Author Archives: Serina M. Vash

The Missing Account of Progressive Corporate Criminal Law

by William S. Laufer

This is a good time to revisit the normative, doctrinal, and policy-laden foundations of the corporate criminal law. With a new administration in the White House calling for a repeal of the costliest of corporate regulations and legislative reforms, it is tempting to speculate about the changing role of corporate compliance, and whether there will be much support for resort to corporate criminal liability. In a draft working paper entitled The Missing Account of Progressive Corporate Criminal Law (PDF: 1.43 MB), I contrast the constituent positions taken on corporate criminal liability, and propose one that is distinctly progressive. Continue reading

Is Corporate Responsibility for Human Rights the Next Anticorruption?

by Steve Nickelsburg, David DiBari and Rebecca Hekman

The international legal obligation to protect human rights has long been understood to be the province of sovereign states, not of corporations or individuals.  In the United States, litigation against corporations invoking statutes such as the Alien Tort Statute, the Torture Victim Protection Act, and the Trafficking Victims Protection Act has blurred that line – providing private plaintiffs a cause of action to address alleged human rights violations in a variety of circumstances.

The nuance of that litigation would take numerous additional posts to cover, but even against that backdrop, for corporations the general requirement to respect human rights traditionally has been more a matter of social expectation than legal and regulatory requirements, falling under the rubric “corporate social responsibility” (“CSR”) rather than “hard law.” Continue reading

Mitigating the Risk of Cybersecurity Whistleblowing

by Evan Bundschuh and Dallas Hammer

This post is the second part of a two-part post by the authors, entitled The Rise of Cybersecurity Whistleblowing.

Companies seeking to mitigate that risk of cybersecurity whistleblowing through insurance face a unique set of challenges. Cyber whistleblower claims fall in an area somewhere between cyber and D&O insurance, and poorly structured policies will yield little to no coverage. Organizations that have placed both policies nonetheless will likely assume that they have performed their due diligence and that coverage is in place for claims at time of loss. However, affording broad coverage for even standard whistleblower claims can be difficult. Continue reading

Responding to Pushback, New York Regulators Revise Proposed Cybersecurity Regulations

Courtesy of John F. Savarese and Marshall L. Miller

Last fall, with some fanfare, the New York State Department of Financial Services (DFS) announced proposed cybersecurity regulations. As we previously reported (PDF: 1,614 KB), in a break from prior, high-level standards, the proposed regulations shifted toward a more prescriptive approach, mandating specific policies, onerous government notification requirements, and hands-on oversight from corporate leaders. Commentators and financial industry groups pushed back during the comment period. In response, on December 28, 2016, DFS released revised regulations, which, subject to further comment, will now become effective on March 1, 2017. Continue reading

What Does It Mean to be a Monitor? (Revisited)

by Daniel R. Alonso

In a post on this site last fall, Prof. Veronica Root asked “What Does It Mean to be a Monitor?”[1] The point of her piece was to explain how the term “monitor” describes a number of activities and assignments that can be quite different from one another. Prof. Root’s post faithfully described different monitorship models, from court-ordered monitorships to corporate compliance monitorships. But the otherwise excellent post did not touch on a key piece of the monitorship puzzle—proactive monitorships, created in the absence of an action or settlement as a prophylactic against wrongdoing—without which any discussion of monitorships is incomplete.

Proactive monitors, sometimes called “integrity monitors” or in some contexts “independent private sector inspectors general,” play an important and growing role in the world of monitorships. A recent high-profile example is New York Times reporter Andrew Ross Sorkin’s open letter to President-elect Donald Trump, in which he suggested that if Mr. Trump did not place his assets in a blind trust, one way for him to ease concerns about potential conflicts of interest posed by his business empire would be to engage a corporate monitor to examine and report on such conflicts.[2] Such a monitor would, of course, have to be “truly independent.”[3]

Continue reading

Proactive Insider Trading Compliance Procedures After Salman

by Michael C. Neus

In light of the recent unanimous Supreme Court decision in Salman v. United States (PDF: 101 KB), savvy investors can assume that the Securities and Exchange Commission, as well as the Department of Justice, will continue to seek out cases of insider trading.  Much has been written about whether or not Salman dramatically changed the jurisprudence existing prior to the Second Circuit’s opinion in United States v. Newman.  Whether or not the landscape has changed in the wake of the Salman decision, how can in-house counsel and compliance officers manage and avoid potential insider trading issues? Continue reading

Securities Litigation Update: Circuit Court Split over the Constitutionality of SEC Administrative Law Judges Tees Up Issue for the Supreme Court

Courtesy of Greg D. Andres and Martine M. Beamon

The Tenth and D.C. Circuit Courts of Appeal have come to opposite conclusions in response to constitutional challenges to the Securities Exchange Commission’s (the “SEC’s”) appointment of Administrative Law Judges (“ALJs”). As detailed in our prior client alert, securities defendants across the country have contended that ALJs are inferior officers who were not appointed according to the Appointments Clause in Article II of the Constitution. The issue initially appeared settled when the D.C. Circuit held in Lucia v. SEC (PDF: 84 KB),[1] that ALJs were not officers subject to the requirements of the Appointments Clause.  But, on December 27, 2016, the Tenth Circuit decided in Bandimere v. SEC (PDF: 45 KB)[2] that ALJs were indeed inferior officers and therefore were in violation of the Appointments Clause. The Tenth Circuit’s ruling, if ultimately upheld, has implications for pending and prior SEC actions, and may lead to similar questions about other agencies’ administrative law judges. Given the circuit split, the constitutionality of the SEC’s ALJ appointment process may be headed to the Supreme Court. Continue reading

Four Important Dodd-Frank Whistleblower Program Developments to Watch for in 2017

by Erika A. Kelton

2016 was a banner year for the Dodd-Frank Act’s most significant anti-fraud enforcement provisions: the whistleblower programs at the Securities and Exchange Commission and the Commodity Futures Trading Commission.

In the five years since these programs were established, whistleblowers have rapidly changed the global securities and commodities compliance landscape. The success of the Dodd-Frank whistleblower programs can be attributed largely to the significant actions the SEC and CFTC have taken that signal that whistleblowers will be rewarded and protected for their information and assistance.

As a result of the SEC whistleblower program, more than $874 million in financial remedies have been collected from companies in financial penalties and disgorgement since the program was established in 2011. Because the totals attributed to the whistleblower program are only reported after a whistleblower award has been made, the reported totals lag behind the amounts actually recovered. I believe that the actual amounts the SEC has recovered by virtue of whistleblower information exceed $1.5 billion.

Last year, the SEC surpassed the $130 million mark in total awards paid to whistleblowers. The SEC also set a new bar for whistleblower protection, demonstrating that it will go after companies that retaliate against whistleblowers or have severance or confidentiality agreements that aim to discourage employees from reporting wrongdoing to government enforcement agencies.

The CFTC, meanwhile, paid out in 2016 its largest ever award — $10 million — to a single whistleblower.

With that momentum, 2017 is shaping up to be another transformative year for these programs. Here’s what to expect: Continue reading

The Rise of Cybersecurity Whistleblowing

by Dallas Hammer and Evan Bundschuh

Your company’s security controls are lacking, and a high level employee in IT is naturally worried – he’s addressed his concerns a number of times. Employees are regularly transmitting unencrypted information, sharing passwords and using non-compliant cloud services to share data and sensitive client side IP. This doesn’t seem overly alarming, we’ve all made similar mistakes, so the comments fall on deaf ears and operations continue. A few months later however the employee becomes increasingly vocal so senior management decides to let him go. Problem solved. Or…the problem might just be beginning.

Companies that ignore (and retaliate against) employees who address cybersecurity vulnerabilities can face significantly increased liability resulting from a new breed of whistleblower claims – cyber whistleblowing. With cyber regulatory oversight increasing at a rapid rate, these claims are poised to increase as well. While no federal laws specifically protect cybersecurity whistleblowers, existing anti-retaliation provisions are often broad enough to cover employees who raise information security concerns.  Most notably, federal statutes prohibiting retaliation against corporate whistleblowers and employees who report misconduct in connection with federal funds, as well as state wrongful discharge actions, may apply to cybersecurity whistleblowers. Continue reading

Key Trends in SEC Enforcement from FY2010-FY2016

by Anat Carmy-Wiechman

While numbers are a small part of the story, in the last three fiscal years, we have brought record numbers of enforcement actions, obtained unprecedented monetary remedies in the billions of dollars, and returned hundreds of millions of dollars to harmed investors.”

Mary Jo White, SEC Chair, in recent talk at NYU

Are numbers a small part of the story? As Mary Jo White is stepping down from her post in January 2017, after almost four years at the SEC, now is a good time to look at the numbers and at the story they are telling. In a new report (PDF: 664 KB), the NYU Pollack Center for Law & Business, in collaboration with Cornerstone Research, investigated recent trends in enforcement via the Securities Enforcement Empirical Database (SEED). Continue reading