Employment in Financial Services

Anyone in an executive position (i.e. members of the legal administrative body, the effective management and independent controllers) at a financial institution must, at all times, have the necessary professional standing and expertise to perform their duties.

This will be assessed by the NBB through standard forms to complete if there is a new appointment, new elements during employment, termination of appointment or renewal of appointment.

"N-1" effective managers must meet the same criteria, but authorisation by the NBB is not necessary (see question 2).

Yes, special certification is required for financial services employers to undertake their duties.

The CPA-10 (ANBIMA Series 10 Professional Certification) is designed for professionals who distribute investment products for retail in bank branches or service platforms.

The CPA-20 (ANBIMA Series 20 Professional Certification) is for professionals who distribute investment products to clients in the high-income retail, private, corporate, and institutional investor segments in bank branches or on service platforms.

The CEA (ANBIMA Certification of Investment Specialists) is a certification that qualifies financial market professionals to act as investment specialists. These specialists can recommend investment products to clients in different segments and advise account managers.

The CFG (ANBIMA Certification of Fundamentals in Management) is for certified professionals who know the sector's technical basis, which is an advantage for occupying various positions in asset-management companies.

The CGA (ANBIMA Manager Certification) qualifies professionals to work with the management of third-party resources in fixed-income investment funds, shares, foreign exchange, multimarket, managed portfolios, and index funds.

The CGE (ANBIMA Manager Certification for Structured Funds) qualifies professionals to work with third-party resource management in the structured products industry.

Since 1 July 2010, the FMA General Regulation requires investment services providers to pass an examination to ensure that certain employees have a minimum knowledge base in the field.

This applies to salespersons, managers, financial instrument clearing managers, post-trade managers, financial analysts, financial instruments traders, compliance and internal control officers, and investment services compliance officers.

Since 1 January 2020, the following must also obtain certification: natural persons acting as a financial investment advisor; natural persons with the power to manage the legal person authorised as a financial investment advisor; and persons employed to provide investment advice by the legal person authorised as a financial investment advisor.

FMA certification must be obtained within a maximum of six months of the beginning of that person’s employment with an investment services provider. Certification is issued by FMA-certified organisations.

People already in practice before 1 July 2010 are exempt from this certification. This is known as a grandfather clause.

In addition to this minimum knowledge requirement, certain professionals are subject to an assessment of their knowledge and skills. This applies to natural persons who provide not only information but also financial advice, and generally takes the form of an annual evaluation interview.

Taking on certain tasks requires prior proof of competence, which varies depending on the financial services sector and the role. As an example, investment services must notify BaFin of investment advisors, sales representatives, and compliance officers, who in each case must be knowledgeable and reliable, and whose expertise must be reviewed at least annually (section 87, WpHG and the corresponding Employee Notification Ordinance). Institutions must deliver proof of professional suitability (ie, sufficient theoretical and practical knowledge of the relevant business and management experience) and reliability for certain key employees, managing directors, and members of the supervisory or administrative board (sections 25c paragraph 1 and 25d paragraph 1 KWG, sections 20 and 21 WpIG).

SFC

The “Guidelines on Competence” published by the SFC lists the necessary qualifications for employees carrying on regulated activities. For academic qualifications, employees should attain at least Level 2 in either English or Chinese as well as in Mathematics in the Hong Kong Diploma of Secondary Education or equivalent. In addition, employees are expected to obtain recognised industry qualifications and pass the local regulatory framework paper. For responsible officers (ROs), the SFC requires higher levels of educational qualifications and experience.

IA

The “Guideline on ‘Fit and Proper’ Criteria for Licensed Insurance Intermediaries Under the Insurance Ordinance” published by the IA sets out the education requirements for licenced employees under the IO. Higher levels of educational qualifications are required for responsible officers.

The recruitment of financial services employees for public-sector enterprises may be done through competitive scores secured through multi-level tests held for generalist and specialist posts. For instance, the Institute of Banking Personnel Selection conducts tests for selection for public sector banks; and the Securities and Exchange Board of India (SEBI), LIC, etc, hold similar tests for their recruitment.

In terms of industry practice, eligibility to appear at the preliminary levels or the final interview stages of the above tests may sometimes require certain specific certifications (eg, computer certifications for clerical posts in the banking sector. These certifications are prescribed by industry regulators and are actioned by industry collectives. For instance, the RBI[1] has made it mandatory for all banking and non-banking financial institutions to obtain certification for their employees. Industry collective the Indian Banking Association provides such certifications in specific areas like treasury operations, risk management, accounting and credit management. Along with this, further certifications may also be required for Anti-Money Laundering (AML), Know Your Customer (KYC), compliance with foreign exchange regulations, awareness of legal aspects of cyber security, etc.[2]

Similarly, the National Institute of Securities Markets (NISM), an institute promoted by SEBI, accredits institutions that coach and certify wealth management advisors. NISM-accredited qualifications are compulsory for wealth managers in the capital market segment. Also, the Indian Institute of Banking and Finance (IIBF) gives certification for Debt Recovery Agents based on RBI guidelines. Various collectives like the Fixed Income Money Market and Derivatives Association of India, Foreign Exchange Dealers Association of India and the Institute of Company Secretaries of India, inter alia, collaborate with the IIBF in the certification process in the treasury, forex and compliance sectors. The IIBF’s certification for customer service, KYC/AML programmes of the IIBF, and other similar certified courses from the NISM/AMFI/IRDA etc, are essential before hiring employees for certain specialised roles.

As part of the registration process, the SEBI regulations relating to portfolio managers and investment advisors require certain specific employees to be employed with minimum qualifications.

Yes, under the Minimum Competency Regime (see question 1), employees who perform certain prescribed functions and roles in prescribed RFSPs such as insurance businesses and credit unions, must meet the required competencies and qualifications standards.

The 2023 Act also introduces a new requirement that persons can only be permitted to perform a CF role (including a PCF role) where a certificate of compliance with the F&P Standards given by the firm is in force (Certification Regime).

As part of the Certification Regime, a certificate of compliance may only be given if:

1. the firm is satisfied on reasonable grounds that the person complies with the F&P Standards; and
2. the person has agreed to abide by the F&P Standards and to notify the firm without delay if for any reason they no longer comply with the F&P Standards.

Yes, please see question 2.

Any individual performing a prescribed key role must be pre-approved by the IoM FSA and be certified as “fit and proper”. The IoM FSA has issued detailed guidance for financial institutions that set out the criteria that they normally apply in considering the fitness and propriety of individuals who wish to undertake Controlled Functions. Appendix 2 of the guidance contains a table setting out which Controlled Functions require consent and which functions are notification only.

Guidance can be found here: https://www.iomfsa.im/media/2464/regulatoryguidancefitnessandpropriety.pdf

Employees in general positions are not required to obtain specific certification to perform their duties within financial entities. However, in brokerage houses, individuals involved in operations with the public, counselling, promotion and, if applicable, acquisition and sale of securities, must be authorised by the CNBV and obtain a certification issued by a regulated body recognized by the CNBV.  

The CNBV and CNSF, as applicable, may caution, remove, adjourn, or disqualify board members and the general manager if they believe the individual does not comply with legal requirements to occupy such positions or if their conduct constitutes a breach of applicable laws and regulations.

According to Dutch law, financial services sector companies must guarantee the quality of their services. This means, among other things, that they must have skilled employees for the subjects on which they advise. After all, the consumer must be able to trust that an employee has the right knowledge and skills to provide appropriate advice.

Therefore, all financial services sector employees with substantive customer contact must have up-to-date professional competence at all times. This means that employees must be skilled, aware of current developments in their field, and can apply these in their work. The obligation to maintain up-to-date professional competence at all times is an open standard. Financial services companies may, therefore, decide for themselves how to implement this standard.

There is, however, a mandatory Wft diploma requirement for employees who provide financial advice. Which products and services an employee may provide advice on depends on the specific Wft diplomas he or she has obtained (after passing an exam). A Wft diploma is valid for a definite period (with a maximum of three years). To renew a Wft diploma, an employee must pass a new exam.

Furthermore, all candidates who will (co-)determine the policy of a financial services company must also be assessed by local authorities and will be tested for reliability and suitability.

Representatives, senior management employees and other office holders may require MAS’ approval prior to an appointment or assuming an office (see question 2).

In particular, MAS must be notified of the appointment of representatives providing financial advisory services under the Financial Advisers Act 2001 or carrying out regulated activities under the Securities and Futures Act 2001 (dealing in capital markets products, advising on corporate finance, fund and REIT management, product financing, providing credit ratings or custodial services). With some exceptions, they must be at least 21 years old, satisfy minimum academic qualification requirements, and complete prescribed modules of the Capital Markets and Financial Advisory Services examinations.

Depending on the status of the employing entity and the position of the financial services employee, a special certification or, more generally, proof of relevant work experience and sufficient education is required.

As a general rule, persons holding executive, overall management, oversight or control functions (eg, a member of the board, CEO, compliance officer, risk officer or their deputies) in regulated companies such as banks, insurance companies, securities firms, fund management companies, managers of collective assets or asset managers are required to demonstrate to FINMA that they have sufficient relevant work experience and education. As proof, FINMA requests current CVs, diplomas, certifications and contact details of references. The scope and nature of the future business activity and the size and complexity of the company in question also need to be considered.

Furthermore, client advisers of so-called financial service providers (eg, investment advisers) must have sufficient expertise on the code of conduct and the necessary expertise required to perform their work. Client advisors often prove that these requirements have been met by successfully attending special courses. In addition, insurance intermediaries registered with FINMA’s insurance intermediary register have to prove that they have undergone sufficient education and have sufficient qualifications. For this purpose, FINMA has published a list of different Swiss and foreign educational qualifications deemed to be sufficient on its website.

As noted in question 2 -, employees undertaking certain regulated roles must obtain the pre-approval of the relevant regulatory authority.  The regulators in each case will assess the fitness and propriety of the relevant individual.
 

See question 2.

All individuals performing an SMF, as classified by the FCA or PRA, will be subject to the SMR. SMFs are described in the Financial Services and Markets Act 2000 (FSMA) as functions that require the person performing them to be responsible for managing one or more aspects of a firm’s affairs authorised by the FSMA, and those aspects involve, or might involve, a risk of serious consequences for the firm or business or other interests in the UK. As noted, any individual performing an SMF will need to be pre-approved by the relevant regulator before they can start their role, and thereafter they must be certified as fit and proper by their firm annually. Applications to the regulator for pre-approval must disclose all matters relating to a candidate’s fitness and propriety and be accompanied by a statement of responsibilities. Firms must carry out a criminal records check as part of the application for approval.

Additionally, employees of firms who are not senior managers but who, because of their role, could still pose a risk of significant harm to the firm or any of its customers, may be subject to the CR. The certification functions that place an employee within the ambit of the CR are different under the rules of the FCA and the PRA but include persons such as those dealing with clients or those subject to qualification requirements. These employees must be certified by their firm as fit and proper for their roles both at the outset of their employment and on an annual basis thereafter (certified staff). Firms are not required to carry out criminal records checks for certified staff, but firms can choose to do so to the extent it is lawful.

The regulators have set out detailed guidance for firms to consider when assessing an individual’s fitness and propriety. This includes assessing an individual’s honesty, integrity and reputation; competence and capability; and financial soundness.

For an individual’s FINRA registration to become effective, they must pass the Securities Industries Essentials examination. FINRA rules also require registered persons to participate in continuing education courses. Failure to do so may result in a covered person’s registration being deemed inactive until the requirement has been satisfied.

California Financing Law requires the licensing and regulation of finance lenders and brokers making and brokering consumer and commercial loans, unless exempt.

Employees must not, both during and after the termination of the contract, obtain, use or unlawfully disclose a business secret he or she became aware of in the course of his or her professional activity, or disclose the secrecy of any matter of a personal or confidential nature of which he or she became aware in the course of his or her professional activity (article 17, 3°, a, Employment Contracts Act).

The company can include a NDA in the employment contract to underline what is considered confidential information. A penalty clause (with a lump sum to be paid) can be foreseen in case of a breach after the end of the employment contract, but not during the period of the employment relationship. This is because of the prohibition on restricting the rights of employees or increasing their obligations in comparison with what is foreseen by the Employment Contracts Act (article 6).

Yes, non-disclosure agreements (NDAs) are potentially lawful in Brazil. The applicable rules are the same as for any legal transaction: expression of will, legality of the object, and compliance with the law.

As a rule, NDAs are a consequence of professional activity and do not require specific consideration.

Protected information is specific to the contractor (employer) and shared with the employee during the execution of the contract (strategies, customers, commercial secrets, etc).       

General information belonging to the employee due to his or her academic training and previous professional experience is not included in NDAs.

All actors in the financial services sector are bound by strict professional and banking secrecy.

But beyond the professional secrecy that is inherent to the employment contract, there may be an interest in particular circumstances to strengthen this requirement and make it an obligation of absolute professional secrecy. This is legal under French law and generally takes the form of a confidentiality clause (non-disclosure) inserted in the employee's employment contract.

In principle, a confidentiality clause, which includes an obligation of professional secrecy to which the employee is bound as well as an obligation of discretion, is not subject to any particular conditions. In particular, it does not require the payment of any financial consideration.

On the other hand, when an employee by an agreement or transaction goes further and waives his freedom of expression, the case law sets stricter conditions of validity. The agreement must be adapted, necessary and proportionate to the aim sought.

Confidentiality clauses must also comply with any obligations in terms of transparency, the fight against corruption and influence peddling provided for by Law No. 2016-1691 of 9 December 2016.

The only entities against which banking secrecy cannot be invoked are the French Prudential Supervision and Resolution Authority, the Banque de France and the judicial authority acting in the context of criminal proceedings (article L. 511-33 of the Monetary and Financial Code). On the other hand, bank secrecy is enforceable in civil court proceedings, as confirmed by abundant case law.

Under German law, it is permissible to enter into non-disclosure and confidentiality agreements. In practice, NDAs are usually agreed upon in written or text form, although this is not legally required. If drafted for use in multiple cases, NDAs are subject to a particularly strict test to be effective: they must be transparent and may not unduly burden the employee under General Terms and Conditions legislation. NDAs should, therefore, only relate to very limited and specific information.

In practice, NDAs are difficult to enforce as it is the employer who must prove a culpable breach of contract, as well as damages resulting from such a breach. Employers should, therefore, also use other means to ensure data protection and confidentiality, such as properly defining and protecting business secrets under the Business Secrets Act; and implementing technical and organisational measures to limit access to certain information, which may include sharing information only on a need-to-know basis.

Non-disclosure agreements are legally enforceable in Hong Kong. They follow the contract law rules and there is no other particular form or rules. To be enforceable, a non-disclosure agreement must protect information that is both confidential and valuable. There are common exceptions where confidentiality will not apply to certain information, including information available in the public domain, information lawfully received from a third party without proprietary or confidentiality limitations, information known to the employee before first receipt of same from the employer, and information disclosed in circumstances required by law or regulatory requirement.

NDAs are governed by the Indian Contract Act, 1872 and are generally lawful in India.

Generally, post-contract restrictive covenants like non-compete clauses that restrain a person’s exercise of lawful trade, profession or business are declared void because of Section 27 of the Indian Contract Act.

The enforceability of NDAs may be affected if they restrain an employee from exercising a lawful profession, trade or business. Accordingly, an NDA crafted to protect the “confidential information” of the former employer but not to impose the above-mentioned restraints on the employee is saved from any clash with Section 27 of the Indian Contract Act and is, therefore, enforceable in the courts of law in India. If NDAs prohibit an employee from disclosing commercial or trade secrets, then they cannot be held to be in restraint of trade. This was observed by the Bombay High Court in VFS Global Services Pvt Ltd v Mr Suprit Roy[1].

Yes. It is possible to use NDAs in Ireland and it is quite common for them to be used, but there are some limitations on their use and enforceability.

Certain mandatory reporting obligations will override a contractual non-disclosure agreement, such as the requirement for PCFs under section 38(2) of the CBI (Supervision and Enforcement) Act 2013 to disclose certain matters to the CBI.

Further, an NDA cannot extinguish an employee's right to anti-retaliation protection where the employee makes a protected disclosure either internally or externally under the Protected Disclosures Act 2014 - 2022.

Yes, non-disclosure agreements are potentially lawful in the Isle of Man. A contract of employment may also contain confidentiality provisions for financial services employees. However, a non-disclosure agreement or confidentiality clause would not (and could not) prevent a financial services employee (or any employee) from making a protected disclosure, (ie, a disclosure made by an employee where they reasonably believe there is serious wrongdoing within the workplace (whistleblowing)).

A financial services employee may, furthermore, be subject to a legal requirement to disclose information in certain circumstances that might override an NDA. For example, an individual can be compelled to provide information by the IoM FSA during an interview, and such compulsion will generally override an employee’s duties of confidentiality. Alternatively, an individual can be subject to a requirement to disclose information in the context of legal proceedings (eg, by court order).

Non-disclosure provisions under Mexican law are applicable and enforceable. All information to which employees have access, given their position and services, regarding third parties and deemed sensitive or confidential (ie, non-public information) may not be disclosed at any time after the termination of employment or used for any other purposes.

The breach of non-disclosure obligations of confidential information and trade secrets may lead to economic sanctions or imprisonment. The disclosure of confidential information or using it to an employer’s detriment is an offence under criminal law. Also, employees that breach confidential obligations may have to pay damages to the affected party.

Pursuant to article 186 of the general provisions applicable to brokerage houses, internal policies must be in place to establish guidelines and procedures for the use, management, conservation and, as applicable, destruction of books, records, documents, and other information; and must guarantee the adequate use and control of documents containing the confidential information of clients. Also, these entities must establish strict controls to avoid the improper use of books, records, and documents in general.

According to the Law to Regulate Technological Finance Institutions, entities must include measures and policies to control operational risks within their filing for authorisation at the CNBV. They must also provide information security and confidentiality policies, with evidence of secure, trustable and precise technological support for their clients and with minimum standards of security to ensure the confidentiality, availability and integrity of information, as well as to prevent fraud and cyberattacks.

Additionally, financial entities must guarantee the security and integrity of the information, and implement security measures to preserve the integrity and confidentiality of the information generated, stored, or processed.

Lastly, under the Federal Law for the Prevention and Identity of Transactions with Illegally Obtained Resources, filing notices, information and documentation related to vulnerable activities to the SHCP does not qualify as a breach of confidentiality obligations.

Since there is no specific legislation on NDAs under Dutch law, the general principle is that NDAs are permitted.

NDAs may never prevent a financial sector employee from reporting or revealing suspected misconduct.

NDAs are generally lawful in Singapore, although the extent of their enforceability depends on their contents. For example, restrictive covenants can be subject to further scrutiny (see question 13). While not subject to any particular form or rules, employers should take particular care to specify the type of information protected under the NDA, so that employees have a clear understanding of the protected information – and to enhance the enforceability of the NDA.

Under Singapore common law, in addition to breach of contract, a party may also bring an action for breach of confidence. A plaintiff will have to show on the facts that the information is confidential and was imparted in circumstances giving rise to an obligation of confidence (including if confidential information has been accessed or acquired without a plaintiff’s knowledge or consent), which will then invoke the presumption of a breach of confidence. The burden will then fall on the defendant to rebut this presumption.

Non-disclosure agreements (NDAs) are generally lawful in Switzerland. However, NDAs are not regulated by statutory law and therefore do not have to follow any particular statutory form or rule. Nevertheless, most NDAs often contain a similar basic structure.

The core clauses of an NDA concern:

• manufacturing and business secrets or the scope of further confidentiality;
• the purpose of use;
• the return and destruction of devices containing confidential information; and
• post-contractual confidentiality obligations.

As a general rule, it is recommended to use the written form.

To ensure possible enforcement of an NDA in the employment context, the requirements of a post-contractual non-compete obligation (see below) must be met.

Non-disclosure agreements may be used in the UAE (including DIFC and ADGM free zones).  There are no particular requirements regarding the form or rules for those NDAs.

NDAs (also known as confidentiality agreements) are potentially lawful and enforceable in the UK. It is common to include NDAs in employment contracts (to protect the confidential information of the employer during and after employment) and in settlement agreements (to reiterate existing confidentiality obligations and to keep the circumstances of the settlement confidential).

NDAs do not need to follow a particular form, but they must be reasonable in scope. Following #MeToo, there has been considerable government, parliamentary, and regulatory scrutiny of the use of NDAs and their reasonableness in different circumstances.

The following limitations on NDAs should be noted:

• By law, any NDA purporting to prevent an individual from making a “protected disclosure” as defined in the Employment Rights Act 1996 (ie, blowing the whistle about a matter) is void.

• The regulatory body for solicitors in England and Wales, the Solicitors Regulation Authority (SRA), has issued a detailed warning notice and guidance to practitioners setting out – in its view – inappropriate or improper uses of NDAs. Failure to comply with the SRA’s warning notice may lead to disciplinary action. The SRA lists the following as examples of improper use of NDAs:

• • using an NDA as a means of preventing, or seeking to impede or deter, a person from:
    • cooperating with a criminal investigation or prosecution;
    • reporting an offence to a law enforcement agency;
    • reporting misconduct, or a serious breach of the SRA’s regulatory requirements, to the SRA, or making an equivalent report to any other body responsible for supervising or regulating the matters in question; and
    • making a protected disclosure;
    • using an NDA to influence the substance of such a report, disclosure or cooperation;
    • using an NDA to prevent any disclosure required by law;
    • using an NDA to prevent proper disclosure about the agreement or circumstances surrounding the agreement to professional advisers, such as legal or tax advisors, or medical professionals and counsellors, who are bound by a duty of confidentiality;
    • including or proposing clauses known to be unenforceable; and
    • using warranties, indemnities and clawback clauses in a way that is designed to, or has the effect of, improperly preventing or inhibiting permitted reporting or disclosures being made (for example, asking a person to warrant that they are not aware of any reason why they would make a permitted disclosure, in circumstances where a breach of warranty would activate a clawback clause).
       
• The Law Society of England and Wales, a professional association representing solicitors in England and Wales, has issued similar guidance (including a practice note) on the use of NDAs in the context of the termination of employment relationships.
• Other non-regulatory guidance on the use of NDAs has also been issued, including by the Advisory, Conciliation and Arbitration Service and by the UK Equality and Human Rights Commission.

Care should be taken accordingly to ensure that the wording of any NDA complies with prevailing guidance, especially from the SRA.

Non-disclosure agreements are currently permissible under United States law with some exceptions, typically pertaining to whistleblower, harassment, and discrimination matters. On 7 December 2022, President Joe Biden signed the Speak Out Act, which prohibits the enforcement of non-disclosure and non-disparagement provisions that were agreed to before an incident of workplace sexual assault or sexual harassment occurred. In other words, it does not prohibit these provisions in settlement or severance agreements.

Both Dodd-Frank and SOX prohibit employers from impeding an individual’s whistleblowing process. Confidentiality provisions should expressly authorise employee communications directly with, or responding to any inquiry from, or providing testimony before the SEC, FINRA, any other self-regulatory organisation or any other state or federal regulatory authority.

The United States Tax Cuts and Jobs Act of 2018 discourages NDAs in the settlement of sexual harassment claims. Under this law, employers settling claims alleging sexual harassment or abuse that include a confidentiality or non-disclosure provision in the settlement agreement cannot take a tax deduction for that settlement payment or related attorneys' fees.

Under the National Labor Relations Act, employees (except for supervisors) cannot be prohibited from discussing their compensation or working conditions

California

• California Law prohibits NDAs that would prevent employees from discussing or disclosing their compensation or discussing the wages of others. However, California permits the use of a non-disclosure provision that may preclude the disclosure of any amount paid in any separation or settlement agreement.
• California imposes restrictions on the use of non-disclosure provisions that are designed to restrict an employee's ability to disclose information about unlawful acts in the workplace, including information pertaining to harassment or discrimination or any other conduct the employee has reason to believe is unlawful in employment agreements, settlement agreements, and separation agreements.
• California employers cannot:
  • require employees, in exchange for a raise or a bonus, or as a condition of employment or for continued employment, to sign any non-disparagement or non-disclosure provision that denies the employee the right to disclose information about unlawful acts in the workplace;
  • include in any separation agreement a provision that prohibits the disclosure of information about unlawful acts in the workplace; or
  • include a provision within a settlement agreement that prevents or restricts the disclosure of factual information related to claims for sexual assault, sexual harassment, workplace harassment or discrimination, retaliation, or failure to prevent workplace harassment or discrimination that are filed in a civil or administrative action, unless the settlement agreement is negotiated, which means that the agreement is voluntary, deliberate, informed, provides consideration of value to the employee, and the employee is giving notice and an opportunity to retain an attorney or is represented by an attorney.

New York

• New York law prohibits NDAs that:
  • prevent an employee from discussing or disclosing their wages or the wages of another employee.
  • prevent an employee from disclosing factual information related to a future discrimination claim, unless the agreement notifies employees that it does not prevent them from speaking to the EEOC, the New York Department of Human Rights, and any local human rights commission or attorney retained by the individual.

New York law also prohibits employers from mandating confidentiality or non-disclosure provisions when settling sexual harassment claims (though allows such provisions where it is the employee’s preference to include them).