DORA: Why it is relevant & why is it relevant to you?
The Digital Operational Resilience Act (DORA) is a significant development in EU regulation, compelling financial entities to ensure consistent cybersecurity and operational resilience maturity levels across all their operations within the EU. With a two-year preparatory phase, organizations face a significant task of implementation and demonstration of compliance.
To navigate this transition effectively, financial institutions must conduct comprehensive gap assessments to gauge their readiness vis-à-vis DORA, identifying areas necessitating further investment and prioritization. Proactively addressing these gaps positions businesses to meet more complex requirements such as supply risk management, threat intelligence, and advanced security testing, thus gaining a competitive edge in the market.
DORA marks a substantial shift for entities under ESMA or EIOPA supervision and banks already subject to existing EBA guidelines on banking supervision. Moreover, it extends its scope to encompass previously less regulated stakeholders in the financial sector, including crypto-asset service providers, intermediaries managing alternative investment funds, crowdfunding service providers, cloud-service providers, and ICT third-party service providers.
One of DORA’s key focuses is on third-party risk management, necessitating entities to ensure the resilience of their critical ICT third-party service providers. This requires close collaboration and joint efforts to satisfy regulatory expectations, particularly in supporting the delivery of essential business services.
DORA officially entered into force at the beginning of 2023, initiating a two-year implementation period. Financial entities are thus expected to achieve compliance with the regulation by early 2025. As this deadline approaches, proactive engagement with DORA compliance becomes essential to avoid penalties and maintain operational continuity.
In light of these developments, Andria Papageorgiou Law Firm is committed to assisting organizations in navigating the complexities of DORA compliance. With our outsourced DPO services and regulatory compliance consulting, tailored to address the specific requirements of DORA, we ensure that businesses are well-equipped to meet regulatory obligations and uphold operational resilience in an evolving digital landscape.
Contact us today at info@apapageorgiou.com to learn more about how we can support your journey toward DORA compliance.
Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as financial or investment or legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.
CySEC Circular on EBA Guidelines: Enhancing Anti-Money Laundering Measures for Crypto-Asset Service Providers
We would like to draw your attention to Circular C640 (the “Circular”), issued by the Cyprus Securities and Exchange Commission (the “CySEC”) on the 26th of April 2024, for the purposes of informing Regulated Entities, as these defined therein, about European Banking Authority’s Guidelines amending Guidelines EBA/2021/02 on customer due diligence and the factors credit and financial institutions
should consider when assessing the money laundering and terrorist financing risk associated with individual business relationships and occasional transactions under Articles 17 and 18(4) of Directive (EU) 2015/849 – Guidance to crypto-asset service providers to effectively manage their exposure to ML/TF risks
On January 16, 2024, the European Banking Authority (EBA) extended its Guidelines on ML/TF risk factors to CASPs, signifying a significant stride in the EU’s efforts to combat financial crime. The new Guidelines (EBA/GL/2024/01) underscore ML/TF risk factors and mitigating measures that CASPs need to adopt, recognizing the potential abuse of CASPs for illicit financial activities.
The risks associated with CASPs are manifold, ranging from the rapidity of crypto-asset transfers to the anonymity features embedded in certain products, heightening the susceptibility to ML/TF activities. Hence, CASPS must grasp these risks comprehensively and implement effective measures to mitigate them.
The amended Guidelines serve to equip CASPs with a framework for identifying these risks, offering a non-exhaustive list of factors indicating exposure to varying levels of ML/TF risk. By leveraging these risk factors, CASPs can gain insights into their customer base and pinpoint areas of vulnerability, thereby fine-tuning their mitigating measures, including the use of blockchain analytics tools.
Recognizing the interconnectedness of the financial sector, the Guidelines extend guidance to credit and financial institutions with CASPs as clients or exposure to crypto assets. This risk is exacerbated when institutions engage with unregulated crypto-asset service providers.
In essence, these Guidelines foster a unified understanding of ML/TF risks associated with CASPs and outline the requisite steps for CASPs and other financial institutions to manage these risks effectively. The amended Guidelines will come into effect on December 30, 2024.
In line with its overarching supervisory approach, CySEC urges all Regulated Entities to adhere to the Guidelines and demonstrate the appropriateness of their AML/CFT policies, controls, and procedures in light of identified ML/TF risks, thus ensuring robust measures to combat financial crime.
Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.
Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as financial or investment or legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.
Supervisory priorities for 2024, targets CIFs providing services on a cross border basis
In a recent announcement, the Cyprus Securities and Exchange Commission (CySEC) has outlined its focus areas for 2024, intending to guide and support regulated entities amidst evolving regulatory landscapes. As trusted advisors, we aim to elucidate these priorities for our esteemed clients, including Cyprus Investment Firms (CIFs) and asset managers, providing clear guidance and actionable insights.
CySEC’s objectives for 2024 revolve around preserving market integrity and safeguarding investor interests. Informed by ongoing market evaluations and regulatory updates, these priorities serve as a compass for regulated entities, steering them towards excellence in compliance amid shifting regulatory dynamics.
A. Key Highlights:
Enhanced Supervision: CySEC stresses the significance of vigilant oversight, particularly for firms involved in cross-border activities with intricate financial products such as Contracts for Difference (CFDs). This heightened scrutiny is designed to mitigate risks and uphold market stability.
Promoting Compliance Culture: Nurturing a culture of compliance is imperative. CySEC urges firms to reinforce governance structures and control functions, fostering a sustainable approach to regulatory adherence.
Proactive Risk Management: Prompt identification and mitigation of risks are paramount. Regulated entities are encouraged to proactively address emerging threats, ensuring business resilience and investor protection.
B. Focus Areas for Regulated Entities:
Investment Services: CIFs are required to adhere to professional conduct rules, enhance organizational arrangements, and embrace technological advancements. Additionally, robust governance frameworks and proactive risk management are emphasized.
Asset Management: Asset managers should prioritize compliance with regulatory mandates, including sustainability requirements and effective asset valuation procedures. Thorough data analysis and oversight of derivative contracts are vital for maintaining financial stability.
C. What Firms Need To Do:
- Review policies, procedures and internal controls arrangements put in place to ensure compliance with the regulatory requirements.
- Implement effective and prudent management practices, with active oversight from the management body.
- Evaluate the adequacy of governance structures and the effectiveness of control functions such as compliance, internal audit and risk management.
- Improve monitoring of marketing communications.
- Implement measures to address risks in the field of ICT and prepare for compliance with DORA.
- Consider investing in technology solutions/tools that complement firms’ efforts to ensure business resilience and regulatory compliance.
D. Next Steps: Firms should expect ongoing engagement from supervisory teams on the areas mentioned above as well as specific feedback, including communication with the board of directors. CySEC aims to take in a timely way, actions commensurate to the problems and shortcomings identified, to effectively prevent, mitigate or bring them to an end, considering repetition or continuation over time as aggravating factors.
Andria Papageorgiou Law Frim is a reputable Firm specializing in regulatory compliance and risk management solutions. With a dedication to empowering clients through tailored strategies and innovative tools, we are poised to support our clients’ journey toward compliance excellence.
Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.
Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as financial or investment or legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.
Circular C589 – MONEYVAL’s report on money laundering and financing of terrorism risks in the world of virtual assets
We would like to draw your attention to Circular C589 (the “Circular”), issued by the Cyprus Securities and Exchange Commission (the “CySEC”) on the 18th of July 2023, for the purposes of informing Regulated Entities, as these defined therein, about MONEYVAL’s Report on money laundering and financing of terrorism risk in the world of virtual assets (the “Report”).
A. Purpose:
The Report purports to present in an integrated manner an overview of the money laundering and financing of terrorism risks in the world of virtual assets (the “VAs”) and their service providers in MONEYVAL members. In order to do this, the Report includes the following:
- horizontal analysis of MONEYVAL’s members’ level of compliance with the Financial Action Task Force (the “FATF”) Recommendation 15;
- an overview of the measures taken to regulate and supervise virtual asset service providers (the “VASPs”) sector; and
- features of the identified risks that criminals use VASPs and VAs to launder proceeds of crimes (i.e. exchanges, exchange offices, aggregators, and other cryptocurrency platforms including e-gaming, sports betting, and NTFs).
In particular, the Report integrates and analyses data obtained from MONEYVAL members across multiple issues, relating to (a) how members regulated the activity of issuance of Vas and operation of VASPs; (b) whether the Law Enforcement Authorities (LEAs) have adequate powers and tools to investigate, locate and impose interim measures in respect of Vas; (c) the types of VA platforms used for financial support of criminal activity; (d) examples of cases investigated by the relevant authorities with description of criminal schemes involving the virtual asset elements that have been identified; and (e) other data relevant to the goals of the study.
B. Main Provisions:
In view of the above, the Report has been structured into the following four (4) sections:
1. Horizontal review of compliance with FATF Recommendation 15:
FATF has published documents that are aimed at helping jurisdictions and the private sector to comply with the new AML/CFT requirements for VAs and VASPs (available here and here). Due to the peculiarities of the sector and the relatively recent adoption of the standard, the vast majority of MONEYVAL members have not yet fully implemented these requirements (i.e. of the 23 jurisdictions that have been assessed since June 2021 for their compliance with Recommendation 15, the majority require major or moderate improvements). In particular, further improvements are needed in assessing ML/TF risks, supervision, and the application of AML/CFT preventative measures.
2. Assessment of VA and VASP risks:
As already mentioned above, not all members have assessed the ML/TF risks posed by VAs and VASPs, or if such risk assessment has been conducted in many cases it lacks depth. In the case of Andorra that carried out its second national risk assessment back in 2020, it is noted that the risk assessment at the national level would start with an inventory (i.e. when VASPs must be licensed or registered, leaving the authorities with the tasks of estimating if and to which extent unregistered entities are still servicing clients in the respective jurisdiction) of the registered entities in the jurisdiction and determining the materiality of the VASP sector. However, in practice, jurisdictions experience challenges in identifying unregistered or unlicensed VASP activity in their jurisdiction.
In view of the above and following the first inventory of VASPs, a more in-depth analysis of the sector was undertaken. There is a risk that if the work conducted by Andorra indicates that there are no businesses operating domestically that should be registered, then VAs and VASPs become less of a focus. An assessment must be made about the use of VAs in the country even if there are no registered VASPs (for instance, whether customers in the domestic jurisdiction are obtaining services in another jurisdiction).
3. Risk-Based Approach Supervision of the VASP Sector:
The relevant section of the Report outlines the different approaches taken by members to license or register domestic VASPs and to implement a risk-based supervisory framework for the VASP sector. In brief, the following are noted:
- VAs is defined as a digital representation of value that can be digitally traded or transferred and can be used for payment or investment purposes and do not include digital representations of FIAT currencies, securities, and other financial assets that are already covered elsewhere in the FATF Recommendations.
- VASP is any natural or legal person that provides as a business activity one or more of the following activities or operations for or on behalf of another natural or legal person: (i) exchange between virtual assets and FIAT currencies; (ii) exchange between one or more forms of virtual assets; (iii) transfer of virtual assets; (iv) safekeeping and/or administration of virtual assets or instruments enabling control over virtual assets; and (v) participation in and provision of financial services related to an issuer’s offer and/or sale of a virtual asset.
- The analysis shows that not all members included natural persons in the definition of VASPs.
- A risk-mitigating measure for VASP activity is the application of market entry controls and of adequate risk-based supervision for AML/CFT purposes in the sector.
- Recommendation 15 allows countries to choose between licensing or registration of VASPs, providing that at a minimum, VASPs would be required to be licensed or registered in the jurisdiction(s) where they were created.
- MONEYVAL members have implemented different approaches to supervision (i.e. licensing or registration authority is not always the same authority that conducts the AML/CFT supervision of VASPs).
- In supervising the VASP sector most of the MONEYVAL members are at the beginning of implementation. Not all supervisors are comprehensively resourced in terms of staffing and knowledge, and the risk-based approach is rarely tailored to a sector-specific risk assessment.
- The volume and flow of cross-border transactions is one important element that supervisors should consider when determining the risk of the VASP sector and conducting supervision activities.
- The availability of sanctions for VASP supervisors in MONEYVAL members differs in the scope and mounts of the sanctions that can be applied.
4. Law Enforcement and Operational Issues:
The capabilities and approaches of authorities in MONEYVAL countries to investigate ML/TF cases involving the use of VAs and to impose interim measures are examined in the relevant section of the Report. In particular, a number of case studies from the MONEYVAL region shed light on the use of VAs for money laundering purposes, such as the types of understanding crimes that are normally associated with such ML cases, as well as the modus operandi and typologies as to how such money laundering cases are perpetrated, are outlined within the Report. VAs are being used and can probably be used interchangeably with FIAT currencies when looking at typologies, as per the following investigated cases:
- Theft of VAs through “typosquatting” – Isle of Man (in cooperation with UK and Netherlands);
- Sale of fake VAs – Azerbaijan;
- Use of money mules – Latvia;
- Drug and arms dealing – Slovak Republic; and
- Laundering of drug trafficking proceeds – Malta.
C. Next Steps:
CySEC considers the Report to be of assistance to the Regulated Entities engaging or seeking to engage in VA activities, in understanding their AML/CFT risks and obligations and how they can effectively comply with these obligations.
To this end, it is expected by CySEC that all Regulated Entities will study the Report and take its content into account when assessing AML/CFT risks, thereby improving the effectiveness of the measures and procedures applied.
Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.
Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as financial or investment or legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.
Arbitration and Mediation: Exploring Alternative Dispute Resolution Methods
A. Introduction:
In today’s legal landscape, resolving disputes through litigation can be a time-consuming and costly process. As a result, alternative dispute resolution (ADR) methods like arbitration and mediation have gained significant popularity. These methods offer parties involved in a dispute an opportunity to find mutually acceptable resolutions outside of the traditional courtroom setting. This article aims to provide an overview of arbitration and mediation as effective ADR mechanisms.
B. Arbitration:
Arbitration is a private and voluntary process in which parties present their dispute to one or more arbitrators who act as neutral third parties. Unlike litigation, arbitration allows the parties to have more control over the process, including the choice of arbitrators, venue, and procedural rules. The arbitration process typically involves the following key steps:
- Agreement to Arbitrate: Parties enter into an agreement to resolve their dispute through arbitration. This agreement may be included in a contract or agreed upon after a dispute arises.
- Selection of Arbitrators: Parties have the flexibility to choose their arbitrators based on their expertise and impartiality. Arbitrators may be legal professionals or industry experts with knowledge related to the subject matter of the dispute.
- Presentation of Evidence and Arguments: Parties present their case, including supporting evidence and legal arguments, to the arbitrators. This may involve witness testimonies, expert opinions, and documentary evidence.
- Arbitration Award: After considering the evidence and arguments, the arbitrators render a final and binding decision, known as the arbitration award. The award is enforceable in courts and provides a resolution to the dispute.
C. Mediation:
Mediation is a voluntary and confidential process in which a neutral third party, known as the mediator, facilitates communication and negotiation between the disputing parties. The mediator assists the parties in identifying their interests, exploring potential solutions, and reaching a mutually agreeable settlement. The mediation process typically involves the following stages:
- Introduction: The mediator establishes the ground rules, explains the mediation process, and ensures all parties understand the voluntary and confidential nature of mediation.
- Individual Statements: Each party has the opportunity to express their perspective and concerns regarding the dispute without interruption.
- Joint Discussion: The mediator facilitates open communication between the parties, encouraging dialogue, identifying common interests, and exploring possible solutions.
- Negotiation and Agreement: With the assistance of the mediator, the parties engage in a collaborative negotiation process to reach a mutually acceptable resolution. If an agreement is reached, it is documented in a written settlement agreement.
D. Benefits of Arbitration and Mediation:
Both arbitration and mediation offer several advantages over traditional litigation, including:
- Flexibility: Parties have greater control over the process, including the selection of decision-makers, procedural rules, and scheduling.
- Efficiency: ADR methods often offer faster resolution compared to lengthy court proceedings, reducing costs and saving time for all parties involved.
- Confidentiality: Arbitration and mediation proceedings are typically confidential, allowing parties to protect sensitive information and maintain privacy.
- Preserving Relationships: ADR methods promote cooperation and allow parties to maintain relationships, as they actively participate in finding a mutually satisfactory resolution.
With this significant accomplishment, our firm proudly offers the expertise and services of our accredited Mediator and Arbitrator to handle a wide range of complex disputes. Our Founder’s extensive training, combined with her commitment to delivering exceptional results, ensures that she approaches every matter with the utmost professionalism and care.
By engaging our services, you can trust in our Founder’s proficiency and the Firm’s unwavering dedication to resolving disputes through mediation and/or arbitration. Whether you are seeking a Mediator to facilitate productive dialogue or an Arbitrator to render a fair and binding decision, we are equipped to guide you toward a resolution.
At our Firm, we prioritize the swift and amicable resolution of disputes, recognizing the value of preserving relationships and minimizing the financial and emotional costs associated with traditional litigation. By leveraging our Founder’s accreditation as a Mediator and Arbitrator, we strive to provide the highest level of service, professionalism, and expertise.
F. Conclusion:
Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.
Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as financial or investment or legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.
ESAs public consultation on DORA
We would like to draw your attention that the European Supervisory Authorities (EBA, EIOPA, and ESMA – the ESAs) launched yesterday, 19th of June 2023, a public consultation on the first batch of policy products under the DORA.
This includes four draft regulatory technical standards (RTS) and one set of draft implementing technical standards (ITS). These technical standards aim to ensure a consistent and harmonized legal framework in the areas of ICT risk management, major ICT-related incident reporting, and ICT third-party risk management.
DORA entered into force on the 16th of January 2023 and will apply from the 17th of January 2025 aiming to enhance the digital operational resilience of entities across the EU sector and to further harmonize key digital operational resilience requirements for all EU financial entities.
This regulatory framework covers key areas such as:
- ICT risk management,
- ICT-related incident management and reporting,
- digital operational resilience testing and
- management of ICT third-party risk.
DORA has mandated the ESAs to jointly develop altogether 13 policy instruments in two batches. The first batch of technical standards, are the following:
- RTS on ICT risk management framework and RTS on simplified ICT risk management framework;
- RTS on criteria for the classification of ICT-related incidents;
- ITS to establish the templates for the register of information;
- RTS to specify the policy on ICT services performed by ICT third-party providers.
The ESAs expect to submit these draft technical standards to the European Commission by 17 January 2024.
Comments to this consultation can be sent to the ESAS by the 11th of September 2023.
Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.
Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as financial or investment or legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.
CySEC Circular C576 – Adoption of the European Banking Authority Guidelines
We would like to draw your attention to Circular C576 (the “Circular”) issued by the Cyprus Securities and Exchange Commission (the “CySEC”) on the 2nd of June 2023, for the purposes of informing the Cyprus Investment Firms (the “CIFs”) about its decision to adopt the following European Banking Authority’s (the “EBA”) guidelines, that have been previously published within 2022, by incorporating them into its supervisory practices and regulatory approach:
- (a) Guidelines on the benchmarking exercises on remuneration practices and the gender pay gap under the Directive (EU) 2019/2034 (the “Guidelines on benchmarking”). Our previous notification email is attached herein; and
- (b) Guidelines on data collection exercises regarding high earners under Directive 2013/36/EU and under Directive (EU) 2019/2024 (the “Guidelines on high earners”). Our previous notification email is attached herein.
In brief, kindly note the below:
1. Guidelines on benchmarking:
The relevant guidelines specify how competent authorities shall collect from investment firms the remuneration and the gender pay gap data and how they will then submit them to EBA. It is noted that the said data shall be collected and submitted at the individual level whereas where Article 7 of IFR applies, this data shall be collected and submitted only at the level of consolidation set out therein. Please note that the Guidelines on benchmarking should be read in conjunction with the EBA Guidelines on sound remuneration policies under IFD.
In view of the above and pursuant to Section 28(1) of the Prudential Supervision of Investment Services Law of 2021 (the “Prudential Supervision Law”), CySEC shall collect the information disclosed in accordance with Article 51(1)(c) and (d) of IFR as well as the information provided by CIFs on the gender pay gap and use that information to benchmark remuneration trends and practices. Pursuant to Section 28(4) of the Prudential Supervision Law, CySEC shall provide the collected information to EBA in order to benchmark remuneration trends and practices at the Union level.
Therefore, the following actions should be taken by CIFs in regard to the topics presented below:
Related Topic | Information to be submitted | Deadline |
Remuneration Data | o Information on the remuneration of all staff, as set out in Annex I of Guidelines on benchmarking | 15th of June of each calendar year* |
o Additional information on remuneration for identified staff, as set out in Annex II and Annex III of Guidelines on benchmarking | ||
o Information on derogation as specified in Annex IV of Guidelines on benchmarking | ||
Gender Pay Gap | o Information set out in Annex V of Guidelines on benchmarking regarding the financial year 2023 | 15th of June every three years, starting from 2024 |
*It is clarified that the remuneration data outlined above should be submitted by the 31st of August 2023 the latest, regarding the financial year 2022.
2. Guidelines on high earners:
The objective of the data collected on high earners is to analyse and publish year-to-year developments in the number of individuals in institutions and investment firms earning at least EUR 1 million within the European Union (the “EU”) and the European Economic Area (the “EEA”), and within the different Member States, and to assess the major components of remuneration awarded to high earners in different business areas. The said information can be used together with other remuneration benchmarking data to analyse the application of remuneration policies within the EU and EEA and the trends in remuneration practices so as to improve the relevant legal framework.
In view of the above, CIFs should submit to CySEC data regarding high earners (i.e. staff member(s) earning a remuneration of at least EUR 1 million in the reported financial year) so as for the latter to submit such information to EBA.
Please note that high earners data should be reported, as applicable, at the level of consolidation set out in Article 7 of IFR and should concern all the high earners’ data for all entities and branches within the highest level of prudential consolidation. In the case of standalone investment firms, high earner’s data should be reported on an individual basis. The data submitted should also include data relevant to EU/EEA branches.
In this respect, please note the following:
- Where CIFs do not have high earners to report, it is not necessary to submit this information, unless explicitly requested by the CySEC.
- High earners data should be submitted to CySEC each year for any given financial year by the 15th of June of the next calendar year.
- It is clarified that high earners’ data should be submitted by the 31st of August 2023 the latest, regarding the financial year 2022.
3. Method of submission:
The information outlined in points 1 and 2 above should be submitted through CySEC’s XBRL Portal only, which is expected to be updated by the 30th of June 2023.
CIFs are urged to consider the Guidelines on benchmarking & Guidelines on high earners and where necessary, take actions to ensure compliance with their provisions.
Should you have any further questions, please do not hesitate to contact us at info@apapageorgiou.com.
Disclaimer: The information contained in this article is provided for informational purposes only, and should not be construed as financial or investment or legal advice on any matter. Andria Papageorgiou Law Firm is not responsible for any actions (or lack thereof) taken as a result of relying on or in any way using information contained in this article and in no event shall be liable for any damages resulting from reliance on or use of this information.