Photo of Panama Papers
Panama Papers
Thought Leadership


In response to the unfolding “Panama Papers” incident, Sheppard Mullin’s Data Breach Preparation and Response Team has created a suite of specialized services to help clients who may be touched by these disclosures, or who are interested in how data breaches could impact their operations. The team is multi-disciplinary and includes Sheppard Mullin partners specializing in data security and privacy, international compliance, corporate law, international transactions, tax, white collar criminal defense, and internal investigations.

The Law – Panama Papers Fallout

  • The U.S. Department of Justice (DOJ) and the Securities and Exchange Commission (SEC) are investigating for evidence of bribery
  • The Financial Crimes Enforcement Network (FinCEN) is investigating potential money laundering aspects of the breach
  • The U.S. Department of Treasury, Office of Foreign Assets Control (OFAC) is investigating potential sanctions violations
  • The Internal Revenue Service (IRS) may investigate tax structures disclosed in the Panama Papers
  • Non-U.S. tax agencies may investigate tax structures
  • The European Parliament expressed support for an EU-wide investigation
  • EU Council of Ministers met on April 28, 2016 to discuss investigative responses
  • EU Member States are reported to be in favor of EU-wide legislation in response to Panama Papers disclosures

Industries and Market Sectors Hardest Hit

  • Legal and Professional Services
  • Financial
  • Healthcare
  • Hospitality
  • Technology
  • Retail
  • Private wealth

The Threat to Service Providers: Your systems are at risk

  • Hacktivism
  • Ransomware
  • Hostile Foreign States
  • Insider Threats
  • “Phishing”/Fraudulent Financial or Data Transfers

The Threat to Data Owners: Your data is at risk

  • Valuable personal data: Name / address / birthdate / passport and DL
  • Private financial data: Accounts / credit cards / foreign tax ID
  • Corporate details: Foreign tax structure / ownership information
  • Company data: IP / financials / emails / HR data

Sheppard Mullin Services

  • Internal privacy and data security audits
  • Breach response plans
  • Data breach response
  • Compliance with U.S. tax laws
  • Compliance with U.S. financial privacy laws
  • Negotiating vendor agreements
  • Legitimizing cross-border data transfers
  • M&A data security diligence
  • Privacy policies for websites and mobile apps
  • European Privacy Safe Harbor Certification
  • Commercialization of data
  • Defending privacy class actions
  • Defending government investigations
  • Crisis Management
  • Responding to any law enforcement contact
  • Addressing employee misconduct
  • Defending European and EU investigations

Thought Leadership