Recently, The New York Times published an article[1] detailing alleged issues at the New Museum of Contemporary Art in New York City, highlighting most prominently matters concerning compliance with employee safety and import regulations. The article—which also flagged various other possible governance and/or compliance failures at the New Museum such as matters concerning board oversight, executive compensation, and physical asset protection—serves as a timely reminder that regulatory compliance is key not just for corporate organizations, but for nonprofit ones as well. This post describes the major risks facing nonprofits who fail to meet regulatory requirements. A few regulatory areas (safety, cybersecurity, and international trade and sanctions) are also discussed below, as examples of compliance challenges facing nonprofits. Finally, this post considers basic general steps nonprofit organizations can take to examine their regulatory responsibilities and compliance procedures as a whole.
Author Archives: Antonia Miller
CFTC Enforcement Division Issues Compliance Program Guidance
by Elizabeth Mitchell, Anjan Sahni, Daniel Schubert, Paul Architzel, Petal Walker, Matthew Beville, and Rob Greffenius
On September 10, 2020, the Commodity Futures Trading Commission’s (CFTC, or the Commission) Division of Enforcement (Division) director issued a memorandum to Division staff setting forth a framework for evaluating the effectiveness of a company’s compliance program in the context of an enforcement matter (Guidance).[1] The Guidance follows the Division’s May 2020 guidance on determining civil monetary penalties in enforcement actions (Penalty Guidance) and the Department of Justice’s (DOJ) June 2020 revisions to its guidance “Evaluation of Corporate Compliance Programs,” originally published in 2017 (DOJ Guidance).[2]
While the memorandum largely consolidates and formalizes existing CFTC guidance, and is consistent with the more detailed DOJ Guidance,[3] it provides some additional insight into the emphasis the Division places on the scope and speed of remediation in the enforcement process. These insights continue the Commission’s ongoing commitment to provide more transparency into its deliberative process,[4] and serve as helpful guideposts to market participants as they structure and enhance their existing compliance programs.
New York City Bar Association Releases Report on CCO Liability: Four Recommendations for Regulators
by Pat Campbell, Adam Felsenthal, Scott Gluck, Pat Nicholson, Marc Tobak, and Michael McMaster
At every financial firm subject to the relevant regulatory regimes, there is at least one person serving as Chief Compliance Officer (CCO) charged with creating and enforcing a compliance manual and ensuring that the firm complies with its legal and regulatory obligations. The functions CCOs serve ultimately protect investors. At large institutions, there can be hundreds or even thousands of people involved in compliance efforts. However, in recent years, these essential gatekeepers have faced increased regulatory focus on holding them personally liable for institutional failures, often arising out of assessments made in hindsight regarding what compliance officers or programs ought to have detected or prevented.
The Compliance Committee of the New York City Bar Association recently issued a report (the “Report”) detailing its concerns about compliance officer liability and calling on regulators to provide limitations and guidance on when a compliance officer should be charged.[1] The concerns in the Report are summarized below.