Advotalks engages in conversation with Ms. Vanessa Figueiredo Gonclaves, a law graduate who has pursued her post-graduate degree in Law from Metropolitan University Center of São Paulo. She is an International Financial Operations Legal Expert in Brazil who has worked into the area of Contracts, Corporate Law, Compliance matters (including LGPD) which is the "General Data Protection Law" in Brazil.
With about 20 years of experience, especially serving the Agri-Business area and its administrative and judicial procedures, she has also worked in international disputes.
Can you explain about the concept of the area of International Financial Operations and Data Protection Laws?
When we talk about Financial Operations with bank and in companies, in addition to the obligation of confidentiality, it is mandatory to have a clause. That in the event, any information that is provided to the bank which includes but is not limited to any data or personal data as defined in our Data Protection Act. The company consents to the bank processing such data, provided that the bank complies with the law and the following amendments for a precise purpose. For example; the purpose of providing services to the company regarding a loan agreement of 100 million Reais would require the company to mention the precise purpose, but the bank will not be authorized to use the disclosed information for other operations.
What is the role of International Finance Corporation in International Financial Operations?
The International Finance Corporation (IFC) has the aim of boosting productivity, taking care of the environment and also generation of jobs and income in regions where the economy is not developed as it should be. The IFC seek to help the development of private sector as investing directly in the companies through loans with competitive interest rates. Where IFC’s investment loan is for industry, its team carries out a study of entire product chain, including the locations where the factories are located, facilities and among others along with the company that will receive the benefits, they will draw up an action plan for the environmental and social areas. This action plan lists all the improvements that should be implemented in the industry with the loan funds like effluent treatment, water treatment, social programs, etc. These improvements essentially focus on processes that avoid or reduces problems from the environmental and social areas.
Since you have had a lot of experience in Merger and Acquisitions as well, can you briefly explain how do these contracts work and how are these proposals executed?
A merger occurs when two companies come together to form an organization while an acquisition occurs when one company buys another. In general companies carry out M&A operation to boost their growth, increase competitiveness and re-position their brand. Due diligence, legal feasibility, studies about Corporate Re-organization after the M&A is in place are very important stages in this process. The fact is, it is common for the payment of the acquisition of this asset. It is common to carry out long-term financial operations to use the funds to acquire the asset. These financial operations used to have covenants that are heavy covenants. But with regard to covenants, we can essentially mention that we have affirmative, negative and financial covenants. Affirmative covenants are related to present Balance Sheet. This makes the bank look for financial temperature that the company needs. Negative covenants are related to the factors to be avoided while the financing is in force. Examples are not changing the company’s control, not changing the corporate purpose, not use the fundraiser for another purpose, not allow authorization to operations, etc. Financial Covenant is the most important one. It indicates the maximum indebtedness allowed to a company. This calculation takes into account financial indicators as represented by Net Debt and a Net Financial Expense that indicates a payment capacity. If they are not complied with, the bank can declare Default and demand early payment of installments. About tax, Brazil has a very complex legislation and taxes are very high. When we are working an M&A, firstly we look at percentage on capital gain which is the profit made on the sale of these assets. So, this percentage is too high. Currently, it can be from 15% to 22% on the amount of the gain which is why it is important to make it clear at the shareholder purchase agreement that the seller is responsible for paying this tax even if the local legislation determines that the tax must be paid by the buyer. This clause is important when the asset being purchased is located in another country and therefore, other legislation may apply.
What have been the challenges you faced in Agri-Business arena and how do you connect with the implications of environmental compliances?
Brazilian Environmental laws provide for an objective liability for damage caused to the environment which means that anyone who indirectly contributes to the damage is equally responsible with the one that caused the damage directly. They are jointly and severally liable for the obligation to repair it in full. For example: planting on illicit land and there is an environmental damage, depending on the scale of the problem the owner of the area and tenant would also responsible for repairing it including paying fines which are very heavy here in Brazil. For this reason, it is very important that contracts contain declarations and compliance obligations to preserve the environment, that rural properties are in good standing with environmental agencies. It is essential to obtain license permits, operational authorization, paying regular taxes, keeping records registered and describe very expressively that all these are obligations are owners’ obligations and thus, trying to avoid responsibility for the company. But sometimes its not possible depending on the evidence of the case we have.
Lastly, can you explain about the Data Protection Laws. How they have evolved in Brazil and what are the key provisions of General Data Protection Law in Brazil?
The LGPD law is constantly evolving and we keep learning new things. LGPD, the data protection law here in Brazil is a regulatory framework that aims to guarantee privacy and security in personal information. The law establishes clear guidelines on how organizations should collect, store, process and share personal data whether from customers, employees or partners. In technical terms, it is a legislation that imposes a series of obligations and responsibilities on companies with regards to the protection of personal data and fines incase of breach which can go up to 50 million Reais per infraction. With LGPD, people have more control over their information and companies are encouraged to adopt security measures and practices to mitigate the risks of leaks and misuse the personal data. Some key aspects of LGPD are that it emphasizes the importance of strategic and responsible approach for processing of personal data. It defines personal data as any information that directly or indirectly identifies a living individual including name, gander, date of birth, place of birth, phone number, payment details, consumption habits, religion, IP address and cookies, etc. We also have a data protection officer who works to ensure that the organization complies with the global Data Privacy Regulations, setting the standard and protecting user information through ethical practices.
There are four other things we need to pay attention to- consent based on which personal data can be processed; purpose and need i.e. transparency with the owners of the data will be demanded with requirement to inform citizens in advance of the purpose and necessity for which their personal data is requested; and lastly National Authority for Protection of Personal Data (ANPD). This organization is in charge of overseeing the companies and penalizing non-compliance of LGPD law. So now companies are required to manage the risks and failures with duties such as drafting governance rules. Now they are trying to adopt preventive security measures before a leak or misuse happens which is a good practice. They are also looking for certifications on the market because when we are talking about diligence, LGPD is one part that we are looking at.
We also look before penalizing whether the company took all measures possible to prevent any unfortunate instance like leaks or misuse and whether it was completely out of their control. We are working on to find more programs, more ways to audit and to avoid this kind of things because in present digital world it is necessary to try avoid and take measures before an event happens.
To watch the video interaction of this session Click Here
.jpeg&w=80&h=80&crop-to-fit)
