014.

  • Third, OFAC added two Russian energy companies–Gazprom Neft and Transneft–tothegroup of companies whose ability to issue new debt with a maturity of longer than 90 days is restricted. Those restrictions on new debt, which apply to U.S. persons and persons in the United States who transact in, provide financing for, or otherwise deal in such debt, were detailed in our e-alert of July 17, 2014.

    U.S. actions targeting the Russian defense and financial services sectors include new or expanded “sectoral sanctions” and the designation of Russian defense companies to BIS’s Entity List and OFAC’s List of Specially Designated Nationals and Blocked Persons. BIS also noted that it will “require licenses for an additional group of items destined to military end-uses or end-users in Russia,” but did not provide further elaborate on what this may entail.

    The new EU sanctions are set forth in two measures. First, Council Regulation No. 960/2014, which amends Council Regulation No. 833/2014 (described in our e-alert of August 4, 2014), introduces new restrictions on the access of certain Russian companies, including major Russian energy companies such as Rosneft and Gazprom Neft, to EU financing and financial markets. It also introduces new trade controls relating to certain dual-use and energy-related exports. Separately, Council Regulation No. 961/2014 designates 24 additional individuals for EU asset-freezing measures.

Collectively, the new U.S. and EU sanctions introduce a significant new range of trade controls, which will be of particular importance to companies in the energy, financial services, and defense sectors. The principal elements of the new sanctions are described below.

NEW U.S. SANCTIONS

A. New U.S. Sanctions Targeting the Russian Energy Sector

Perhaps the most significant of the new U.S. sanctions are those targeting the Russian energy sector. The new U.S. measures have implications for both U.S. and non-U.S. companies that do business with the Russian energy industry, though they will impact U.S. and non-U.S. companies in different ways. As noted above, OFAC and BIS have taken three new steps to target the Russian energy sector.

OFAC Directive 4 and General License No. 2

The first key action targeting the Russian energy sector is OFAC’s issuance of a new directive – Directive 4 – pursuant to Executive Order 13662. Directive 4 prohibits the following activities by U.S. persons or within the United States: providing, exporting, or reexporting, directly or indirectly, goods, services (except for financial services), or technology in support of exploration or production from deepwater (i.e., more than 500 feet), Arctic offshore, or shale projects that: (1) have the potential to produce oil in Russia or in maritime area claimed by Russia and extending from its territory; and (2) involve parties subject to Directive 4, their property, or their interests in property. These restrictions also extend to entities owned 50% or more by one or more sanctioned parties. Currently, five Russian energy companies are identified on the U.S. Sectoral Sanctions Identifications List (“SSI List”) as being subject to Directive 4 – Gazprom, Gazprom Neft, Lukoil, Rosneft, and Surgutneftegas. Directive 4 also makes clear that any conspiracy to violate any of its prohibitions is prohibited, and that any transaction that evades or avoids, has the purpose of evading or avoiding, causes a violation of, or attempts to violate any of Directive 4’s prohibitions is also prohibited.

At the same time that it issued Directive 4, OFAC expanded the guidance it offers on the sectoral sanctions through its Frequently Asked Questions. One of these “FAQs” (#412) explains that the prohibition on the exportation of services includes, but may not be limited to, drilling services, geophysical services, geological services, logistical services, management services, modeling capabilities, and mapping technologies. In contrast, Directive 4 does not prohibit the exportation or provision of financial services, such as clearing transactions or providing insurance related to the targeted activities. However, companies providing such financial services should ensure that those services do not constitute a prohibited dealing in new debt or new equity under Directives 1 or 2, which are addressed further below and apply independently of Directive 4.

Simultaneously, OFAC also issued General License No. 2 to authorize, for a limited time, certain wind down activities involving the Russian energy companies subject to Directive 4. Specifically, activities otherwise prohibited by Directive 4 are authorized until September 26, 2014, if they are “ordinarily incident and necessary to the wind down of operations, contracts, or other agreements involving persons determined to be subject to Directive 4 . . . that were in effect prior to September 12, 2014.” OFAC has made clear that General License No. 2 does not authorize the provision, export, or reexport of goods, services (other than financial services), or technology except as needed to cease operations involving the projects covered by Directive 4.

Any U.S. persons participating in transactions authorized by General License No. 2 are required, within 10 business days after the wind down activities conclude, to file a detailed report with OFAC covering the parties involved in the wind down activities and the date, type, and scope of such activities.

Finally, even if General License No. 2 appears to allow an export or reexport of goods, services, or technology related to wind down activities, companies should also confirm that there are no BIS restrictions applicable to the export or reexport before proceeding.

Expansion of BIS License Requirements for Certain Russian Deepwater, Arctic Offshore, and Shale Projects

The second key action targeting the Russian energy sector is BIS’s addition to its Entity List of the same five Russian energy companies currently subject to OFAC’s Directive 4 – Gazprom, Gazprom Neft, Lukoil, Rosneft, and Surgutneftegas. As a result of this action, BIS now requires all U.S. and non-U.S. persons to obtain a BIS license for the export, reexport, or foreign transfer to these five Russian companies of any item subject to the EAR if the exporter, reexporter, or transferor knows that the item will be used directly or indirectly in exploration for, or production from, deepwater, Arctic offshore, or shale projects in Russia. Moreover, applications for such licenses will be subject to a presumption of denial if the item will be used directly or indirectly in exploration for, or production from, a deepwater, Arctic offshore, or shale project in Russia that has the potential to produce oil. BIS previously issued guidance addressing the scope of the Entity List, including circumstances where an entity is owned or controlled by an entity on the Entity List. That guidance is available here.

This BIS action – which targets the export, reexport, or transfer of any item subject to the EAR – represents a significant expansion of the BIS export restrictions that were announced in early August, which targeted only certain enumerated items, not any item, subject to the EAR.

Addition of Two Russian Energy Companies to the SSI List as Subject to OFAC Directive 2

The third key action targeting the Russian energy sector is OFAC’s addition of two Russian energy companies – Gazprom Neft and Transneft – to the SSI List as subject to OFAC’s Directive 2. Directive 2 was originally issued on July 16, 2014, pursuant to Executive Order 13662, and prohibited the following activities by U.S. persons or within the United States: transacting in, providing financing for, or otherwise dealing in new debt of longer than 90 days maturity of entities identified on the SSI List as subject to Directive 2, their property, or interests in property.

Because Gazprom Neft and Transneft are now subject to Directive 2, transacting in, providing financing for, or otherwise dealing in new debt of longer than 90 days maturity of Gazprom Neft and Transneft, Rosneft and OAO Novatek (which were added to the SSI List as subject to Directive 2 in July), and any entities owned 50% or more by one or more sanctioned parties is prohibited as to U.S. persons and within the United States.

Notably, OFAC also issued General License No. 1A, which supersedes General License No. 1 of July 16, 2014, and which authorizes all transactions by U.S. persons and within the United States involving derivative products whose value is linked to an underlying asset that constitutes new debt with a maturity of longer than 90 days issued by a person subject to Directive 2.

It is important to highlight that Rosneft and Gazprom Neft are subject to both Directive 2 and Directive 4 (described above). OFAC has made clear that persons dealing with either Rosneft or Gazprom Neft must ensure that such dealings comply with Directive 2 and Directive 4 independently. For example, even if the provision of services to Rosneft is permissible under Directive 4 because the services qualify as “financial services,” the entity providing those services must separately ensure that the services do not run afoul of the prohibitions of Directive 2.

B. New U.S. Sanctions Targeting the Russian Defense Sector

OFAC Directive 3

OFAC expanded the sectoral sanctions targeting Russia to also cover the defense and related materiel sector. U.S. sectoral sanctions targeting Russia had previously focused only on the Russian financial services and energy sectors.

In particular, OFAC issued a new directive – Directive 3 – prohibiting the following activities by U.S. persons or within the United States: transacting in, providing financing for, or otherwise dealing in new debt of longer than 30 days maturity of entities added to the SSI List as subject to Directive 3, or their property or interests in property. Simultaneously, OFAC added Rostec, a Russia-based state- owned holding company for the Russian defense industry, to the SSI List as subject to Directive 3.

Like Directive 4, Directive 3 prohibits any transaction that evades or avoids, has the purpose of evading or avoiding, causes a violation of, or attempts to violate Directive 3’s prohibitions. Likewise, Directive 3 prohibits any conspiracy to violate any of its prohibitions.

Notably, OFAC also issued General License No. 1A, as discussed above, which authorizes all transactions by U.S. persons and within the United States involving derivative products whose value is linked to an underlying asset that constitutes new debt with a maturity of longer than 30 days issued by a person subject to Directive 3.

Addition of Five Russian Defense Companies to the SDN List and Entity List

Separately, OFAC added the following five entities that operate in the Russian defense sector to its SDN List pursuant to Executive Order 13661:

  • Almaz-Antey GSKB (aka Almaz-Antey Air Defense Concern Main System Design Bureau, JSC): a subsidiary of the Almaz-Antey Concern (which was itself added to the SDN List pursuant to Executive Order 13661 on July 16, 2014) that designs and manufactures air defense systems for the Russian Ministry of Defense.

  • Dolgoprudny Research Production Enterprise: primarily engaged in the production of weapons and ammunition, including the Buk (SA-11 or SA-17) missile system.

  • JSC NIIP (aka Tikhomirov Scientific Research Institute of Instrument Design): a subsidiary of the Almaz-Antey Concern that develops anti-aircraft defense systems, including on-board radar systems for MiG and Sukhoi fighters, and anti-aircraft missile systems for land forces, including the Kub and Buk systems.

  • Kalinin Machine Plant JSC: a state-run company involved in the production of special purpose products, including launchers, anti-air missiles, and artillery guns for infantry and anti-air defense.

  • Mytishchinski Mashinostroitelny Zavod OAO: has produced weaponry and equipment, primarily anti-aircraft missile systems and chassis for tracked military vehicles.

U.S. persons are prohibited from engaging in any dealings with these designated entities or any entities that are owned 50% or more by one or more of the designated entities. Additionally, any property or interests in property of these designated entities that comes within the United States or the possession or control of a U.S. person must be blocked.

Simultaneous with the OFAC designations, BIS added these same five entities to its Entity List, which means that any person – including non-U.S. persons – must obtain a BIS license for the export, reexport, or foreign transfer of any item subject to the EAR to the five designated entities. Applications for such licenses will be subject to a presumption of denial.

BIS noted in making these designations that it “will also require licenses for an additional group of items destined to military end-uses or end-users in Russia.” BIS did not further elaborate on what this may entail. We note – as explained in our e-alert of August 4, 2014 – that the EU previously imposed a prohibition on the sale, supply, transfer, or export of dual-use goods and technology to Russia if those items may be intended for “military use” or a “military end-user.”

C. New U.S. Sanctions Targeting the Russian Financial Services Sector

OFAC also has taken two key steps to expand and intensify the restrictions under Directive 1, which was originally issued on July 16, 2014, pursuant to Executive Order 13662 and which targets the access of certain entities in Russia’s financial services sector to U.S. capital markets.

First, OFAC amended Directive 1 to decrease the length of maturity of prohibited new debt from 90 days to 30 days. In its original form, Directive 1 prohibited the following activities by U.S. persons or within the United States: transacting in, providing financing for, or otherwise dealing in new debt of longer than 90 days maturity or new equity for persons identified on the SSI List as subject to Directive 1 (i.e., certain Russian banks), their property, or their interests in property. In its new, amended form, Directive 1 prohibits the following activities by U.S. persons or within the United States: transacting in, providing financing for, or otherwise dealing in new debt of longer than 30 days maturity or new equity of persons identified on the SSI List as subject to Directive 1, their property, or their interests in property.

Second, OFAC added Sberbank to the list of Russian banks subject to Directive 1. Thus, the prohibitions under Directive 1 are now applicable to new debt of longer than 30 days maturity and new equity of the Bank of Moscow, Gazprombank, the Russian Agricultural Bank, Sberbank, VEB, and VTB.

As noted above, OFAC also issued General License No. 1A, which authorizes all transactions by U.S. persons and within the United States involving derivative products whose value is linked to an underlying asset that constitutes new debt with a maturity of longer than 30 days or new equity issued by a person subject to Directive 1.

NEW EU SANCTIONS

The EU Council first agreed to the core framework of the sanctions on September 8, 2014. However, the cease-fire between the Ukrainian government and the pro-Russian armed militia — signed on September 5, 2014 — caused the EU Council to delay the entry into force of the new sanctions as the Council evaluated the cease-fire and the implementation of broader peace initiatives proposed earlier this month by the President of Ukraine.

The EU Council has signaled that it is prepared to take swift action to remove or reduce the new sanctions if the Russian Government demonstrates cooperation in resolving the conflict in Ukraine − or to further enhance the sanctions regime if Russia continues to contribute to the conflict.

The restrictions implemented on September 12, 2014 introduce a number of new measures, including features that do not have precedent in prior EU sanctions regulations. As in the case of the original version of Regulation 833/2014, the new provisions include a number of ambiguities that have already generated important questions from potentially affected companies, and the EU Member States will likely be called upon in the coming weeks to issue interpretive guidance relating to the new sanctions measures.

A. Additional Restrictions on Dual-Use Goods and Technologies

Regulation 960/2014 imposes a new prohibition − codified in Article 2a of the Amended Regulation 833/2014 − on the sale, supply, transfer, or export, directly or indirectly, of dual-use goods and technologies to any natural or legal person, entity, or body in Russia that is listed in Annex IV to the Regulation. Annex IV currently includes JSC Sirius, OJSC Stankoinstrument, OAO JSC Chemcomposite, JSC Kalashnikov, JSC Tula Arms Plant, NPK Technologii Maschinostrojenija, OAO Wysokototschnye Kompleksi, OAO Almaz Antey, and OAO NPO Bazalt. This new restriction on dual- use items supplements the existing prohibition, reflected in the original Regulation 833/2014, against the export of dual-use items to military end-users or for any military end-use in Russia.

Regulation 960/2014 also prohibits the provision to Annex IV parties of technical assistance, brokering services, or any “other services” related to dual-use items and to the provision, manufacture, maintenance, and use of those items. The provision to the Annex IV parties of financing or financial assistance for the sale, supply, transfer, or export of dual-use items, or for the provision of related technical assistance, brokering services, or other services is also prohibited.

The foregoing restrictions are expressed in the Regulation as prohibitions, rather than licensing requirements, thus implying that licenses will not be available to authorize transactions covered under the new restrictions. The new prohibitions are, however, subject to a number of important exemptions. Firstly, they do not apply to (i) the sale, supply, transfer, or export of dual-use items intended for the aeronautics and space industry, or the related provision of technical or financial assistance for non-military use and for a non-military end-user, or to (ii) the sale, supply, transfer, or export of dual-use items for maintenance and safety of existing civil nuclear capabilities within the EU, for non-military use, and for non-military end-users.

The foregoing provisions are also without prejudice to the execution of contracts or agreements concluded before September 12, 2014, and to the provision of assistance necessary to the maintenance and safety of “existing capabilities within the EU.” Regulation 960/2014 does not define the term “existing capabilities.”

B. New Oil and Gas “Services” Controls

Regulation 960/2014 also introduces a new Article 3a to Regulation 833/2014, prohibiting the direct or indirect provision of certain “services necessary for deepwater oil exploration and production, arctic oil exploration and production, or shale oil projects in Russia,” including (i) “drilling,” (ii) “well testing,” (iii) “logging and completion services,” and (iv) “supply of specialised floating vessels[.]” The new measures supplement existing restrictions, set forth in Articles 3 and 4 of Regulation 833/2014, concerning transactions associated with oil and gas equipment listed in Annex II to Regulation 833/2014. The new Article 3a restrictions are not, however, limited to Annex II items or to any other defined products, and the Regulation provides no definition or guidance concerning the scope of the restricted “services.” Moreover, in contrast to Regulation 833/2014 and to trade controls restrictions in other EU sanctions regulations, which distinguish restrictions on exports of goods and technology from restrictions on the provision of related support (e.g., technical assistance, brokering, financing, or financial assistance), the general reference to “services” in Article 3a has invited questions − which are not easily resolved from the text of the Regulation − concerning whether the new measures are intended to capture the supply of goods, the mere provision of technical or other support, or both.

The Article 3a prohibitions are without prejudice to the execution of an obligation arising from a contract or a “framework agreement” concluded before September 12, 2014, or ancillary contracts necessary for the execution of such contracts. The term “framework agreement” is not defined in Regulation 960/2014. However, it presumably carries a broader scope than the term “agreement” used in similar grandparenting provisions in Regulation 833/2014.

Finally, Article 3a exempts services that are necessary for the urgent prevention or mitigation of an event likely to have a serious and significant impact on human health and safety or the environment.

On a separate but related note, a recently published corrigendum to Regulation 833/2014 has clarified the scope of the restrictions on the provision of technical assistance, brokering services, financing, or financial assistance relating to the items listed on Annex II to that regulation. The corrigendum amends Article 4(4), correcting an error to the version of Regulation 833/2014 published on August 1, 2014, to make clear that competent Member State authorities may not authorize such assistance if the Annex II items are for Arctic or deepwater oil exploration or production or for a shale oil project unless the assistance concerns the execution of an obligation arising from a contract or an agreement concluded before August 1, 2014.

C. Additional Controls on Military Items

Regulation 960/2014 also amends Article 4 of Regulation 833/2014 to prohibit the provision of insurance and reinsurance relating to military items to Russian parties or for use in Russia; this prohibition applies in addition to the pre-existing prohibition against the provision of financing and financial assistance relating to military items.

D. Additional Financial Sector Restrictions

Regulation 960/2014 also amends Article 5 to Regulation 833/2014 to introduce a number of important new financial restrictions against designated Russian parties. The key amendments to Article 5 are as follows:

  • Regulation 960/2014 extends existing restrictions targeting “transferablesecurities” and “money market instruments” issued by Russian financial institutions listed on Annex III to Regulation 833/2014. Specifically, the new provisions introduce a restriction on the provision of “investment services” relating to those instruments, and lower the maturity period for covered instruments from 90 to 30 days (for instruments issued after September 12, 2014). Thus, Article 5 now renders it prohibited to “directly or indirectly purchase, sell, provide investment services for or assistance in the issuance of, or otherwise deal with transferable securities and money-market instruments with a maturity exceeding 90 days, issued after 1 August 2014 to 12 September 2014, or with a maturity exceeding 30 days, issued after 12 September 2014[.]”

  • The newly-introduced term “investmentservices” is defined as“ (i) reception and transmission of orders in relation to one or more financial instruments, (ii) execution of orders on behalf of clients, (iii) dealing on own account, (iv) portfolio management, (v) investment advice, (vi) underwriting of financial instruments and/or placing of financial instruments on a firm commitment basis, (vii) placing of financial instruments without a firm commitment basis, and (viii) any service in relation to the admission to trading on a regulated market or trading on a multilateral trading facility.”

  • The definition of “transferablesecurities” has been amended to exclude negotiable securities giving rise to a cash settlement.

  • The amended Article 5 also introduces similar prohibitions on dealings in “transferable securities” and “money-market instruments” with a maturity exceeding 30 days, issued after September 12, 2014, by (1) certain designated Russian military entities, as listed in the new Annex V to Regulation 833/2014, and (2) certain Russian entities active in the oil industry, as listed in the new Annex VI to Regulation 833/2014. Notably, the latter list includes major Russian oil and gas enterprises Rosneft, Transneft, and Gazprom Neft (the oil branch of Gazprom). Those new restrictions also extend to any entity established outside of the EU that is majority-owned by any entity designated in Annex V or Annex VI.

  • Similar to the restrictions imposed by Regulation 833/2014 against AnnexIIIbanks,the foregoing measures contain an important carve-out, as they do not apply to affiliates of the listed entities that are established within the EU. However, as with the Annex III bank restrictions, they extend to any entity “acting on behalf or at the direction of” the Annex V or Annex VI designated parties or their non-EU subsidiaries.

  • Finally, Regulation 960/2014 prohibits making or being part of any arrangement to make new loans or credit with a maturity exceeding 30 days available to any party listed on Annexes III, V, or VI after September 12, 2014. The Regulation exempts from that prohibition (i) loans or credit that have a specific and documented objective to provide financing for non-prohibited imports or exports of goods and non-financial services between the EU and Russia, and (ii) loans that have a specific and documented objective to provide emergency funding to meet solvency and liquidity criteria for legal persons established in the EU that are majority owned by Annex III banks.

    As with the original Article 5, the foregoing restrictions are not asset-blocking measures — EU parties are not generally prohibited from conducting business with the Annex III, V, and VI parties if their activities do not trigger the specific restrictions outlined above.

    E. Additional Parties Subject to the Asset-Freezing Restrictions

    Regulation 961/2014 imposes travel bans and asset freezes on a further 24 individuals, including pro-Russian rebels, Russian lawmakers and state officials, and the chairman of the Russian Rostec conglomerate, Sergey Viktorovich Chemzov. This brings the total number of individuals subject to sanctions under this specific regime to 119, whilst the number of designated entities remains 23.

    In the same manner as prior EU sanctions measures, all funds and “economic resources” belonging to, owned, held, or controlled by the newly designated parties must be frozen. “Economic resources” include “assets of every kind, whether tangible or intangible, movable or immovable, which are not funds, but which may be used to obtain funds, goods or services.” In addition, Regulation 961 prohibits making available funds or “economic resources,” directly or indirectly, to or for the benefit of the designated parties.

    F. Jurisdictional Reach of the New Sanctions

    Consistent with the pre-existing sanctions measures, the jurisdictional scope of the new sanctions extends (1) to conduct by EU-incorporated entities and EU nationals anywhere in the world; (2) to conduct by any party, irrespective of nationality, in connection with activities occurring in the territory of the EU or (with regard to legal persons) in respect of business “done in whole or in part within the Union”; or (3) conduct on board any aircraft or vessel under the jurisdiction of a Member State.

***

The new sanctions represent the latest, although perhaps not the last, restrictions relating to the crisis in Ukraine. The EU has signaled that it will closely monitor the implementation of the new restrictions and their impact, and it will consider supplemental measures if circumstances in Eastern Ukraine warrant and consensus among the 28 Member States can be reached. Likewise, the U.S. government has stated that additional sanctions targeting Russia could be forthcoming if Russia does not work toward a diplomatic resolution to the crisis in Ukraine.

We are following the above-mentioned sanctions and export control developments closely and will provide further updates as they evolve. We are particularly well-positioned to advise companies and individuals on compliance with the U.S. and EU sanctions related to the Ukraine crisis, as well as on the broader impact of the crisis on foreign investment in both Ukraine and Russia and other legal and commercial interests in the region.

ARTICLE BY

Peter Flanagan
Corrine Goldstein
Peter Lichtenbaum
Kimberly Strosnider
David Addis
David Lorello
OF
Covington & Burling LLP