On April 7, 2025, South Africa’s Information Regulator announced a new requirement for organizations to report data breaches—referred to under local law as “security compromises”—via an online eServices Portal. The announcement marks a significant procedural shift in how companies must comply with the Protection of Personal Information Act, 2013
Continue Reading South Africa Introduces Mandatory e-Portal Reporting for Data Breaches
Benjamin Haley
Ben Haley leads the firm's White Collar and Anti-Corruption Practice in the Middle East and Africa and is a chair of the firm's broader Africa Practice. With deep experience representing clients before regulators in high-profile white collar and disputes matters and a history operating on the ground in emerging markets, he helps clients assess and mitigate a wide range of complex legal and compliance risks.
Complementing his investigations and dispute resolution practice, Ben has a broad-based compliance advisory practice, helping clients proactively manage compliance risk in areas including anti-corruption, trade controls, anti-money laundering, fraud, and data privacy.
Ben represents corporate and individuals clients in a wide range of investigations and disputes, including:
Investigations under the U.S. Foreign Corrupt Practices Act (“FCPA”).
Investigations into anti-money laundering, financial crimes, anti-terrorism, and sanctions and export control issues.
Securities fraud and accounting matters.
Board investigations and shareholder litigation.
Insurance recovery.
Ben also regularly advises clients on a range of regulatory compliance and corporate governance issues. His compliance advisory practice includes:
Performing risk and compliance program assessments.
Leading compliance reviews on business partners and assisting companies with third-party risk management processes.
Conducting forensic accounting reviews and testing and enhancing financial controls.
Advising on market entry, cross-border transactions, and pre-acquisition diligence and post-acquisition integration.
Assisting companies in designing, implementing, and maintaining best-in-class compliance programs.
In recent years, Ben has steered a number of clients to successful resolutions and declinations in complex FCPA and corporate fraud matters with the U.S. Department of Justice and Securities Exchange Commission. In his advisory practice, Ben has served as lead compliance counsel on a number of major M&A and investment transactions. He has developed special expertise assisting clients in leveraging technology in their compliance programs, including assisting one of the world's largest consumer goods companies in the design and implementation of an award-winning compliance data analytics and monitoring system.
Ben has been described by the Chief Compliance Officer of one of his clients as “[a]n outstanding senior lawyer and advisor,” and “a guiding light for all things compliance advisory in Africa,” whose “advice is crystal clear, covers all angles and is business friendly.”
Kenya’s AI Strategy 2025–2030: Signals for Global Companies Operating in Africa
Kenya has released its first National Artificial Intelligence Strategy (2025–2030), a landmark document on the continent that sets out a government-led vision for ethical, inclusive, and innovation-driven AI adoption. Framed as a foundational step in the country’s digital transformation agenda, the strategy articulates policy ambitions that will be of…
Continue Reading Kenya’s AI Strategy 2025–2030: Signals for Global Companies Operating in AfricaFinal Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021
In Episode 12 of our Inside Privacy Audiocast, together with special guest Advocate Pansy Tlakula, Chairperson of the Information Regulator of South Africa, we discussed the Information Regulator’s mandate and the implementation of data protection legislation in South Africa. Now, with less than a month to go before South Africa’s Protection of Personal Information Act, 2013 (“POPIA”) takes full effect on July 1, 2021, it is critical for organizations operating in South Africa to ensure that they are ready, if and when the Information Regulator comes knocking.
It is only when organizations start their POPIA journey that they realize just how wide the POPIA net is cast, and that very few businesses fall outside of its reach. The road to POPIA compliance should be viewed as a marathon, and not a sprint. While implementing and maintaining an effective POPIA compliance program will take continued effort and resources well beyond the July 1, 2021 go-live date, here we outline five steps to which companies subject to POPIA should give their attention in the short term.Continue Reading Final Countdown to POPIA Compliance: Five Critical Steps to Take Before July 1st, 2021