This special issue aims to investigate the regulatory challenges facing the EU with regard to security governance in the broad area of the fight against financial crimes and by adopting a wider outlook on how to map and understand these phenomena in their salient contexts. In recent years, security as a key word can be witnessed as increasingly penetrating policies on a national, international, and supranational level. This development is also visible in EU policies, inter alia in the EU's policy concerning the area of freedom, security, and justice (AFSJ). Coupling the word security to the concept of governance in the somewhat thought-provoking phrase “security governance” prominently cements its position in the entirety of processes and mechanisms that steer people as well as corporations or markets. Security in the EU internal context concerns to a great extent the fight against terrorism and its financing as well as the policing of EU borders. Security in this regard concerns the structure of EU law and how it can be justified at the macro-level.

With increasing globalization, transnational crime in general, and human trafficking in particular, a design of new legal framework is required in order to effectively operationalize interstate law enforcement operations and prosecutions. The development of a transnational criminal legal framework—or frameworks—can build on pre-existing transnational economic frameworks. There is also the need to extend the application of domestic law beyond national borders to influence transnational corporate behavior. Regulations based on reflexive law are one possible approach. Teubner's idea of reflexive law has been informing developments in this area. This approach uses traditional national law to inform corporate governance strategies in order to achieve effects on the market. A few jurisdictions have already adopted measures modeled on this approach to tackle human trafficking and slavery-like conditions in global supply chains. Weaknesses in the approaches adopted by the UK and the State of California have already been identified. If strengthened, this approach could be adopted in more jurisdictions—including the EU—and also to combat more areas of transnational crime—such as money laundering. This paper will examine the resulting challenges using human trafficking as a case study.

Given the fast development of the field of AML Regulation, this Article aims to answer the following questions: First, how is money laundering dealt with and regulated on the EU level? Second, to which legal concerns do the chosen regulatory strategy give rise? Accordingly, this Article provides an overview of the various regulatory strategies in the global and EU regional AML Regime while at the same time points out some of the most pressing legal concerns in AML Regulation. These include the blurred line between administrative and criminal law measures and the protection of individual rights and fundamental freedoms including data protection and privacy issues in administrative and criminal law contexts respectively. Although briefly mentioning the global and international context, the focus of this Article is the EU regulatory action, its outcome and critique, and possible future.

This Article critically considers the effectiveness of the European Union's (EU) counter-terrorist financing (CTF) strategies. In particular, it concentrates on the use of financial intelligence gathered from the submission of suspicious activity reports (SARs) by reporting entities to Member States Financial Intelligence Units (FIU). The Article identifies a series of weaknesses in the United Kingdom's (UK) reporting regime: Defensive reporting, increased compliance costs, and the definition of suspicion. It concludes by making a series of recommendations that are aimed at improving the effectiveness of the EU and UK CTF reporting obligations.

Why is the fight against financial crimes such a central task for the EU? The EU has a strong interest to counter financial crimes and fraud against the EU budget as those crimes—so the EU legislator's claim is—hamper the trust in the market and undermine consumer confidence to engage in internal market transactions. In this Article, we aim to discuss the establishment of the European Public Prosecutor Office as a federal agent and the effects of this agent for establishing a robust EU financial crimes regime. Comparisons with the US system of US Attorneys—federal prosecutors—will be drawn to show that this institution has been quite effective at enhancing the protection of US financial market. The Article will then discuss to what extent the EU can, and should, learn from the American experience. We are particularly interested in the strong security focus in the EU and its consequences when it ventures into the area of financial crimes.

Considering the European Union's efforts to tackle various forms of financial crime more effectively, especially since the financial crisis of 2008, one would expect that the Union has also been strengthening its grip on national law with respect to corporate financial crime. Instead, this Article finds that the EU approach to corporate financial crime has actually not evolved that much over the past two decades. Moreover, this Article demonstrates that EU law still fails to sufficiently take into account the specific features of corporate entities (as opposed to individuals), as well as to fully exploit the potential strengths of a criminal law approach, as opposed to an administrative or civil law approach. In the author's view, the EU should more carefully consider the objectives and strengths of different kinds of enforcement mechanisms and adopt a more coherent approach, particularly with respect to corporations. Furthermore, when it comes to corporate punishment, the EU seemingly lacks ambition and creativity. EU legal instruments focus strongly on fines while insufficiently exploring other, potentially more adequate sanctions to achieve certain punishment goals. Ultimately, this may undermine the effectiveness of the EU's fight against corporate financial crime.

Criminal offenses with the most different modi operandi and levels of complexity can generate digital evidence, whether or not the actual crime is committed by using information and communication technology (ICT). The digital data that could be used as evidence in a later criminal prosecution is mostly in the hands of private companies who provide services on the Internet. These companies often store their customers’ data on cloud servers that are not necessarily located in the same jurisdiction as the company. Law enforcement and prosecution authorities then need to take two steps that are not exclusive for evidence of a digital nature. First, they need to discover where the data is located—with which company and in which jurisdiction. Second, they need to obtain the data. In considering digital evidence, the last step, however, is complicated by new issues that form the focus of this paper. The first concern is the practice by companies to dynamically distribute data over globally spread data centers in the blink of an eye. This is a practical concern as well as a legal concern. The second issue is the slowness of the currently applicable international legal framework that has not yet been updated to a fast-paced society where increasingly more evidence is of a digital nature. The slowness of traditional mutual legal assistance may be no news. The lack of a suitable legal framework for competent authorities that need to obtain digital evidence in a cross-border manner, nonetheless, creates a landscape of diverse initiatives by individual states that try to remedy this situation. A third issue is the position that companies are put in by the new EU proposal to build a legal framework governing production orders for digital evidence. With companies in the driver's seat of a cross-border evidence gathering operation, guarantees of the traditional mutual legal assistance framework seem to be dropped. A fourth issue is the position of data protection safeguards. US based companies make for significant data suppliers for criminal investigations conducted by EU based authorities. Conflicting legal regimes affect the efficiency of data transfers as well as the protection of personal data to citizens.

As the use of the Internet and online platforms grows, the scale of collecting and processing personal data and turnovers have increased correspondingly.1 At the same time, public awareness about the Internet turning into a genuine profiling and advertisement machine, as well as a powerful surveillance instrument, grows. More people today are concerned about the ways in which public and private actors store and use private information. Many individuals note that they lose sight of the consequences once they give consent to the collection of their sometimes most intimate personal data. The Snowden revelations and the recent Facebook and Cambridge Analytica scandal have only reinforced this public awareness.

Objections against these data processing practices cannot be explained as breaches of data protection or privacy regulation alone. In this Article, it is argued that recently passed regulations fail to solve the unease of data subjects as other, more fundamental values are at stake here. A different or complementary ethical and legal framework is needed to interpret this generally felt unease vis-à-vis current data practices and secondly to confront future developments on the data market. The concept of human dignity may be a helpful perspective in this respect. In the context of data processing, human dignity is generally interpreted in a quite specific manner, such as contributing to the empowerment and self-determination of autonomous individuals. It can be argued, however, that human dignity—in the context of the commodification and commoditization of online personal data—should be seen in a different, quite opposite, light. In sum, future regulation of privacy and data protection attention should shift towards more constraining dimensions of human dignity.