Is the GDPR a Bar to an Effective Anti-Bribery Compliance Programme?
In response to the OECD Working Group on Bribery’s public consultation on its Review of the 2009 OECD Anti-Bribery Recommendation, on 30 April 2019 TRACE issued a paper in which it provides comments on the challenges posed by the GDPR to anti-bribery compliance programmes. The full text of the paper can be found here
In its paper, TRACE argues that “many GDPR provisions do not facilitate – and are even in direct conflict with – the essential elements of anti-bribery compliance programs such as due diligence of third parties and compliance procedures for monitoring, internal investigations and reporting” and that some of the tensions between the anti-bribery compliance regime and the data protection regime are due to the “contradictory goals” each regime seeks to accomplish. TRACE appears to urge the European Union, and other countries with data protection legislation similar to the GDPR, to provide clear ways for companies to reconcile the two regimes otherwise, according to TRACE, “both may suffer”.