CFTC Begins Its Enforcement of NDA Rule with Action Against Trafigura

Photo courtesy of the author

On June 17, 2024, Trafigura Trading LLC (“Trafigura”) agreed to pay $55 million to settle charges brought by the Commodity Futures Trading Commission (“CFTC”) that they “traded gasoline while in knowing possession of material nonpublic information, . . . manipulated a fuel oil benchmark to benefit its futures and swaps positions,” and notably that they violated CFTC Regulation 165.19(b) by “requir[ing] its employees to sign employment agreements, and request[ing] that former employees sign separation agreements containing non-disclosure provisions prohibiting them from disclosing company information, with no exception for law enforcement agencies or regulators.” This is the CFTC’s first enforcement of Regulation 165.19(b).

Continue reading →

Shining a Light on the Shadows: A Data-Driven Look at Global Anti-Corruption Efforts

by Leonardo Borlini

Photo courtesy of the author

Corruption has been the target of significant international efforts in recent decades. A complex web of international treaties and monitoring mechanisms has emerged, aiming to curb this global scourge. But how effective are these efforts? Are countries truly implementing and complying with their international anti-corruption commitments?

In my recent study, Compliance Mechanisms as a Diagnostic and Prognostic Tool for the Evolution of the International Anti-Corruption Cooperation: A Data-Driven Study, forthcoming in 22(2) International Constitutional Law Journal (2024), I try to shed light on these questions. Using innovative text-as-data analysis, the study delves into the vast trove of evaluation and compliance reports produced by the monitoring mechanisms established by the main international anti-corruption. The findings offer a comprehensive assessment of the successes, failures, and enduring challenges in global anti-corruption cooperation.

Continue reading →

Dutch Data Protection Authority Imposes a Fine of 290 Million Euros on Uber

by Sarah Pearce and Ashley Webber

Left to right: Sarah Pearce and Ashley Webber (Photos courtesy of the Hunton Andrews Kurth LLP)

On August 26, 2024, the Dutch Data Protection Authority (the “Dutch DPA”), as lead supervisory authority, announced that it had imposed a fine of 290 million euros ($324 million) on Uber. The fine related to violations of the international transfer requirements under the EU General Data Protection Regulation (the “GDPR”).

The Dutch DPA launched an investigation into Uber following complaints from more than 170 French Uber drivers to the French human rights interest group the Ligue des droits de l’Homme, which subsequently submitted a complaint to the French Data Protection Authority (the “CNIL”). The CNIL then forwarded the complaints to the Dutch DPA as lead supervisory authority for Uber.

Continue reading →

DOD’s CMMC 2.0 Program Takes Step Forward with Release of Contract Rule Proposal

by Beth Burgin Waller and Patrick J. Austin

Beth Burgin Waller and Patrick J. Austin (photos courtesy of Woods Rogers Vandeventer Black PLC)

The United States Department of Defense (DoD) took another big step on the path to instituting its highly anticipated Cybersecurity Maturity Model Certification 2.0 program (CMMC 2.0). Once finalized, CMMC 2.0 will establish and govern cybersecurity standards for defense contractors and subcontractors.

On August 15, 2024, DoD submitted a proposed rule that would implement CMMC 2.0 in the Defense Federal Acquisition Regulation Supplement (DFARS). The proposed DFARS rule effectively supplements DoD’s proposed rule published in December 2023 by providing guidance to contracting officers, setting forth a standard contract clause to be used in all contracts covered by the CMMC 2.0 program, DFARS 252.204-7021, and setting forth a standard solicitation provision that must be used solicitations for contracts covered by the CMMC 2.0 program, DFARS 252.204-7YYY (number to be added when the rule is finalized).

There is a 60-day comment period for the DFARS proposed rule, meaning individuals have until October 15, 2024, to provide public feedback on the proposal.

Continue reading →

Steering the AI Ship: Is Your Board Ready to Navigate Complexity in a Dynamic Regulatory Environment?

by Meghan Anzelc, Ph.D., Christina Fernandes-D’Souza, and Avril Ussery Sisk

Left to right: Meghan Anzelc, Ph.D., Christina Fernandes-D’Souza, Avril Ussery Sisk (Photos courtesy of authors)

Artificial intelligence (AI) has rapidly leapt to application in an ever-broadening range of human endeavors. We are in a very dynamic era, and as AI becomes more ubiquitous, there is a great deal of on-going discussion about how it will be harnessed for advancement across all aspects of our lives. Coupled with society’s understanding of exciting AI possibilities, there are growing calls for caution, and a reticence regarding placement of trust in private entities to protect the community from threats and potential misuse. There is also the increasing perception of weakness in the governance of AI by the private entities promoting the benefits and rapidly adopting the technology.

Continue reading →

Consumer Financial Protection Bureau Stands Up to Protect Whistleblowers from Overly Broad NDAs

by Benjamin Calitri

Photo courtesy of author

Protections for whistleblowers from overly expansive non-disclosure agreements (NDAs) aimed at preventing whistleblowers from providing information to law enforcement and regulators have been expanding exponentially in the past year. The Securities and Exchange Commission’s (SEC) enforcement of Rule 21F-17(a) has gained teeth by increasing the monetary sanctions for enforcement. The Commodity Futures Trading Commission (CFTC) took its first enforcement of Regulation 165.19(b) against Trafigura for the use of NDAs meant to silence whistleblowers. The latest agency to take action against overly expansive NDAs is the Consumer Financial Protection Bureau (CFPB), which has announced that their employee protection regulation applies to NDAs that seek to silence whistleblowers.

Continue reading →

PCCE to Host Senior DOJ Officials on September 17th to Discuss Newly-Announced Whistleblower Program

Photos of speakers

On September 17th, 2024, the Program on Corporate Compliance and Enforcement will host U.S. Department of Justice officials Nicole Argentieri and Brent Wible as well as other experts for a discussion on the Department of Justice’s newly-announced whistleblower pilot program.

After PDAAG Argentieri’s remarks, Brent Wible will engage in a moderated fireside chat and will be taking questions from the audience.

Following remarks and the fireside chat, there will be a moderated panel discussion by a panel of experts in corporate enforcement, compliance, and whistleblower programs from both the private sector and government. Panelists include:

Jane Norberg, Partner, Arnold & Porter LLP
Preston Pugh, Partner, Crowell & Moring LLP
Daniel Richman, Paul J. Kellner Professor of Law, Columbia Law School
Max Rodriquez, Principal and Founder, Law Office of Max Rodriguez
Andrew Weissman, Professor of Practice, NYU School of Law

The event will be in-person only at NYU School of Law. Check-in will open at 5:30 pm. The program will begin 6 PM in Lipton Hall at 108 W 3rd Street, Lower Level, New York NY 10012. There will be a reception following the event from 8:00 – 8:30 PM.

Pre-registration is required to attend. Click here to register. We expect that 2 credits of NY CLE will be offered for attendees who sign in and out at the venue.

We look forward to seeing you!

Where’s the Beef? Demonstrating “Timely & Appropriate” Remediation

by Jonny Frank, Michele Edwards, and Christopher Hoyle

Left to right: Jonny Frank, Michele Edwards and Christopher Hoyle. Photos courtesy of StoneTurn Group, LLP.

This article is part 4 in a series on remediation. Read part 1 on Root Cause Analysis here, part 2 on Read Across and Remediation here, and part 3 on Corrective Action Plans here.

Organizations seeking credit for “timely and appropriate” remediation under the DOJ’s Corporate Enforcement Policy (“CEP”) must show they conducted a comprehensive root cause analysis, addressed the root cause findings, and implemented an effective compliance program.[1] Additional guidance on DOJ expectations appears in Criminal Division memos on the evaluation of compliance programs,[2] and the selection of corporate compliance monitors.[3] The SEC has similar expectations.[4]

Building on our discussion of Root Cause Analysis (“RCA”), Similar Misconduct, and Timely and Effective Corrective Action Plans, this article suggests key steps to demonstrate the remediation and compliance program effectiveness to the board, prosecutors, regulators and other stakeholders.

Continue reading →

Risks of Cross Border Operations: Chiquita Brands International Found Liable for Financing Terrorism

by Timothy Harkness, Peter Linken, Scott Eisman, and Maylin Meisenheimer

From left to right: Timothy Harkness, Peter Linken, Scott Eisman and Maylin Meisenheimer (Photos courtesy of Freshfields Bruckhaus Deringer LLP)

Doing business in conflict zones has always been complicated. Increased litigation has compounded those risks in recent years. A June 2024 federal jury verdict against Chiquita Brands International illustrates the changing legal landscape. The jury in Florida found Chiquita liable for financing Autodefensas Unidas de Colombia (“AUC”), a Colombian paramilitary group, and awarded a bellwether group of plaintiffs $38.3 million in damages. A second bellwether trial against Chiquita is scheduled for later this year, and thousands of related claims against Chiquita remain pending. Although the Chiquita litigation has spanned almost two decades, this jury verdict represents the first liability determination and paves the way for the second bellwether trial and eventual resolution of all pending claims. As each plaintiff was awarded around $2 million, Chiquita could be facing hundreds of millions of dollars in damages as the broader litigation includes vastly more victims.

The Chiquita verdict is a signal to corporations that U.S. courts may be more willing to find them liable for actions that occurred abroad and that plaintiffs may increasingly choose to file these claims in U.S. courts. In Chiquita, the alleged actions took place in Colombia and the claims at issue were brought under Colombian law, but this is just one example among many. In Kaplan v. Lebanese Canadian Bank, for example, the Second Circuit held that the plaintiffs plausibly pleaded that Lebanese Canadian Bank had aided and abetted acts of international terrorism under the Antiterrorism Act (“ATA”) by alleging that the bank had processed transactions in Lebanon for individuals closely affiliated with Hezbollah. As companies weigh the risks of doing business abroad and how best to structure their operations, this verdict should be at the forefront of their minds.

Continue reading →

DOJ Launches New Whistleblower Incentive Program

by Kevin Chambers, Terra Reynolds, Douglas K. Yatter, and Lilia B. Vazova

From left to right: Kevin Chambers, Terra Reynolds, Douglas K. Yatter, and Lilia B. Vazova. (Photos courtesy of Latham & Watkins LLP)

DOJ’s pilot program aims to fill gaps in existing federal whistleblower programs and incentivize prompt corporate self-disclosure alongside individual whistleblower tips.

Following the March 2024 announcement of its intention to introduce a new corporate whistleblower incentive program, on August 1, 2024, the Department of Justice (DOJ) launched a three-year pilot program for rewarding whistleblowers who alert DOJ to significant corporate misconduct. DOJ’s new program, modeled after whistleblower programs run by the Securities and Exchange Commission (SEC), the Commodity Futures Trading Commission (CFTC), and the Financial Crimes Enforcement Network (FinCEN), may generate a significant number of tips about potential misconduct and adds an important new dimension for companies’ compliance measures and handling of investigations.

Continue reading →