Author Archives: Michelle Louise Austin

The Future of Anti-Corruption Enforcement Involving Brazil and the United States

by Bruce E. Yannett, David. A. O’Neil, Andrew M. Levine, Kara Brockmeyer, and Daniel Aun

The beginning of the year allows us to look back at recent developments in the white collar front involving Brazil and the United States, and prompts us to consider what to expect going forward, especially in light of the election of President Jair Bolsonaro and the appointment of former judge Sergio Moro as Minister of Justice. 

Lava Jato, Carne Fraca, and Zelotes are among the Brazilian anti-corruption operations that have echoed in the United States over the last few years.  Intensified cooperation between authorities in the two countries has fueled countless investigations, settlements, convictions, and related civil litigation.  U.S. criminal enforcement also has reverberated in Brazil, with the FIFA prosecutions being perhaps the most headline-making example.  Continue reading

CFTC Publishes Examination Priorities for 2019

By Seth Davis, Paul M. ArchitzelPetal P. Walker and Joseph M. Toner

On February 12, 2019, the Commodity Futures Trading Commission (CFTC or Commission) published for the first time its examination priorities for the coming year.[1] The release of the priorities will provide legal and compliance staff of CFTC-regulated entities greater insight into the Commission’s examination programs and assist them in better preparing for, and successfully navigating, an examination. The Commission bases its priorities on four pillars: (1) effective communication, (2) a risk-based determination of priorities, (3) continuous improvement and (4) efficiency. Continue reading

Strong Whistleblower Protections Reflect a Positive Compliance Culture

By Maria T. Vullo

In a recent submission (PDF: 2.36 MB) to Congress, the U.S. Securities & Exchange Commission (SEC) reported that, for fiscal year 2018, the SEC paid the largest whistleblower awards since the institution of its program in 2012 following the Dodd-Frank Wall Street Reform and Consumer Protection Act (Dodd-Frank).  Specifically, in FY 2018, the SEC awarded 13 individuals over $168 million collectively for tips that led to actions by the SEC to protect investors.[1]

Other statutes likewise provide financial incentives to whistleblowing.  Under the False Claims Act (FCA), for example, persons who report fraud in government contracting can receive up to 30 percent of the government’s recovery in an action.  Many states, including New York, have enacted state-level equivalents of the FCA.  For many decades, the FCA has contributed to large recoveries to the U.S. Treasury, with an expansion of recoveries in part due to the reporting of violations by whistleblowers. Continue reading

Hong Kong Court Confirms the SFC’s Broad Powers to Share Investigation Materials With Overseas Regulators

By Gareth Hughes, Mark Johnson, Emily Austin, Adam Lee, Christy Leung, Ralph Sellar, Cameron Sim and Emily Lam

Background

In 2014, the Securities and Futures Commission (the “SFC”) commenced an investigation into share trades undertaken by the First Applicant in 2013, after receiving a report from another licensed corporation indicating suspected market manipulation activities by a fund managed by the First Applicant. The trades concerned shares in Nitto Denko Corporation, a Japanese company listed on the Tokyo Stock Exchange.

During the course of the investigation, the SFC sought and obtained various materials from the First Applicant and its majority shareholder and responsible officer, the Second Applicant, pursuant to section 181 of the Securities and Futures Ordinance (the “SFO”). This section empowers the SFC to require the production of information including information about a client, details of a transaction and instructions relating to a transaction from a licensed person. Failure to comply with a demand from the SFC under section 181 without a reasonable excuse is a criminal offence.

In July 2014, the SFC received and acceded to a request for assistance from two Japanese regulators, the Financial Services Agency (the “FSA”) and the Securities and Exchange Surveillance Commission (the “SESC”). In particular, the SFC permitted the Japanese regulators to attend an SFC interview with the Second Applicant and provided them with materials previously disclosed by the Applicants in response to the SFC’s requests for information. Continue reading

The Rise of Cyber Negligence Claims: Plaintiffs Find Receptive Judges by Going Back to Basics

By Avi Gesser and David Robles

New cyber regulations, such as the California Consumer Privacy Act, have companies concerned about expanding potential liability.  Companies fear that private rights of action are being created that will allow consumers to sue by alleging that the companies failed to protect their personal information.  But attention should also be paid to plaintiffs’ recent successes in applying existing legal frameworks—such as basic tort law—to cyber cases.  We have previously written about the use of state consumer protection acts to recover in data breach cases.  Recently, plaintiffs have also made some significant inroads in bringing negligence actions against companies that have experienced cyber events.

On January 28, 2019, the U.S. District Court for the Northern District of Georgia issued a decision in the Equifax Consolidated Consumer Class Action, allowing the consumers’ negligence claims against Equifax to move forward.  Judge Thrash found that the consumers had sufficiently alleged injuries resulting from the breach, pointing to the “unauthorized charges on their payment cards as a result of the Data Breach” as actual, concrete injuries that are legally cognizable under Georgia law.  The Court rejected Equifax’s arguments that the consumer’s injuries should be attributed to the hackers and could have been caused by data breaches at other companies.  The Court noted that allowing companies “to rely on other data breaches to defeat a causal connection would ‘create a perverse incentive for companies: so long as enough data breaches take place, individual companies will never be found liable.’”  Critically, the Court found that, given the foreseeable risk of a data breach, Equifax owed consumers an independent legal duty of care to take reasonable measures to safeguard their personal information in Equifax’s custody.  In doing so, the Court found that the economic loss doctrine was not a bar to the consumers’ recovery because Equifax owed an independent duty to safeguard personal information. Continue reading

Microchipping Employees and Biometric Privacy Laws – It’s Time To Start Paying Attention

By Avi Gesser, David Popkin, and Michael Washington

Until recently, biometric privacy was a niche area of the law that had little application to most companies.  But with the rapid growth in commercial biometric data collection, including voice samples, fingerprints, retina scans, and facial geometry, as well as some recent developments in the applicable case law, it’s probably time for companies to start paying attention.  Indeed, one of our top privacy law predictions for 2019 was a judicial expansion of the notion of harm, which happened quicker than we anticipated in the context of gathering biometric data.

On January 25, 2019, the Illinois Supreme Court decided Rosenbach v. Six Flags Entertainment Corporation, 2019 IL 123186 (PDF: 61.7 KB), unanimously finding that plaintiffs could bring a private cause of action for violations of the notice and consent requirements of the state’s biometric privacy law without any showing of harm.  In Six Flags, a mother sued the owner of a theme park on behalf of her teenaged son after he was fingerprinted in connection with the purchase of a season pass to the park.  Neither the son nor the mother consented in writing to the taking of the fingerprint or signed any written release. Further, the park did not provide any documentation about their retention schedule or guidelines for retaining and then destroying the data.  The court found that individuals possess a right to privacy in and control over their biometric identifiers. Continue reading

Professor John Darley: An Appreciation

by Jonathan J. Rusch

One of the well-established concepts in social psychology and behavioral economics is loss aversion: i.e., “the idea that losses generally have a much larger psychological impact than gains of the same size.”[1]  Though usually discussed in the context of tangible gains and losses, loss aversion has some bearing on our response when a person who has made significant contributions in life passes away.  Our immediate sadness at the loss of the person can distract us from thinking about and appreciating the gains that he or she provided to society or to specific people.  For that reason, this post is devoted to a brief appreciation of Professor John Darley, focusing on aspects of his work that have applications to corporate compliance.

Professor Darley, who died several months ago at age 80, was not merely a distinguished Professor of Psychology and Public Affairs at Princeton University for many years, but “one of the foremost figures of social psychology.”[2]  He strongly influenced the growth and development of that field, in areas such as “morality and the law, the function of punishment, and the way organizations inadvertently promote evil.”[3] Continue reading

FinCEN and Federal Financial Institution Supervisory Agencies Issue Joint Statement on Innovative Efforts to Combat Money Laundering and Terrorist Financing

by Jonathan J. Rusch

FinCEN and Federal Financial Institution Supervisory Agencies Issue Joint Statement on Innovative Efforts to Combat Money Laundering and Terrorist Financing

On December 3, 2018, the Financial Crimes Enforcement Network (“FinCEN”) and the four federal financial institution supervisory agencies[1] (“the agencies”) issued a joint statement (“Joint Statement”) encouraging banks (i.e., banks, savings associations, credit unions, and foreign banks) “to consider, evaluate, and, where appropriate, responsibly implement innovative approaches to meet their Bank Secrecy Act/anti-money laundering (BSA/AML) compliance obligations, in order to further strengthen the financial system against illicit financial activity.”[2] Continue reading

Perspectives on Regulating Systemic Risk

by Steven L. Schwarcz

Whether the macroprudential regulation enacted to protect the stability of the financial system is sufficient to prevent another crisis is uncertain. Although much of that regulation represents good faith and, in many cases, highly thoughtful efforts to control systemic risk, its primary focus is on banks and other systemically important financial institutions (“SIFI”s). This entity-based approach may be too narrow because it largely ignores other critical elements of the system, such as financial markets.

Furthermore, influenced by political and media pressure to assign blame for the financial crisis, some of the entity-based regulation is itself imperfect. A major focus of that regulation, for example, is on controlling morally hazardous risk-taking by SIFIs that deem themselves “too big to fail” (“TBTF”). Capital requirements epitomize this approach, protecting SIFIs against losses by requiring them to hold minimum levels of capital. However, the ability of capital requirements to control systemic risk is unclear. The cost of capital requirements is also uncertain; some argue they impose no public costs, others argue to the contrary. Continue reading

Preparing for an Uptick in Congressional Investigations of Corporations

by Susanna M. Buergel, H. Christopher Boehning, Jessica S. Carey, Michael E. Gertzman, Roberto J. Gonzalez, Udi Grofman, Jeh Charles Johnson, Jonathan S. Kanter, Brad S. Karp, Mark F. Mendelsohn, and Alex Young K. Oh

Beginning next month, Democrats will control the House of Representatives for the first time since 2010.  Given the pent-up demand for House Democrats to make robust use of their oversight and investigative authorities, the current relative lull in congressional investigations of corporations is expected to end.  Corporations across sectors should anticipate an uptick in investigative activity. 

In addition to holding the majority for the first time in nearly a decade, this will be the first time that Democrats control the House since a 2015 rule change that empowered a number of committee chairs to subpoena witnesses or documents unilaterally.  The chairs of the following committees, among others, have this authority: Energy and Commerce; Financial Services; Intelligence; Judiciary; Natural Resources; and  Oversight and Government Reform.[1] Continue reading