The so-called “Panama Papers” have already yielded some pretty juicy information that’s got politicians around the world scrambling, and has even led to one resignation. And with terabytes of data to comb over, it’s safe to say this scandal is just getting started.

The Panama Papers are actually about 11.5 million files leaked from Mossack Fonseca, a Panamanian law firm. Though the files have been out in the relative open for a few days, it’s a mammoth data dump, and there’s plenty to parse through. But as this story continues to develop, here’s some things to keep in mind as more stories rear their head.

 

Not illegal—per se

There’s still a lot of information to comb through, but the biggest reveals from early reporting come in the form of offshore bank accounts.

It’s probably not news to anyone that many rich people have money in offshore accounts. What is newsworthy is the fact that twelve current and former national leaders are implicated in the Panama Papers as having engaged in such material, amongst about 143 politicians (at the time of this writing) or their family, friends, and close associates who have been revealed to use offshore tax havens.

Which, of course, is not inherently illegal. There are many legitimate reasons someone might use offshore structures. But there are also some illegitimate reasons, and as Philip Segal writes on The Ethical Investigator, it’s that potential betrayal that may be causing the uproar:

Those were the big news-making events, even though people from 51 countries (plus the Palestinian Authority) were reported to be using Panamanian companies set up by a particular law firm.  

The reason the people from U.K. and Iceland led the news with this leak? Our money is on the theory that they are the only ones from countries in the report that are the among the world’s 20 least corrupt countries, according to the latest Transparency International Corruption Perceptions Index.

About half the countries that make it into the Panama Papers rank as less corrupt than the median Transparency International corruption ranking for 2015. But that still means only that they are perceived to be less corrupt than China, Colombia and Liberia.

That Fifa has apparently utilized offshore options should—after last year’s corruption investigation—surprise no one. But most citizens of Iceland had no such reasons to suspect something was amiss. Which is why the country flew into such a flurry, protesting for and ultimately receiving the Prime Minister’s resignation after it came out that his wife held an offshore company with big claims on collapsed Icelandic banks.

Of course he wasn’t the only leader implicated. A network of offshore deals and loans reportedly worth around $2 billion was traced back to Russian President Vladimir Putin. And though United Kingdom PM David Cameron has called for greater transparency in tax havens and a clampdown on aggressive tax avoidance, his late father was revealed to have hired Bahamian residents to help keep his offshore company exempt. Nawaz Sharif, Pakistan’s prime minister; Ayad Allawi, ex-interim prime minister and former vice-president of Iraq; Petro Poroshenko, president of Ukraine; and Alaa Mubarak, son of Egypt’s former president were also amongst the national leaders discovered to have offshore wealth. And if you’re a betting person, there’s a good chance that’s not where the list ends.

 

The breadth of 11.5 million files

Photo Credit: MrkJohn cc
Photo Credit: MrkJohn cc

Mossack Fonesca is not a financial firm. It’s a law firm. A firm that’s acted for more than 300,000 companies now lost about 2.6 terabytes of documents.

The scope of that is truly staggering. For comparison, when WikiLeaks released U.S. diplomatic cables in 2010 we were dealing with about 1.7 gigabytes. The offshore secrets released by Edward Snowden were around 260 gigabytes. This dump is about ten times that.

Which means it’s possible that the millions of documents ultimately reveal more beyond offshore tax havens. Like, for instance, that Fifa’s current president (read: the president instituted last year in the wake of former president Sepp Blatter’s alleged involvement with criminal activity) may have been involved with illegal TV deals when he was director of legal services at Uefa. How about that the CIA were using the Mossack Fonseca to help operatives and gunrunners establish shell companies? Or that President Obama and then-Secretary of State Hillary Clinton pushed a trade deal amidst warnings that it would make money laundering and tax evasion worse? Meanwhile The Miami Herald is using the Panama Papers to look into how secret offshore money helps fuel Miami’s luxury real-estate boom.

Though the U.S. press has been a bit muted on the subject so far, Trevor Timm of The Guardian expects it to become a major issue in the upcoming election:

It remains to be seen whether any well-known US politicians will end up caught in the Panama Papers’ web. But individual corruption is really beside the point. Politicians are complicit in this scandal no matter whether they are named or not. For years, they have accepted campaign donations from the country’s largest corporations and wealthiest individuals, who have a vested interest in preserving tax havens. In return, they’ve made sure that any wealth parked overseas stays far out of the reach of US law enforcement.

At every election there is vague talk of “closing” tax loopholes and ending off-shore tax hideouts. Soon afterwards, however, those issues are conveniently forgotten about. This time it should be different – not least because there is a candidate campaigning to be president who warned of exactly this scenario.

 

Say it with me: Security, Security, Security

So far not much has been written about how the leak happened. All we know is that an anonymous source contacted the german newspaper Süddeutsche Zeitung about a year ago, and they shared their intel with the International Consortium of Investigative Journalists (ICIJ).

But though this leak carries a colossal weight with it, it’s a law firm leak at heart. Lawyers have been hearing for a while about why it’s imperative they get on board with cybersecurity, and there’s always something for firms to learn—or hopefully review—about security.

Review that cyber insurance policy of yours, double check how employees use their email to communicate with clients and make sure passwords aren’t just “password” or something else easy to guess. And as Capterra’s legal software blog notes, don’t think that email is the only thing that could leave your firm vulnerable:

Lawyers and other law firm employees are working everywhere. That means their phones are now as connected to sensitive law firm data as their computers are. But are they as secure? A lost phone is less a question of whether and more a question of when. Make sure it isn’t a catastrophe.

Whether you have a BYOD (bring your own device) policy or issue phones to employees, it’s important they are protected with very strong passwords, ideally along with a password management utility. Passwords should be changed regularly, and ideally comprise a random assortment of numbers, capitalized and lowercase letters, and symbols.