Compliance

Criminal risk prevention models are one of the elements that make it possible to exempt or mitigate the possible criminal liability of the legal person and therefore of the board. To this end, companies must implement an effective crime detection and prevention model in accordance with the nature of their activities and the corresponding risks associated with them.

These models should be adequately supervised and diligent monitoring of their functioning, always leaving evidence of all mechanisms and records of the system, to be used as a proof of compliance. Outsourcing will ensure independence and transparency throughout the process.

In order to ensure the implementation of effective internal procedures in companies and the establishment of adequate mechanisms to mitigate the risks to which they may be exposed, UHY specializes in providing the following services:

• Criminal Compliance System design
• Criminal Compliance System implementation
• Review and update of Compliance Models already designed
• Adaptation of the Model to ISO 37301 and/or ISO 37001
• Criminal risk analysis and situation reports
• Preparation of criminal risk maps
• Design and/or implementation of protocols, policies and controls
• Specific compliance reports at client’s request
• Ongoing advice and support to the Compliance Officer
• Expert advice to compliance bodies
• Face to face, hybrid and online training in criminal compliance for governing bodies, managers, employees, collaborators, etc.
• Training materials, tests and achievement certificates.
• Training on specific subjects.

Spain has tightened its rules and regulations for the prevention of money laundering. In this way, the scope of the regulations has been extended affecting a larger number of activities and professions.

We have a team specialised in this area, able to solve all doubts and helping to apply the money laundering prevention regulations to perfection through the following services:

• Manuals and Procedures for the Prevention of Money Laundering design
• Compliance audit of procedures
• External Expert Reports
• Advice on the creation of OCI and Technical Unit
• Risk Report
• Face to face, hybrid or online training in AML/CFT matters
• Training materials, tests and achievement certificates
• Training on specific subjects.
• Awareness-raising plans.

The purpose of data protection is to guarantee and protect public freedoms and fundamental rights of individuals and, in particular, their honor and personal and family integrity. It gives citizens the power to control, dispose and decide on their personal data.

The entry into force, in May 2016, of the REGULATION (EU) 2016/679, RGPD, in application since 2018, added to the approval of the new Spanish Law regarding the protection of personal data (LOPDGDD), the already existing Law on the Information Society and Electronic Commerce (LSSI) and the European project to harmonize the regulations regarding the use of cookies, has made the protection of personal data more complex and demanding.

We have a specialized team with years of experience, dedicated to helping companies comply with the different regulations regarding the protection of personal data:

• Data protection audits.
• External DPO services.
• Advice to the internal DPO of the organization.
• Preparation of the Records of processing activities as data controller and if necessary, also as data processor.
• Analysis of the entity’s risks and issuance of a report on the matter.
• Drafting of informative clauses and determination of how to obtain the consent of the users (clients, employees, associates, owners…).
• Drafting of Processor contracts.
• Drafting of legal texts for e-mails footers and Web pages (Privacy Policy, Legal Notice and Cookies Policy).
• Training
  • Face-to-face, hybrid and online DP training.
  • Training materials, tests and knowledgement certificates.
  • Training on specific subjects.