Author Archives: Julius Sim

Prohibited AI Practices—A Deep Dive into Article 5 of the European Union’s AI Act

by Dr. Martin Braun, Anne Vallery, and Itsiq Benizri

photo of authors

From left to right: Dr. Martin Braun, Anne Vallery and Itsiq Benizri. (Photos courtesy of Wilmer Cutler Pickering Hale and Dorr LLP).

Article 5 of the AI Act essentially prohibits AI practices that materially distort peoples’ behavior or that raise serious concerns in democratic societies.

As explained in our previous blog post, this is part of the overall risk-based approach taken by the AI Act, which means that different requirements apply in accordance with the level of risk. In total, there are four levels of risk: unacceptable, in which case AI systems are prohibited; high risk, in which case AI systems are subject to extensive requirements; limited risk, which triggers only transparency requirements; and minimal risk, which does not trigger any obligations.

Continue reading

Cross-Border Implications of the FCA’s Consultation Paper on Publishing Information About the Opening and Progress of Investigations

by Michael A. Asaro, James Joseph Benjamin Jr., Ezra Zahabi, and Joe Hewton

photos of the authors

From left to right: Michael A. Asaro, James Joseph Benjamin Jr., Ezra Zahabi, and Joe Hewton. (Photos courtesy of Akin Gump Strauss Hauer & Feld LLP).

Last month, the United Kingdom Financial Conduct Authority (FCA) announced that it is considering new procedures under which it would publicly identify firms that are under investigation as soon as the investigation has been opened.[1] The consultation period closes on April 30, 2024. (See our recent client alert here). The proposed new approach—which, if adopted, would be a dramatic break from historical practice—would result in public disclosure before any charges have been filed and before the FCA has determined whether the firm actually did anything wrong. In this article, we draw comparisons between the investigation disclosure regimes in the U.K. and the United States. We also provide commentary on the FCA’s proposals.

Continue reading

Blockchain Analytics: A Reliable Use of Artificial Intelligence for Crime Detection and Legal Compliance

by Sujit Raman and Thomas Armstrong

photos of authors

From left to right: Sujit Raman and Thomas Armstrong. (Photos courtesy of authors).

Everyone these days is talking about artificial intelligence and how to use it responsibly. Among law enforcement and compliance professionals, discussions around the responsible use of AI are nothing new. Even so, recent advances in machine learning have turbocharged AI’s transformative potential in detecting, preventing, and—in a particular sense—even predicting illicit activity. These advances are especially notable in the field of blockchain analytics: the process of associating digital asset wallets to real-world entities.

In a recent, pathbreaking opinion and order, U.S. District Judge Randolph Moss rejected a criminal defendant’s challenge to the government’s evidentiary use of blockchain analytics to link him to illicit financial activity.[1] Many courts—including, just a few days ago, a U.S. district court in Massachusetts[2]—have relied on the validity of blockchain analytics when taking pre-trial actions like issuing seizure orders and authorizing arrest warrants; Judge Moss’s opinion is the first trial court examination of this powerful analytic capability. Taken together, this growing body of legal authority forcefully affirms the reliability—and therefore admissibility in court—of evidence derived from such analytics.

Continue reading

Amid Storm of Controversy, SEC Adopts Final Climate Disclosure Rules

by Stephen A. Byeff, Ning Chiu, Joseph A. Hall, Margaret E. Tahyar, Ida Araya-Brumskine, Loyti Cheng, Michael Comstock, and David A. Zilberberg

photos of authors

Top from left to right: Stephen A. Byeff, Ning Chiu, Joseph A. Hall, Margaret E. Tahyar.
Bottom left to right: Ida Araya-Brumskine, Loyti Cheng, Michael Comstock, and David A. Zilberberg. (Photos courtesy of Davis Polk & Wardwell LLP).

Changes from the proposal include elimination of Scope 3 disclosures, scaled back attestation requirements, additional materiality qualifiers and narrower financial statement triggers. Given the lack of explicit congressional authorization for this new sweeping disclosure regime, its political sensitivity, complexity, cost and the substantial challenges already underway in federal courts, we anticipate rapid developments and possibly confusing stops and starts to unfold over the coming weeks.

Continue reading

Supply Chain Due Diligence Obligations in Germany, France and the EU: An Overview

by Amélie Champsaur, Mirko von Bieberstein, Guillaume de Rancourt, Sebastian Kummler, Camille Kernevès, Andreas Wildner, and Marc Christopher Baldauf

Photos of authors

Top from left to right: Amélie Champsaur, Mirko von Bieberstein, Guillaume de Rancourt, Sebastian Kummler.
Bottom left to right: Camille Kernevès, Andreas Wildner, and Marc Christopher Baldauf. (Photos courtesy of Cleary Gottlieb Steen & Hamilton LLP).

Germany and France, the two largest economies in the EU, have adopted laws to hold companies accountable for violations concerning human rights and environmental protection along their supply chain. With the German Supply Chain Due Diligence Act (Lieferkettensorgfaltspflichtengesetz, LkSG”) and the French Duty of Vigilance Law (Loi de vigilance,Vigilance Law”) both countries have already implemented a respective regulatory framework that would be refined by a future European Corporate Sustainability Due Diligence Directive (“CS3D”), which would mandate all other Member States to implement similar laws.

The following provides an overview of the key aspects of the LkSG and the Vigilance Law, draws comparisons between the LkSG and the Vigilance Law and gives an outlook on the envisaged CS3D for supply chain due diligence in the EU in the future, based on the latest proposal.

Continue reading

SEC Issues Long-Awaited Climate-Related Disclosure Rule

by Eric T. Juergens, Benjamin R. Pedersen, Paul M. Rodel, Kristin A. Snyder, Caroline N. Swett, Ulysses Smith, Michael Keene, Mie Morikubo, Michael Pan, Amy Pereira, and Maayan G. Stein

photos of authors

Top left to right: Eric T. Juergens, Benjamin R. Pedersen, Paul M. Rodel, Kristin A. Snyder, Caroline N. Swett, and Ulysses Smith. Bottom left to right: Michael Keene, Mie Morikubo, Michael Pan, Amy Pereira, and Maayan G. Stein. (Photos courtesy of Debevoise & Plimpton LLP).

On March 6, 2024, the U.S. Securities and Exchange Commission (“SEC”) adopted a long-awaited final rule, The Enhancement and Standardization of Climate-Related Disclosures for Investors, which will require registrants, including foreign private issuers (“FPIs”),[1] to disclose extensive climate-related information in their registration statements and periodic reports (the “Final Rule”). The Final Rule is intended to facilitate the disclosure of “complete and decision-useful information about the impacts of climate-related risks on registrants” and to improve “the consistency, comparability, and reliability of climate-related information for investors.” The Final Rule constitutes one of the most significant changes ever to SEC disclosure requirements, and is expected to face legal challenges. The Final Rule is available here and the accompanying fact sheet is available here.

Continue reading

President Biden Issues Executive Order Granting Authorities to Regulate the Transfer of Sensitive U.S. Data to Countries of National Security Concern

by Eric J. Kadel Jr., Sharon Cohen Levin, Nicole Friedlander, Anthony J. Lewis, Andrew J. DeFilippis, Joshua Spiegel, and George L. McMillan

photos of authors

Top left to right: Eric J. Kadel Jr., Sharon Cohen Levin, Nicole Friedlander, Anthony J. Lewis.
Bottom left to right: Andrew J. DeFilippis, Joshua Spiegel and George L. McMillan. (Photos courtesy of Sullivan & Cromwell LLP).

SUMMARY

On February 28, 2024, President Biden issued Executive Order 14117, “Preventing Access to Americans’ Bulk Sensitive Personal Data and United States Government-Related Data by Countries of Concern” (the “Executive Order”), delegating new authorities to the U.S. Department of Justice (“DOJ”) and other agencies to regulate the transfer of sensitive U.S. data to countries of national security concern. The Executive Order focuses primarily on personal and other sensitive information, such as U.S. persons’ financial information, biometric data, personal health data, geolocation data, and information relating to government personnel and facilities.[1]

Continue reading

New Impersonator Rule Gives FTC a Powerful Tool for Protecting Consumers and Businesses

by Lesley Fair

photo of the author

Lesley Fair (photo courtesy of the author)

To turn the old adage on its head, imitation is the insincerest form of falsity. After years of fighting back against scammers who impersonate government agencies and companies, the FTC proposed a Trade Regulation Rule on Impersonation of Government and Businesses. The Rule would allow the FTC to recover consumer redress from impersonators or to seek civil penalties against those who violate the Rule. After a painstaking process of considering public comments about the proposal, the FTC just published a Final Rule  – and we think it’s an important step in the fight against this form of fraud. Continue reading

The New Threat in Business Email Compromise Schemes: Video “Deepfakes” of Corporate Executives

by Jonathon J. Rusch

Photo of author

Photo courtesy of the author

Cybercriminals around the world use a variety of exploits to conduct fraud schemes directed against individuals, companies, and government agencies. One of these schemes that has proved highly lucrative for cybercriminals over the past decade is the so-called “business email compromise” (BEC) scheme.[1]

BEC schemes typically involve cybercriminals’ infection of the email account of a corporate executive, then impersonating that company executive via email to direct a subordinate employee to wire-transfer a substantial amount of funds to one or more accounts that the cybercriminals control. The United States Secret Service has estimated current global daily losses to BEC schemes at approximately $8 million (an annualized $2.9 billion).[2]

Another online fraud technique that has been emerging more recently is the use of so-called “deepfakes.”  Deepfakes — a form of synthetic media that uses “deep learning” (artificial intelligence) technology to synthetically create or manipulate various media, including video, audio, and images[3] — are well-recognized in the U.S. and United Kingdom banking sectors as a significant threat to bank customers.[4] Voice deepfakes, for example, can be used to deceive customers as well as bankers into transferring funds out of customer accounts.[5]

Continue reading

Creating A European Union-Wide Anti-Money Laundering/Counter Financing of Terrorism Regime (Part I): The Anti-Money Laundering Authority

by Jonathan J. Rusch

Photos of the author

Photo courtesy of the author

Introduction

Since 2018, when the then-European Commissioner for Justice Věra Jourová described the Danske Bank money-laundering catastrophe[1] as “the biggest scandal in Europe”[2], the European Commission (EC), as the politically independent executive arm of the European Union (EU)[3], has worked assiduously to repair the substantial defects in Europe’s anti-money laundering and counter-financing of terrorism (AML/CFT) mechanisms.

Continue reading