Author Archives: Felix Zhang

Managing Risk in Compliance Staffing Decisions

by Kathryn Reimann

Prior to the Covid-19 pandemic, anecdotal and industry survey evidence suggested that compliance staff downsizing and compliance budget capping were taking place across the corporate world in response to perceived changes in the regulatory and enforcement environment.[1] More recent reports have indicated that downsizing may continue in tandem with broader budget cuts as companies take stock of their prospects in a post-pandemic world.[2] At the same time, the changing risk landscape and implementation of new programs related to addressing the pandemic or its economic impact translate into additional demands on compliance functions.

Appropriate compliance risk management, by definition, requires the periodic redeployment or readjustment of resources to address the most critical risks of the company in a changing environment. When the fortunes of a company change dramatically for the worse, down-sizing across units may be an unavoidable consequence. However, corporate compliance is subject to unique case law and enforcement standards that set a high bar for getting compliance staffing decisions right. Continue reading

The Latest Step in DOJ’s Compliance Mission: Takeaways from the Updated Guidance on Evaluating Corporate Compliance Programs

by Anthony S. Barkow, David Bitkower, Erin R. Schrantz, Keisha N. Stanford, Jessica A. Martinez, Manuel C. Possolo

On Monday, June 1, 2020, the Department of Justice (DOJ) Criminal Division released updated guidance regarding the “Evaluation of Corporate Compliance Programs (PDF: 209 KB).”  Now in its third iteration, this guidance replaces the April 2019 version (PDF: 179 KB), which originated from a set of 2017 guidelines from the Fraud Section.  The updated guidance, like prior iterations, seeks to make corporations aware of the criteria DOJ uses when evaluating compliance programs in making enforcement decisions.  In the latest version, DOJ maintains the existing structure and much of the prior content, but makes targeted changes.

The new revisions are part of a continuing trend at DOJ to more holistically assess corporate compliance programs beyond the specific issue that brought the company to the Department’s attention, jettisoning the more tailored approach of the original 2017 guidance.  In addition, the revisions amplify certain themes in DOJ’s compliance review criteria:  (1) whether a company has demonstrable processes to continuously improve its compliance program; (2) the extent to which available data is mined and analyzed to evaluate the company’s compliance efforts; and (3) how compliance is embedded in the day-to-day operations of the business and viewed by rank-and-file employees. Continue reading

CCPA Regulations Submitted to the California Office of Administrative Law for Publication

by Jeffrey P. Cunard, Luke Dembosky, Jeremy Feigelson, and Avi Gesser

It looks like the California Attorney General’s implementing regulations for the California Consumer Privacy Act (“CCPA”) are, finally, final. On June 1, 2020, the California Attorney General submitted for publication the final proposed regulations.

The California Office of Administrative Law now has 30 working days, plus an additional 60 calendar days under an Executive Order issued in connection with the COVID-19 pandemic, to review and approve the regulations. This means the regulations may not take effect until October 1, 2020. The California Attorney General has requested expedited review in hopes that the regulations can be published by July 1, 2020. Continue reading

DOJ Updates Guidance Regarding Its “Evaluation of Corporate Compliance Programs”

by F. Joseph Warin, Patrick Stokes, Michael Diamant, Laura Sturges, Chris Sullivan, Oleh Vretsona, Courtney Brown, Lora MacDonald, Caroline Ziser Smith, and Patricia Herold

On Monday, June 1, 2020, the U.S. Department of Justice (“DOJ”) Criminal Division issued, without fanfare, updated guidance on the “Evaluation of Corporate Compliance Programs” (the “Compliance Program Update” or “Update”), which sets out considerations for DOJ prosecutors to take into account when assessing corporate compliance programs, making charging decisions, and negotiating resolutions. Previous iterations of the document (covered in our 2017 Mid-Year FCPA Update and May 3, 2019 Client Alert) have been a valuable resource for companies as they design, maintain, and evaluate their corporate compliance programs, and the Update provides welcome insight into how DOJ’s thinking is evolving, particularly with respect to risk assessments, monitoring, and resources. Assistant Attorney General Brian Benczkowski noted that the Update “reflects additions based on [DOJ’s] own experience and important feedback from the business and compliance communities.” Continue reading

Navigating Cross-Border Data Transfers: Lessons from the Sedona Conference Commentary

by Matthew Kelly and Will Schildknecht 

New commentary from a respected think tank attempts to provide guidance on cross-border data transfers. The guidance proposes principles for determining which country’s law to apply to a cross-border transfer. Although there is no guarantee that the guidance will gain favor with courts or regulators, it is an important indicator of what the future may hold for this important and undeveloped area of law. While the commentary does not provide concrete steps to lawfully effect cross-border data transfers today, companies can infer several lessons, detailed below, from the issues highlighted in the commentary. Continue reading

Investor Advisory Committee Urges SEC to Advance Mandatory ESG Disclosures

by David M. Silk, David A. Katz, Sabastian V. Niles, and Carmen X. W. Lu

The U.S. Securities and Exchange Commission’s (SEC) Investor Advisory Committee (IAC) has recommended (PDF: 241 KB) that the SEC begin an “earnest” effort to update reporting requirements to include “material, decision-useful, ESG factors.” The IAC recommendation was high level and modest: it neither endorsed any particular disclosure framework nor made any specific prescriptions. Rather, recognizing the growing demand from investors and other market participants for standardized, comparable and reliable ESG data, and concluding that the SEC is best positioned to set a framework, the IAC recommendation calls on the SEC to begin outreach to investors, issuers and other market participants to develop “well-constructed, principles-based reporting.” The IAC reasoned that if the SEC does not take the lead with this type of disclosure, it is highly likely that U.S. issuers will be bound to follow standards imposed by other jurisdictions. Continue reading

Is Foreign Bribery Jurisdiction an Element of Economic Sovereignty? (Part III of III)

by Michael Huneke and Jan Dunin-Wasowicz 

Part two of this article focused on the culmination of nearly 10 years of frustration in France with U.S. enforcement against French companies. The Gauvain Report recognized that the Blocking Statute, thought to be a counteraction to U.S. measures, failed nearly completely on its own to prevent foreign investigations in the absence of a meaningful enforcement counterweight from French authorities. This third and final part analyzes the significance of the Gauvain Report and outlines some thoughts for the future. Continue reading

Is Foreign Bribery Jurisdiction an Element of Economic Sovereignty? (Part II of III)

by Michael Huneke and Jan Dunin-Wasowicz 

Part one of this article surveyed the evolution of France’s policy perspective on the application of U.S. laws abroad and some of the reasons that led to the 2016 reform of the French anti-corruption framework. In this second part, the article discusses the context leading up to the 2019 parliamentary report and presents its recommendations.  

The Sapin II law has had an effect on the articulation of U.S. and French interests in anti-bribery enforcement. Illustrative of the changes are the June 2018 parallel resolution of criminal charges with U.S. and French authorities in the Société Générale case, as well as the January 2020 achievement by Airbus of a tri-partite coordinated settlement with French, U.K. and U.S, authorities, as part of which by far the largest penalty went to France. In these respects, the Sapin II reform along with the Parquet National Financier (PNF) appears to have paved the way to restoring perceived balance in the Franco-American relationship. Continue reading

OFAC Issues Guidance on COVID’s Impact on Compliance and Enforcement

by Paul Marquardt and Chase D. Kaniecki 

On April 20, OFAC issued COVID-related guidance indicating that it encourages those subject to its jurisdiction to contact the OFAC staff if they believe they will have difficulty meeting OFAC deadlines (whether reporting deadlines, responses to administrative subpoenas, or other matters). OFAC also encouraged electronic submission of any communications. In our experience, OFAC is still functioning at a relatively high level, remote operations notwithstanding, but the staff has also been flexible in responding to the challenges all institutions face. As OFAC’s guidance and our own experience underline, open communication with the staff is very important. Continue reading

Due Diligence in the Age of Coronavirus

by Jodi L. Avergun, James A. Treanor, Christian N. Larson, William N. Simpson, and Tammy Tran

In the context of COVID-19, there are significant challenges involved in conducting due diligence: hard-copy documents are inaccessible, in-person meetings have moved online, and on-site visits may be impossible.  Companies nonetheless can and should continue to comply with the law by adjusting policies and procedures, mitigating new risks that arise through the use of alternative diligence methods, and by staying abreast of changing regulatory expectations.

For compliance professionals, applying “enhanced” reviews to higher-risk scenarios necessarily requires direct human involvement: an experienced hand to assess the universe of available information and make sometimes difficult judgment calls. Certain aspects of this work can, with varying degrees of difficulty, be completed from the (in)convenience of the myriad home offices that have sprouted in response to the COVID-19 pandemic—assuming that the compliance professional is in possession of all required information. However, compliance teams face a major challenge in gathering the detailed information upon which compliance decisions are based. Physical documents are not accessible, travel is impossible, and in many cases, key information must be obtained from third parties who are themselves struggling to navigate the pandemic. Below, we propose strategies that corporations and financial institutions can adopt to remain in compliance with the law during the pandemic. Continue reading