In today’s rapidly evolving business environment, navigating regulatory requirements and compliance obligations has become increasingly complex and vital. Organisations are challenged by constant updates in laws and regulations, spanning critical areas such as data protection, cybersecurity and whistleblowing. The growing digital landscape further heightens the need for robust systems to protect data and ensure ethical business practices. Implementing effective compliance measures not only fulfils legal obligations but enriches organisational trust, sustainability, and operational resilience.
In an increasingly digital world, safeguarding personal data is more critical than ever. At PwC, we are dedicated to helping organisations navigate the complexities of data protection and privacy laws with confidence. Our team of experts is committed to empowering organisations with robust strategies and solutions tailored to specific needs, ensuring compliance with the regulations such as the GDPR and other regulations (e.g. AI Act, DORA, NIS2 etc) in a client-centric, creative and commercially focused manner.
With data breaches and privacy concerns on the rise, ensuring the security and integrity of your data assets is not just a regulatory obligation, but a crucial component of maintaining trust with your stakeholders. We understand the challenges you face and are here to provide comprehensive advisory services.
Explore our data protection and cyber services and discover how we can help you achieve compliance while maximising business value and trust.
1. GDPR Compliance and Advisory Services:
2. Data Protection Strategy and Governance:
3. Data Protection Impact Assessments (DPIAs):
4. Data Breach Management:
5. Data Subject Rights Management:
6. Training and Awareness:
7. International Data Transfers:
8. Data Protection Authority:
9. Data Security:
10. Third-Party Risk Management:
11. Data Protection Officers (DPOs):
1. Compliance Assessment and Strategy Development:
2. Risk Management and Security Policies:
3. Incident Reporting and Management:
4. Training and Awareness Programs:
PwC is a market leader in assessing system vulnerabilities regarding Anti-Money Laundering (AML) and Counter-Terrorist Financing (CTF) risks, evaluating compliance programs, and assisting in the enhancement of existing systems and controls. We have developed a comprehensive approach to risk reduction, risk management improvement, and operational solution implementation. We collaborate with you to ensure that compliance controls in the areas of anti-money laundering, counter-terrorist financing, and restrictive measures are effectively implemented and sufficient for quality risk management and regulatory requirements.
Our team of experts can help you develop an effective and efficient anti-money laundering and counter-terrorist financing system that will monitor the risks your organisation faces and align with regulatory expectations and developments in the fields of anti-money laundering, counter-terrorist financing, and restrictive measures.
Our AML experts work closely with you to understand your business and assist in creating your own control systems in the areas of anti-money laundering, counter-terrorist financing, and restrictive measures, ensuring effective risk management and regulatory compliance.
Our team of experts can assist you in the process of data collection and identification of the ultimate beneficial owner, submission of applications, updating data in the Register of Ultimate Beneficial Owners, and preparing requests for restricting access to data on the ultimate beneficial owner.
1. Alignment of internal regulations to reduce the risk of non-compliance
2. Compliance with regulatory requirements
3. Training
4. Risk Exposure Assessment
5. Registration and updating of data in the Register of Ultimate Beneficial Owners
With the adoption of the new Anti-Money Laundering and Terrorist Financing Act (OG No. 108/2017, 39/2019, 151/2022), the European regulations for anti-money laundering and terrorist financing (4th and 5th AML Directives) has been implemented in the national legislation. The Regulation introduces an obligation to establish a Register of Beneficial Owners.
The Ordinance on the Register of Beneficial Owners (OG No. 53/2019) was published on 24 May 2019 and prescribes the procedure and deadlines for submitting data on beneficial owners to be included in the Register of Beneficial Owners. The Financial Agency (FINA) maintains the Register.
The registration obligation applies to companies, branches of foreign companies, associations, foundations and institutions where the Republic of Croatia or local/regional unit of self-government is not the sole founder.
Institutions where the Republic of Croatia or local/regional unit of self-government is the sole founder are not required to register data on the beneficial owner.
Companies listed on stock exchanges are not required to provide data on beneficial owners for the Register. Such companies are only required to provide information on which stock exchange they are listed, along with the date they have been listed, and whether their shares are issued to bearers.
Data on the persons authorised to represent associations, who will be considered as the beneficial owners of the associations, will be retrieved from the PIN system. Changes and updates of the provided data will be made by the persons authorised to represent the association.
Data on beneficial owners must be accurate, up-to-date, and adequate. The following data must be reported: name and surname, country of residence, date of birth, citizenship(s), identification number or data on the type, number, issuer, country and the validity date of the identification document, data on the nature and extent of the beneficial ownership.
Every legal entity is required to enter information about its beneficial owner in the Register of Beneficial Owners within 30 days from the date of establishment.
A legal entity or trustee must update the data within 30 days following any change to the previously entered data in the Register.
Most of the data on beneficial owners are publicly available, except for the identification number and details on the type, number, issuer, country and validity date of the identification document, which are available only to competent state authorities.
Access to data or part of data on the beneficial owner of a legal entity is restricted if the access to such data would expose the beneficial owner to a disproportionate risk, such as the risk of fraud, kidnapping, blackmail, extortion, abuse, violence, intimidation or if the beneficial owner is a minor or has been deprived of their business capacity.
In these cases, a legal entity or a public body may submit a clarified and substantiated request to restrict access to the data on the beneficial owner.
A legal entity that fails to submit relevant, accurate and up-to-date data to its beneficial owner in the Register of Beneficial Owners, in the manner and within the deadlines prescribed by the Ordinance, may be fined from EUR 660 to 46,450.
A fine ranging from HRK 5,660.00 - 9,950.00 is prescribed for a Member of Management Board or another responsible natural person of the legal entity.
We can assist you in collecting data and identifying the beneficial owner and submitting the application to the Register of beneficial owners. Additionally, we can help you prepare requests to restrict access to data on the beneficial owner. Furthermore, we can support you in updating information in the Register.
If so, you are required to implement an internal reporting procedure that outlines the methods by which whistleblowers can report irregularities.
Additionally, if your company is subject to regulations in areas such as financial services, products and markets, prevention of money laundering and terrorist financing, traffic safety or environmental protection, you must implement an internal reporting procedure, regardless of the number of your employees.
We encourage you to view the whistleblowing system as an opportunity. It can serve as a valuable tool for identifying risks in your operations, enabling you to implement more effective solutions for a more sustainable business. By supporting and promoting a whistleblowing system more broadly, you will be able to identify various risks with negative sustainability impacts. Higher staff engagement in identifying such risks can help you find solutions more quickly and drive faster sustainability growth.
A team of PwC professionals with expertise in regulatory compliance will guide you through the entire process, from an initial assessment of your current status and possibilities for reporting incidents in your company, to the drafting of a tailor-made whistleblowing policy and the implementation of the whistleblowing system.
1. Regulatory Analysis:
2. Initial Assessment and Optimisation:
3. Internal Whistleblowing System Design:
4. Policy Drafting:
5. Process Implementation and Support:
6. Employee Awareness and Training:
- Risk Identification and Mitigation: Leverage whistleblowing as a proactive measure to identify and address operational and compliance risks that could impact sustainability and reputation
- Enhanced Compliance and Prevention of Penalties: Ensure compliance with applicable legislation to prevent potential penalties and legal consequences
- Corporate Culture and Trust: Promote a culture of transparency and integrity that fosters employee trust and engagement
- Support for Sustainability Initiatives: Integrate whistleblowing systems into broader strategic efforts to enhance sustainability performance and corporate social responsibility
In today's rapidly evolving regulatory landscape, integrating Environmental, Social, and Governance (ESG) principles into business practices is not just a compliance requirement but a strategic imperative. At PwC, we understand that robust ESG strategies can drive long-term value creation and sustainability, enhancing both corporate reputation and stakeholder trust.
Our team of seasoned regulatory compliance professionals is committed to providing comprehensive ESG advisory services tailored to your organisation's unique needs. We offer expert guidance to help you navigate complex regulatory requirements, identify opportunities for sustainability, and mitigate potential risks. Whether you are seeking to develop ESG policies, improve transparency through effective reporting, or align your corporate governance with global best practices, we are here to support you every step of the way.
Leveraging our deep expertise in compliance and a forward-thinking approach, we empower businesses to transform ESG challenges into opportunities. Together, let's build a sustainable future and ensure your business thrives in an increasingly conscientious world. Explore our ESG advisory services to discover how we can help your organisation achieve its sustainability goals while strengthening corporate governance and social responsibility.
1. Corporate Governance Frameworks:
2. ESG Policy Development:
3. Regulatory Compliance:
4. Board Advisory Services:
5. Stakeholder Engagement:
6. Ethics and Compliance Programmes: